rutor-info.ru Open in urlscan Pro
81.177.135.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://rutor-info.ru/
Submission Tags: falconsandbox
Submission: On April 10 via api (April 10th 2021, 1:34:21 pm UTC) from US

Summary HTTP 92 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 92 HTTP transactions. The main IP is 81.177.135.211, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is rutor-info.ru.

This is the only time rutor-info.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	81.177.135.211 81.177.135.211	8342 (RTCOMM-AS) (RTCOMM-AS)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	37.200.67.210 37.200.67.210	49505 (SELECTEL) (SELECTEL)
3 5	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	31.131.252.94 31.131.252.94	49505 (SELECTEL) (SELECTEL)
3	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2606:4700:303... 2606:4700:3035::ac43:c8d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
10 12	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
4 5	78.140.160.182 78.140.160.182	35415 (WEBZILLA) (WEBZILLA)
8 8	185.15.175.158 185.15.175.158	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
6 6	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
92	23

11 81.177.135.211 (Russian Federation)

ASN8342 (RTCOMM-AS, RU)

rutor-info.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.200.67.210 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.212.201.198 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (Russian Federation)

ASN49505 (SELECTEL, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 (^_^)/, GB)

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c8d3 (United States)

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.15.175.132 (Russian Federation) 10 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.140.160.182 (Netherlands) 4 redirects

ASN35415 (WEBZILLA, NL)

lpt2tv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.15.175.158 (Russian Federation) 8 redirects

ASN43226 (SAFEDATA Uplinks, RU)

h.dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.159 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	302 KB
23	digitaltarget.ru 18 redirects tag.digitaltarget.ru dmg.digitaltarget.ru h.dmg.digitaltarget.ru	34 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	90 KB
11	rutor-info.ru rutor-info.ru	131 KB
5	lpt2tv.ru 4 redirects lpt2tv.ru	2 KB
5	yadro.ru 3 redirects counter.yadro.ru	3 KB
4	bumlam.com 4 redirects sync.bumlam.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	googletagservices.com www.googletagservices.com	136 KB
4	pluso.ru share.pluso.ru	102 KB
3	kitbit.net kitbit.net	2 KB
3	google.com 2 redirects adservice.google.com www.google.com	523 B
2	yandex.ru 1 redirects an.yandex.ru	669 B
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	rt.ru 2 redirects fnc.rt.ru	1 KB
1	sniperlog.ru 1 redirects sync3.sniperlog.ru	305 B
1	mail.ru ad.mail.ru	635 B
1	rktch.com ut9.rktch.com	88 B
1	optinder.com optinder.com	790 B
1	ntvk1.ru 1 redirects p1.ntvk1.ru	562 B
1	googleapis.com fonts.googleapis.com	764 B
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	642 B
92	23

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net rutor-info.ru tpc.googlesyndication.com pagead2.googlesyndication.com
12	dmg.digitaltarget.ru	10 redirects
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net rutor-info.ru
11	pagead2.googlesyndication.com	rutor-info.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	rutor-info.ru	rutor-info.ru
8	h.dmg.digitaltarget.ru	8 redirects
5	lpt2tv.ru	4 redirects
5	counter.yadro.ru	3 redirects rutor-info.ru
4	sync.bumlam.com	4 redirects
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	share.pluso.ru	rutor-info.ru share.pluso.ru
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	share.pluso.ru kitbit.net
3	fonts.gstatic.com	fonts.googleapis.com
2	an.yandex.ru	1 redirects
2	sync3.adsniper.ru	2 redirects
2	fnc.rt.ru	2 redirects
2	www.google.com	2 redirects
1	sync3.sniperlog.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	ad.mail.ru
1	ut9.rktch.com
1	optinder.com
1	p1.ntvk1.ru	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
92	29

This site contains links to these domains. Also see Links.

Domain
pluso.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tag.digitaltarget.ru R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh

This page contains 13 frames:

Primary Page: http://rutor-info.ru/
Frame ID: 93FA74859C53797B80BB1FB86C30D7AA
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: 5C70803F3DA82E596942D4B0E988CCDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=114227762&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642800&bpp=10&bdt=261&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5163059047602&frm=20&pv=2&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7E01npWQsl&p=http%3A//rutor-info.ru&dtd=95
Frame ID: 99E39AF8E53B58DD46F51ED666AF5648
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95
Frame ID: 2A7EB40A30EE23FF8E48F61DA8B51B47
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98
Frame ID: D5FA368F44F6ADD27A95E131D878E798
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&adk=1812271804&adf=3025194257&lmt=1546488520&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frutor-info.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618061642814&bpp=1&bdt=275&idt=99&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C265x600&nras=1&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&dtd=102
Frame ID: 58E9C8475924E443470C9C0A23FECC6D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html
Frame ID: D1E1CA9AD602B40F076BE8B52A21AA53
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CPNVjSqlxYKHPO4SK3wOzj5ywApmlto5i36XH6_sMloLNhYgWEAEg_u6DDmCVAqAB5rC9vwPIAQmpAnS_-hk797M-qAMByANIqgS7AU_QIyTyk6WjKX-AABpCvOGxPRr-kX7DLdngPVgTySRPM33qx6H82ciAIwK4bMMlMP69ky3DWXJPJwguZ7w4s90OLI0llLp-CRDnMRJDKOyigyQ15GlmBBDnJpfBS2bBTxO8ONGtcy6iopsmLO03U0WEku5KuwfDcmuRxeqMLKkL3N6JzywUjnD3JgwEbRMD8a_BvmqtBrZJScTrQX1XDM9Qpe6vpbRor2tpciOifmC8feDpmQoY2K9iu9zABKner8TBA5IFBAgEGAGSBQQIBRgEoAYugAeCz8JAqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPSSB9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi02NzIzNjQ2MTIyODA3NDA4&sigh=QwoidHYwCuE&template_id=419&tpd=AGWhJmtwnISvuhqAyajbsjyzZdDBGjA652mFn_ctF4riQeKW3Q
Frame ID: D96EAD926B90BAD3A16EB547D603434A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4E2ECB48F641D68CFE2499D5FF69C0E0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 69E496090BC3387C2A51421E661B49F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7522AA98111A98F34981D5DF99483BA3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 441EA48D35BD80788412DD8305612CB6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7B4E6E6D6B943E56A95639CE32B5543A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

92
Requests

76 %
HTTPS

53 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

846 kB
Transfer

1859 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://pluso.ru/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

http://counter.yadro.ru/hit?t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675 HTTP 302
https://counter.yadro.ru/hit?t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675 HTTP 302
https://counter.yadro.ru/hit?q;t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 70

http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r;1 HTTP 307
https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r;1

Request Chain 82

http://p1.ntvk1.ru/nps HTTP 302
http://optinder.com/cro

Request Chain 87

http://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc HTTP 301
http://lpt2tv.ru/images/adv.gif?id=hr_4q4vf2cbhqq0_48us29lo51o0&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_4q4vf2cbhqq0_48us29lo51o0%26redirect%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F7179%252Fi%252Fi%253Fi%253D534579386333996.403130876320973%2526c%253Dtg%253Aadcm_pc%2526hcid%253D%257Bcookie%257D%2526hrid%253Dhr_4q4vf2cbhqq0_48us29lo51o0 HTTP 302
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_4q4vf2cbhqq0_48us29lo51o0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7179%2Fi%2Fi%3Fi%3D534579386333996.403130876320973%26c%3Dtg%3Aadcm_pc%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_4q4vf2cbhqq0_48us29lo51o0 HTTP 307
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_4q4vf2cbhqq0_48us29lo51o0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7179%2Fi%2Fi%3Fi%3D534579386333996.403130876320973%26c%3Dtg%3Aadcm_pc%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_4q4vf2cbhqq0_48us29lo51o0 HTTP 307
https://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc&hcid=....................&hrid=hr_4q4vf2cbhqq0_48us29lo51o0

Request Chain 89

http://dmg.digitaltarget.ru/1/6534/i/i?i=534579386333996.777040892110567&c=tg:adcm_pc HTTP 301
http://lpt2tv.ru/images/adv.gif?id=hr_4qgc7ddmxj80_25oh1zzq1e00&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_4qgc7ddmxj80_25oh1zzq1e00%26redirect%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F6534%252Fi%252Fi%253Fi%253D534579386333996.777040892110567%2526c%253Dtg%253Aadcm_pc%2526hcid%253D%257Bcookie%257D%2526hrid%253Dhr_4qgc7ddmxj80_25oh1zzq1e00 HTTP 302
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_4qgc7ddmxj80_25oh1zzq1e00&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6534%2Fi%2Fi%3Fi%3D534579386333996.777040892110567%26c%3Dtg%3Aadcm_pc%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_4qgc7ddmxj80_25oh1zzq1e00 HTTP 307
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6534%2Fi%2Fi%3Fi%3D534579386333996.777040892110567%26c%3Dtg%3Aadcm_pc%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_4qgc7ddmxj80_25oh1zzq1e00 HTTP 307
https://dmg.digitaltarget.ru/1/6534/i/i?i=534579386333996.777040892110567&c=tg:adcm_pc&hcid=....................&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=534579386333996.777040892110567&c=tg:adcm_pc&hcid=....................&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00 HTTP 307
https://fnc.rt.ru/1/6532/i/i?i=aFr7khSIc3b82Qc76lHG&c=tg:rds_6534 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=aFr7khSIc3b82Qc76lHG&c=tg:rds_6534&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/6533/i/i?i=800793001586998174749000000014992453&a=774&e=wvTIxf1qjFlr55550Xkf

Request Chain 90

http://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient%20http HTTP 301
http://lpt2tv.ru/images/adv.gif?id=hr_6ztb30pqs580_1v95e8ioijog&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_6ztb30pqs580_1v95e8ioijog%26redirect%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F1086%252Fi%252Fi%253Fi%253D534579386333996.670718990927030%2526a%253D86%2526e%253D5EFC831FF5A871602E0BE284023B1147%2526c%253Dss%253A86.up%253A5EFC831FF5A871602E0BE284023B1147.sync%253Aup.xdua%253AduMZkUtL8nAD_8RuAIsBqpZe.xps%253Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%253Arutor_info__ru.adcm%253Ahit.tg%253Aadcmjs_init%252520adcmjs_noorient%252520http%2526hcid%253D%257Bcookie%257D%2526hrid%253Dhr_6ztb30pqs580_1v95e8ioijog HTTP 302
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_6ztb30pqs580_1v95e8ioijog&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.670718990927030%26a%3D86%26e%3D5EFC831FF5A871602E0BE284023B1147%26c%3Dss%3A86.up%3A5EFC831FF5A871602E0BE284023B1147.sync%3Aup.xdua%3AduMZkUtL8nAD_8RuAIsBqpZe.xps%3Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%3Arutor_info__ru.adcm%3Ahit.tg%3Aadcmjs_init%2520adcmjs_noorient%2520http%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_6ztb30pqs580_1v95e8ioijog HTTP 307
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_6ztb30pqs580_1v95e8ioijog&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.670718990927030%26a%3D86%26e%3D5EFC831FF5A871602E0BE284023B1147%26c%3Dss%3A86.up%3A5EFC831FF5A871602E0BE284023B1147.sync%3Aup.xdua%3AduMZkUtL8nAD_8RuAIsBqpZe.xps%3Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%3Arutor_info__ru.adcm%3Ahit.tg%3Aadcmjs_init%2520adcmjs_noorient%2520http%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_6ztb30pqs580_1v95e8ioijog HTTP 307
https://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient%20http&hcid=....................&hrid=hr_6ztb30pqs580_1v95e8ioijog HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient%20http&hcid=....................&hrid=hr_6ztb30pqs580_1v95e8ioijog HTTP 307
https://ad.mail.ru/cm.gif?p=61&id=gWQK5eKKR8L6REn7AkJm

Request Chain 91

http://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_noorient%20http HTTP 301
http://lpt2tv.ru/images/adv.gif?id=hr_wd3oku75vps_4eqs8ee1pri0&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_wd3oku75vps_4eqs8ee1pri0%26redirect%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F1086%252Fi%252Fi%253Fi%253D534579386333996.474918074549719%2526a%253D86%2526e%253D5EFC831FF5A871602E0BE284023B1147%2526c%253Dss%253A86.up%253A5EFC831FF5A871602E0BE284023B1147.sync%253Aup.xdua%253AduMZkUtL8nAD_8RuAIsBqpZe.xps%253Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%253Arutor_info__ru.adcm%253Ahit.tg%253Aadcmjs_noorient%252520http%2526hcid%253D%257Bcookie%257D%2526hrid%253Dhr_wd3oku75vps_4eqs8ee1pri0 HTTP 302
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_wd3oku75vps_4eqs8ee1pri0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.474918074549719%26a%3D86%26e%3D5EFC831FF5A871602E0BE284023B1147%26c%3Dss%3A86.up%3A5EFC831FF5A871602E0BE284023B1147.sync%3Aup.xdua%3AduMZkUtL8nAD_8RuAIsBqpZe.xps%3Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%3Arutor_info__ru.adcm%3Ahit.tg%3Aadcmjs_noorient%2520http%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_wd3oku75vps_4eqs8ee1pri0 HTTP 307
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_wd3oku75vps_4eqs8ee1pri0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.474918074549719%26a%3D86%26e%3D5EFC831FF5A871602E0BE284023B1147%26c%3Dss%3A86.up%3A5EFC831FF5A871602E0BE284023B1147.sync%3Aup.xdua%3AduMZkUtL8nAD_8RuAIsBqpZe.xps%3Axpszl7Sq5lnQcz2rH9q25BQJ4.dn%3Arutor_info__ru.adcm%3Ahit.tg%3Aadcmjs_noorient%2520http%26hcid%3D%7Bcookie%7D%26hrid%3Dhr_wd3oku75vps_4eqs8ee1pri0 HTTP 307
https://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_noorient%20http&hcid=....................&hrid=hr_wd3oku75vps_4eqs8ee1pri0 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xps:xpszl7Sq5lnQcz2rH9q25BQJ4.dn:rutor_info__ru.adcm:hit.tg:adcmjs_noorient%20http&hcid=....................&hrid=hr_wd3oku75vps_4eqs8ee1pri0 HTTP 307
https://sync.bumlam.com/?src=amb2&uid=essmeo6ELCJTLsB7Hg6t HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjM0saDBlIF4-CkuQViFGVzc21lbzZFTENKVExzQjdIZzZ0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjM0saDBlIF4-CkuQViFGVzc21lbzZFTENKVExzQjdIZzZ0ogEQa1PAypoBEeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=amb2&s_data=CAIQABjM0saDBmIUZXNzbWVvNkVMQ0pUTHNCN0hnNnSiARBrU8DKmgER66bpACWQyCQ3 HTTP 302
https://sync.bumlam.com/?src=amb2&s_data=CAIQARjM0saDBmIUZXNzbWVvNkVMQ0pUTHNCN0hnNnSiARBrU8DKmgER66bpACWQyCQ3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext&google_gid=CAESEE2NotRTC9z6Cbvw1bAOiwg&google_cver=1 HTTP 301
https://sync.bumlam.com/?src=ggl&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext&google_gid=CAESEE2NotRTC9z6Cbvw1bAOiwg&google_cver=1 HTTP 302
https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?sign=959761067 HTTP 302
https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?redir-setuniq=1&sign=959761067

92 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
rutor-info.ru/ 7 KB
3 KB 262ms
164ms Document
text/html 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 4b6220b0f6af9f9b9b4345bb6c0e498e179e36738167179148b7fae427792946

Request headers

Host: rutor-info.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Type: text/html
Content-Length: 2935
Connection: keep-alive
Server: Jino.ru/mod_pizza
Last-Modified: Thu, 03 Jan 2019 04:08:40 GMT
ETag: "87d1b0d-1cb9-57e85eae8d3d5"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK jquery.min.js Show response
rutor-info.ru/ 70 KB
24 KB 79ms
78ms Script
application/javascript 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rutor-info.ru/jquery.min.js
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:11:41 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b0f-119ee-52823fc097d40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24606

GET
H/1.1 200
OK jquery.cookie-min.js Show response
rutor-info.ru/ 732 B
737 B 146ms
139ms Script
application/javascript 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rutor-info.ru/jquery.cookie-min.js
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:11:41 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b0e-2dc-52823fc097d40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 421

GET
H/1.1 200
OK functions.js Show response
rutor-info.ru/ 3 KB
2 KB 107ms
100ms Script
application/javascript 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rutor-info.ru/functions.js
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:11:40 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b05-d40-52823fbfa3b00"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1327

GET
H/1.1 200
OK index.css
rutor-info.ru/ 3 KB
1 KB 138ms
132ms Stylesheet
text/css 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://rutor-info.ru/index.css
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 25065c049280432e34d89a1bc4812b1bd7e3a933fb77ea89d9f1d42b0fe78be1

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:11:41 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b0b-cba-52823fc097d40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1090

GET
H/1.1 200
OK logo.jpg
rutor-info.ru/ 89 KB
89 KB 73ms
73ms Image
image/jpeg 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/logo.jpg
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: fea4e35b5430f28f154377a99921705a947621fb63a413f50b3f269763f92c65

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:42 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b10-16392-52823fc18bf80"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91026

GET
H/1.1 200
OK zaiti.gif
rutor-info.ru/ 3 KB
3 KB 72ms
71ms Image
image/gif 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/zaiti.gif
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: a1d3e2383ecd387242844341a7200834f5cf3517ab846f17d276a2adc0286421

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:38 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b1e-bfe-52823fbdbb680"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3070

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9073347465432709909
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48426
X-XSS-Protection: 0
Expires: Sat, 10 Apr 2021 13:34:02 GMT

GET
H/1.1 200
OK top.gif
rutor-info.ru/ 612 B
868 B 69ms
69ms Image
image/gif 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/top.gif
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:38 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b1b-264-52823fbdbb680"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 612

GET
H/1.1 200
OK news_line.jpg
rutor-info.ru/ 815 B
1 KB 54ms
53ms Image
image/jpeg 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/news_line.jpg
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/index.css
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: 8b9592e1f87ca0409266d4b98fd553dec8c9905ec2782f1c0526db1178e48757

Request headers

Referer: http://rutor-info.ru/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:42 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b16-32f-52823fc18bf80"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 815

GET
H/1.1 200
OK bbackgr.png
rutor-info.ru/ 3 KB
3 KB 136ms
130ms Image
image/png 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/bbackgr.png
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/index.css
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: a682fdf55d12206673fd39d71e37893badd8286e7c511dfa95e05c0b509b9618

Request headers

Referer: http://rutor-info.ru/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:39 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b00-b2b-52823fbeaf8c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2859

GET
H/1.1 200
OK menu_b1.gif
rutor-info.ru/ 2 KB
3 KB 111ms
105ms Image
image/gif 81.177.135.211
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rutor-info.ru/menu_b1.gif
Requested by: Host: rutor-info.ru
URL: http://rutor-info.ru/index.css
Protocol: HTTP/1.1
Server: 81.177.135.211 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: Jino.ru/mod_pizza /
Resource Hash: f04b184eb5417b9a81ab455fc07378efa326bbed2a5c74869b3d876b287307d8

Request headers

Referer: http://rutor-info.ru/index.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Last-Modified: Wed, 30 Dec 2015 21:11:42 GMT
Server: Jino.ru/mod_pizza
ETag: "87d1b14-9b7-52823fc18bf80"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2487

GET
H/1.1 200
OK pluso-like.js Show response
share.pluso.ru/ 41 KB
14 KB 110ms
103ms Script
application/javascript 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

http://share.pluso.ru/pluso-like.js

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

HTTP/1.1

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

3fec3621e4e3989a14afebcde4f0f183ce4b1140ccc5df193423c63aa9bee6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 May 2018 16:58:14 GMT
Server: nginx
ETag: 1435080775145190236
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675
https://counter.yadro.ru/hit?t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675
https://counter.yadro.ru/hit?q;t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675

437 B
891 B

62ms
61ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

f7fe3911f940e9d2bc35755db55f76ddbd7dd0940d1c817d7e6c165fc37f8bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 13:34:03 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 437
Expires: Thu, 09 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 13:34:02 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t42.10;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;0.6834214018206675
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 09 Apr 2020 21:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ 219 KB
83 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6723646122807408&plah=rutor-info.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83926
x-xss-protection: 0
server: cafe
etag: 9615343531509228114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 13:34:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame 5C70 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Apr 2021 14:06:23 GMT
expires: Fri, 23 Apr 2021 14:06:23 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 84459
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
642 B 63ms
41ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rutor-info.ru&callback=_gfp_s_&client=ca-pub-6723646122807408

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6723646122807408&plah=rutor-info.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

19c1c637da9d143c6c966e19af8009b92e87bd75cfe918b32ac0ec238c97b776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rutor-info.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 16ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rutor-info.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 99E3 76 KB
25 KB 577ms
562ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=114227762&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642800&bpp=10&bdt=261&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5163059047602&frm=20&pv=2&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7E01npWQsl&p=http%3A//rutor-info.ru&dtd=95

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd2700255f057947632bdc6f4dccc4e35df9d4bc2d2fbdb556112dcc2b86a134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=114227762&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642800&bpp=10&bdt=261&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5163059047602&frm=20&pv=2&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7E01npWQsl&p=http%3A//rutor-info.ru&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:34:03 GMT
server: cafe
content-length: 25112
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:49:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:03 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988871915048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28262
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:02 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2A7E 70 KB
26 KB 696ms
691ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c92953d5d4f2bc3748f9061c5a38e692cbc92ab71c28daf1dde164c88d31107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:34:03 GMT
server: cafe
content-length: 26273
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:49:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:03 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5FA 105 KB
34 KB 592ms
592ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ddfefbc0661b31651a3afc9c6776d3d8c68c6bd0d19276500e469ba822e3e58

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGc0avl8-8CFQTFdwodswcHJg&gqi=SqlxYO-bO9ff3wP57YWYDg&layout=/sadbundle/%24csp%253Der3%24/78096498092133154/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKGc0avl8-8CFQTFdwodswcHJg&gqi=SqlxYO-bO9ff3wP57YWYDg&layout=/sadbundle/%24csp%253Der3%24/78096498092133154/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 13:34:03 GMT
server: cafe
content-length: 33847
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:49:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:03 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58E9 0
549 B 60ms
60ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&adk=1812271804&adf=3025194257&lmt=1546488520&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frutor-info.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618061642814&bpp=1&bdt=275&idt=99&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C265x600&nras=1&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&dtd=102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6723646122807408&output=html&adk=1812271804&adf=3025194257&lmt=1546488520&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frutor-info.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618061642814&bpp=1&bdt=275&idt=99&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C265x600&nras=1&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:34:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 13:49:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:02 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame 99E3 6 KB
764 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=114227762&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642800&bpp=10&bdt=261&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5163059047602&frm=20&pv=2&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7E01npWQsl&p=http%3A//rutor-info.ru&dtd=95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 12:39:59 GMT
server: ESF
date: Sat, 10 Apr 2021 13:34:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 99E3 1 KB
990 B 35ms
12ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:29:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:29:54 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 99E3 17 KB
7 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 99E3 2 KB
1 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:33:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99E3 118 KB
36 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 99E3 13 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:03 GMT

GET
H2 200 1f3867f1f27527e43574e1cbaa2e66c3.js Show response
www.gstatic.com/mysidia/ Frame 99E3 25 KB
11 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1f3867f1f27527e43574e1cbaa2e66c3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 11:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 08:45:50 GMT
server: sffe
age: 181634
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10498
x-xss-protection: 0
expires: Wed, 07 Jul 2021 11:06:49 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99E3 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKuRxSqlxYJL1Oon33wPuvYyQB-Ds-IJhs-SNocoM4ePW580aEAEg_u6DDmCVAqAB8PiI0QPIAQmpAnS_-hk797M-qAMByAPLBKoEqgFP0Btj4W2_AKuGOZD8sOXaXhk8U5rfRgiaQFr781hx2zuTmgOAPz_XBo2sJWSIo63N1q0X_VZcq3KsUUD5c_4TGhAFeFhuC7vByVtbcHKUNtMOWFV7f-dEk4gWYeDcd63cM3OKxdxbWOVWBkwzVNy1ueXTQwZWh5xDSqSy1rRTEqA5n3fMRdCBUq1K3WGauNEQMN6FerSa1iUdsPlHC-G4ROafg7CcmbD7NMAE0YSNrIcDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_iG9y6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhJYV0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUArIXGgoYCAASFHB1Yi02NzIzNjQ2MTIyODA3NDA4&sigh=f_Xs-zh_dlE&template_id=5000&tpd=AGWhJmv8ops1Yv0726Nq5-sFTujyJlAXYhpsI3jYTOhZdY7now

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=114227762&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642800&bpp=10&bdt=261&idt=75&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5163059047602&frm=20&pv=2&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=321&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=7E01npWQsl&p=http%3A//rutor-info.ru&dtd=95
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6277803653550682228/ Frame 99E3 16 KB
17 KB 26ms
10ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6277803653550682228/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503788ea940d8a9f9052ba8bc4a9bfb9e5d1c5a8f38f82dcafe96e586f5c9775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:04:08 GMT
x-content-type-options: nosniff
age: 214195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16809
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 11:51:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:04:08 GMT

GET
DATA 200
OK truncated
/ Frame 99E3 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fc322e402725e574ed8d6cbe52904a48c6ae55a1676719a63dc762c2b90fc4c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 86 KB
19 KB 36ms
21ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566af4e3b3a178c76efd695efb2daf41c281ae784f6e5dee103e6fa952469ec2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/78096498092133154/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 09 Apr 2021 05:24:33 GMT
expires: Sat, 09 Apr 2022 05:24:33 GMT
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 18521
age: 115770
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame D96E 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPNVjSqlxYKHPO4SK3wOzj5ywApmlto5i36XH6_sMloLNhYgWEAEg_u6DDmCVAqAB5rC9vwPIAQmpAnS_-hk797M-qAMByANIqgS7AU_QIyTyk6WjKX-AABpCvOGxPRr-kX7DLdngPVgTySRPM33qx6H82ciAIwK4bMMlMP69ky3DWXJPJwguZ7w4s90OLI0llLp-CRDnMRJDKOyigyQ15GlmBBDnJpfBS2bBTxO8ONGtcy6iopsmLO03U0WEku5KuwfDcmuRxeqMLKkL3N6JzywUjnD3JgwEbRMD8a_BvmqtBrZJScTrQX1XDM9Qpe6vpbRor2tpciOifmC8feDpmQoY2K9iu9zABKner8TBA5IFBAgEGAGSBQQIBRgEoAYugAeCz8JAqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPSSB9IICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi02NzIzNjQ2MTIyODA3NDA4&sigh=QwoidHYwCuE&template_id=419&tpd=AGWhJmtwnISvuhqAyajbsjyzZdDBGjA652mFn_ctF4riQeKW3Q

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame D96E 17 KB
7 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:29 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame D96E 2 KB
1 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:33:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D96E 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame D96E 13 KB
6 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:03 GMT

GET
DATA 200
OK truncated
/ Frame 99E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dadb1f3229dd52f23244c449e7bb7d30aeb1eda1b6fb731410d87056d173fa37

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 99E3 16 KB
16 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 404295
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 99E3 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 404295
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 99E3 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 21:15:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 404295
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 05 Apr 2022 21:15:48 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E2E 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlN2_LOxXI1mR78_lTdgO0mK8auH3yzZcuoZM7vMYzK6FAQPpuYcyV7wryJ7No; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=600&twa=1&slotname=9897078159&adk=1418534667&adf=525765898&pi=t.ma~as.9897078159&w=265&fwrn=4&fwrnh=100&lmt=1546488520&psa=0&format=265x600&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&fwr=0&rh=600&rw=265&wgl=1&dt=1618061642813&bpp=1&bdt=274&idt=96&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1335&ady=190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=3A5v2j3Cx1&p=http%3A//rutor-info.ru&dtd=98

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 10 Apr 2021 13:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 638
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D96E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 251c8b18f67c644044d52a834a078824d30bddcf3163ef77f87a4a268035ac83

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 69E4 14 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:08:46 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D1E1 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 01:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 11 Apr 2021 01:08:59 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D1E1 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 18:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 10 Apr 2021 18:54:37 GMT

GET
H3-Q050 200 15048890144838685039
tpc.googlesyndication.com/simgad/ Frame 2A7E 13 KB
13 KB 10ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15048890144838685039?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnlzYtnhfAov6cQYkeohpcaRqxdIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba0ca671bddf97d40808b2bced95243bbaa112c01b025e3941f2a3789ffcc01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:01:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Oct 2020 08:14:03 GMT
server: sffe
age: 99151
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12887
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:01:32 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 2A7E 17 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17914786394753848863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:29 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2A7E 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:33:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:33:33 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A7E 118 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2A7E 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 13:31:03 GMT

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 2A7E 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10481
x-xss-protection: 0
server: cafe
etag: 6535096331343443408
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:07:25 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7522 143 B
165 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlN2_LOxXI1mR78_lTdgO0mK8auH3yzZcuoZM7vMYzK6FAQPpuYcyV7wryJ7No; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 10 Apr 2021 13:23:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 638
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4E2E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlN2_LOxXI1mR78_lTdgO0mK8auH3yzZcuoZM7vMYzK6FAQPpuYcyV7wryJ7No; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:34:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Apr-2021 14:34:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:34:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2A7E 0
21 B 44ms
43ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW9DrSqlxYLnCO9KlrASu94P4BZzM5J5iy8X7_a4N9Y38wgMQASD-7oMOYJUCoAGXyo2aAsgBAqkCdL_6GTv3sz6oAwHIA8kEqgSrAU_QjiP3CVK0Yk-_XHoMk6kfUnXGledktSjReP-4J0Rf_qKIO8GdK0lwR1yVQDehV5wZ01Ik563Dwl0lQVlNJROk7QNH1T2HJpZfwT9SLf9lv-6ZTo51dy_-WgRzgAXQTTB6fosRPqbKxZhTFQ_ps2xgJJDP1YXh66dCP5GpiCwitRM0C9IxkxPIb2hbUdmlNjlrl-V1CFVHFC0C2MidrqJxRRUyKYZpMKPb48AEk6K22qYDkgUECAQYAZIFBAgFGASgBgKAB9G18uUBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELGkG9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi02NzIzNjQ2MTIyODA3NDA4&sigh=3ooXzA1RN1A&tpd=AGWhJmv-W9yG_KYFdvS16Oalu7C-A6BvwcvBa1sgGvfQBKLV6A&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 13:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A7E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec0c4fc86fa3c0f341f7a9e1a54bbb7f696fa4cbbe22e2b6fa0f7151ae206f2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame D1E1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:08:46 GMT

GET
H3-Q050 200 Element_30.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 6 KB
2 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_30.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2188a40d661fbfc65861b22187ec21e37e65ae4520274dc4d84b971d5e9a95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 93274
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2011
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Fri, 09 Apr 2021 11:39:29 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 11:39:29 GMT

GET
H3-Q050 200 Element_31.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 6 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_31.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b9ba20fc2492e59160f17f7e54141a1e7005f4f3df8dbada5826ba2b70abdf4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 59534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2000
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Fri, 09 Apr 2021 21:01:49 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 21:01:49 GMT

GET
H3-Q050 200 Element_22.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_22.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24743bed02587747939aa125d9b36b01eb3f6c8a679f3ac7abd44e33d3c0f320

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 214198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1077
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Thu, 08 Apr 2021 02:04:05 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:04:05 GMT

GET
H3-Q050 200 Element_21.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 246 B
2 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_21.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cccdfc9685c82f9da35b309e421801f5503721b4b8651f35145b81d829c2904

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 98915
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Fri, 09 Apr 2021 10:05:28 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 10:05:28 GMT

GET
H3-Q050 200 Element_14_2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 5 KB
2 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_14_2.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 59534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1735
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Fri, 09 Apr 2021 21:01:49 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Apr 2022 21:01:49 GMT

GET
H3-Q050 200 Element_8_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 489 B
321 B 14ms
13ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_8_1.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0188fab720f1334270627cccac2585f2b94617812e6dcf51ec5e69e68d73d080

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 142550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Thu, 08 Apr 2021 21:58:13 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 21:58:13 GMT

GET
H3-Q050 200 Element_16_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 470 B
354 B 13ms
12ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_16_1.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

451eeb3a16182e4f5ab0f67ffd585f78d1f0251af49a1efb24cf7384af3c88e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 142550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 270
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Thu, 08 Apr 2021 21:58:13 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 21:58:13 GMT

GET
H3-Q050 200 Element_15_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 9 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_15_1.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab2ef986feb77abadf3bc5d66f6b465efe5e4fa46887de8439ab1210c838b03c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 142550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2242
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Thu, 08 Apr 2021 21:58:13 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 21:58:13 GMT

GET
H3-Q050 200 Element_14_1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/ Frame D1E1 3 KB
1 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/78096498092133154/Element_14_1.svg

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3148cdea46438ed09146552a04ed07050ef1cabbd95e0b2033acbfc7deb0a8d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 214198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1398
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 15:42:55 GMT
server: sffe
date: Thu, 08 Apr 2021 02:04:05 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Apr 2022 02:04:05 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7522
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

14ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlN2_LOxXI1mR78_lTdgO0mK8auH3yzZcuoZM7vMYzK6FAQPpuYcyV7wryJ7No; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:34:03 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 10-Apr-2021 14:34:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 13:34:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 10 Apr 2021 13:34:03 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 116 B
463 B 57ms
56ms Script
application/javascript 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

http://share.pluso.ru/process?act=counter&u=http%3A%2F%2Frutor-info.ru%2F&w=1600&h=1200&ref=&uid=1435080775145190236&k=TQspdrIH3XRnA38b&first=1

Requested by

Host: share.pluso.ru
URL: http://share.pluso.ru/pluso-like.js

Protocol

HTTP/1.1

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

c028d76eeda7817318146db5c07b10937c018983799da121b3b2a4338d393c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:03 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 116
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440...
https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u044...
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0...

43 B
315 B

60ms
60ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r;1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 13:34:04 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Thu, 09 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 13:34:03 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttp%3A//rutor-info.ru/;hRutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 09 Apr 2020 21:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01b69ade62056d22d583483df94ee90f3744a84e44a618e965c1400f5c115f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 13:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0

GET
H/1.1 200
OK 01.png
share.pluso.ru/img/pluso-like/round/big/ 85 KB
85 KB 104ms
97ms Image
image/png 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://share.pluso.ru/img/pluso-like/round/big/01.png

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

HTTP/1.1

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

134b5d30b0454de8889032ab475e1fe745fc026f439d5c3921c7de4c61271e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-15319"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 86809
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 100ms
94ms Image
image/png 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://share.pluso.ru/img/plus.png

Requested by

Host: rutor-info.ru
URL: http://rutor-info.ru/

Protocol

HTTP/1.1

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 441E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6723646122807408&output=html&h=280&slotname=6943611754&adk=66431862&adf=165372718&pi=t.ma~as.6943611754&w=336&lmt=1546488520&psa=0&format=336x280&url=http%3A%2F%2Frutor-info.ru%2F&flash=0&wgl=1&dt=1618061642811&bpp=2&bdt=272&idt=92&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=5163059047602&frm=20&pv=1&ga_vid=1245701616.1618061643&ga_sid=1618061643&ga_hid=1981996172&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=664&ady=392&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=4196044307873861&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eVp40Pn3fO&p=http%3A//rutor-info.ru&dtd=95

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8717
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:08:46 GMT

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 116ms
109ms Script
application/javascript 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

http://kitbit.net/kb.js

Requested by

Host: share.pluso.ru
URL: http://share.pluso.ru/pluso-like.js

Protocol

HTTP/1.1

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

48812a181d2bcf8275caf8a5dc0213d4bd96d339e7062517d9f88b49b117fca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:32:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmBxqPWE4gsuRxE7Ag==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Apr 2021 19:32:37 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 13:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7B4E 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rutor-info.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rutor-info.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 10 Apr 2021 13:33:44 GMT
expires: Sun, 10 Apr 2022 13:33:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 19
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B4E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 8718
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:08:46 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 179ms
58ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: http://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 57ms
56ms Script
application/javascript 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

http://kitbit.net/s.js?u=http%3A%2F%2Frutor-info.ru%2F

Requested by

Host: kitbit.net
URL: http://kitbit.net/kb.js

Protocol

HTTP/1.1

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:32:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Apr 2021 13:32:36 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 123ms
116ms Image
image/gif 31.131.252.94
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://kitbit.net/h.gif?r=&s=1600*1200*24&u=http%3A//rutor-info.ru/&h=Rutor%20Info%20-%20%u043D%u043E%u0432%u043E%u0435%20%u0437%u0435%u0440%u043A%u0430%u043B%u043E%20%u0442%u043E%u0440%u0440%u0435%u043D%u0442-%u0442%u0440%u0435%u043A%u0435%u0440%u0430%20Rutor%20org%21%20%7C%20%u0417%u0430%u0439%u0442%u0438%20%u043D%u0430%20%u0440%u0443%u0442%u043E%u0440%20%u043B%u0435%u0433%u043A%u043E%20%u0441%20r%26kbuid%3D5EFC831FF5A871602E0BE284023B1147

Protocol

HTTP/1.1

Server

31.131.252.94 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:32:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8XmBxqPWD8AsoRkzYAg==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Apr 2021 13:32:37 GMT

GET
H/1.1

200
OK

cro
optinder.com/
Redirect Chain

http://p1.ntvk1.ru/nps
http://optinder.com/cro

0
790 B

39ms
25ms

Image
application/octet-stream

2606:4700:3035::ac43:c8d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://optinder.com/cro
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:c8d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aaCn4K%2BHH4U4Tir2v6s%2F5y5gJN0HfK3SVdFpvjlm9u9aNtJhZ1YBsqXsBNYAvQsnsh41uCpWUj7JTUF0bXAJAtWv8PsLs%2B1JitjCq2khYhzi3Dciwc1Aqqg%3D"}],"group":"cf-nel"}
Content-Type: application/octet-stream
Connection: keep-alive
CF-RAY: 63dc59bc486e0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 0
cf-request-id: 095d9669a800000629111dc000000001

Redirect headers

X-77-NZT: AcO1ryzZ8vqB
Date: Sat, 10 Apr 2021 13:34:04 GMT
Last-Modified: Sat, 10 Apr 2021 13:34:03 GMT
Server: CDN77-Turbo
X-77-NZT-Ray: foH2LCsAwnM=
X-77-Cache: MISS
Content-Type: text/html; charset=UTF-8
Location: //optinder.com/cro
Cache-Control: no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
X-Cache: MISS
Connection: keep-alive
X-77-POP: frankfurtDE
Content-Length: 0
X-Request-Id: 121821393-1-1618061644.129
Expires: Sat, 10 Apr 2021 13:34:03 GMT

GET
H/1.1 200
OK sud
ut9.rktch.com/ 88 B
88 B 150ms
143ms Image
image/png 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ut9.rktch.com/sud
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 88
Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=4196044307873861&bg=!xcalxoLNAAY56aLOOek7ACkAdvg8WqvrUt4kMMPjjmGFQgiXRUbJWHREWUVeZs1LMIGbfb4eUtaxAgIAAABDUgAAAApoAQcKAZo7j5Yx7gSKezrFjkLUErkRPGYaI9cR7nay5zWdH8dmCkxQqrMWj0Voz3B7WYXb0M8cxtztOwQh4cwWc0wXsAJmYvi_qhXuyVRKIt25i5pR23LK1hvb3CFn0DZZ2QCAsSrnXX7PiwRWZe7Jo4x4NQ8PeUcrLLZlVZgOjA-VXUri0OJhYoYZWYWaH_eVYCZ_N96G7bo1OeUdV-FtJxc0qqZl3Hhccp3OhcPAUS2ZMI-uFFl8mxbGssOdriaDjlfOkQZ-J5D7SkoPb6gAZ4CGOxQwOTbC0IvDdQ9wnZ6swo6YUHC7XG26lJeGPL8o4PB_eWgkIKejbvzLC6pNb2FGqhYUSPdmzu9QAdBwakaO95kU1ZjDNGAxlVJQpiO5OwHaUK8ALT1ryKZn7QTOuX-oBddAeTpN_rcYzAreNNRvXQMYApuaYtt8rRr0_d4WPgebsMjgmWXsayu_4Z00aLlMseV0lVZdOQmHTjljWfA8S_M-ykozeh5pPot-3H5PdUUNFip1kC0TIkqJuVB5Oekwjl93asb9nos2iz0zFpkByHTK4TjzPeSkuZUrah6RfcyF9_P6rl8K_ycJaPP51qaO9akswTDFcfs6ZbGfmfoDxJnWXdYiH43gfoFbAswj_riTnRCd_cgF3Vd49x61bxt_4er9dSi06c6Y5M01zDqaqTY7YQmq0hGzm7bAqljC-pnR4qPgRtlYi0eQzXYB6azfOQdjpGQrIFM85X_U16zk_ZnGcYtsCuUyPsp9gSHwDwnYYcCIw0xdHbnpYH6ugITGaKCcWjKEFuhaQ0CsfLgFOxbIbE0BDAv2Pxy9ppOqeZlCY6NHAH4Op-ySI9fXSvwxVLxwIt_Kut7KfYkP9Htuk4PkL2WVg-RkvFKOMMl48ul7DSshd4w-86qDlBoecPrGspZ1kYmwaPr-EQumAVo6jjNP2Wj4GVU__N7Yq_VPkU9DVYxL0JfbAIMgoAri0L4dTnEyp-aF0u3mIjaIwoyJmTghfBtQbNHOGJrVrIUZER5h1dU6YzQ8UGXGMyXy2EL_8K1cBfe89hVWueTtT4NprfhkLa6cxgl7BB6O72gZY2VynYxQE-xbCxYrM9eUhdhl0MVB8kD3Em-I0I6NnxnVzW-Lx0djyBnJDEH7wTkbPxNIvxvdV6EQkg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 15 KB
16 KB 111ms
111ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=500607364361684
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-3da0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15776

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 732 B
976 B 59ms
59ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=326805359039918
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: acde19dd39fd4b3b76819f21d622af86dcdf0cb00967a337a01005e8316ccb1f

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-2dc"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 732

GET
H/1.1

400
Bad Request

i
dmg.digitaltarget.ru/1/7179/i/
Redirect Chain

http://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc
http://lpt2tv.ru/images/adv.gif?id=hr_4q4vf2cbhqq0_48us29lo51o0&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_4q4vf2cbhqq0_48us29lo51o0%26redirect%3Dhttps%253A%252F%252Fdmg.digital...
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_4q4vf2cbhqq0_48us29lo51o0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7179%2Fi%2Fi%3Fi%3D534579386333996.403130876320973%26c%3Dtg%3Aadcm_pc%26hc...
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_4q4vf2cbhqq0_48us29lo51o0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7179%2Fi%2Fi%3Fi%3D534579386333996.403130876320973%26c%3Dt...
https://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc&hcid=....................&hrid=hr_4q4vf2cbhqq0_48us29lo51o0

64 B
64 B

190ms
65ms

Image
text/html

185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc&hcid=....................&hrid=hr_4q4vf2cbhqq0_48us29lo51o0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1f7074979fd5d0bd1b952ba189e7767c19a93f86d9fd67dc3557dcf58aea6c26

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 64
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/1/7179/i/i?i=534579386333996.403130876320973&c=tg:adcm_pc&hcid=....................&hrid=hr_4q4vf2cbhqq0_48us29lo51o0
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK adv.gif
lpt2tv.ru/images/ 43 B
209 B 33ms
21ms Image
image/gif 78.140.160.182
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://lpt2tv.ru/images/adv.gif?id=duZQjKazRbAaLneqi5Txh5JS
Protocol: HTTP/1.1
Server: 78.140.160.182 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:04 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/6533/i/
Redirect Chain

http://dmg.digitaltarget.ru/1/6534/i/i?i=534579386333996.777040892110567&c=tg:adcm_pc
http://lpt2tv.ru/images/adv.gif?id=hr_4qgc7ddmxj80_25oh1zzq1e00&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_4qgc7ddmxj80_25oh1zzq1e00%26redirect%3Dhttps%253A%252F%252Fdmg.digital...
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_4qgc7ddmxj80_25oh1zzq1e00&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6534%2Fi%2Fi%3Fi%3D534579386333996.777040892110567%26c%3Dtg%3Aadcm_pc%26hc...
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6534%2Fi%2Fi%3Fi%3D534579386333996.777040892110567%26c%3Dt...
https://dmg.digitaltarget.ru/1/6534/i/i?i=534579386333996.777040892110567&c=tg:adcm_pc&hcid=....................&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00
https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=534579386333996.777040892110567&c=tg:adcm_pc&hcid=....................&hrid=hr_4qgc7ddmxj80_25oh1zzq1e00
https://fnc.rt.ru/1/6532/i/i?i=aFr7khSIc3b82Qc76lHG&c=tg:rds_6534
https://fnc.rt.ru/1/6532/i/i?i=aFr7khSIc3b82Qc76lHG&c=tg:rds_6534&q=scc
https://dmg.digitaltarget.ru/1/6533/i/i?i=800793001586998174749000000014992453&a=774&e=wvTIxf1qjFlr55550Xkf

49 B
603 B

108ms
108ms

Image
image/gif

185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/6533/i/i?i=800793001586998174749000000014992453&a=774&e=wvTIxf1qjFlr55550Xkf

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 35
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Location: https://dmg.digitaltarget.ru/1/6533/i/i?i=800793001586998174749000000014992453&a=774&e=wvTIxf1qjFlr55550Xkf
Date: Sat, 10 Apr 2021 13:34:05 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/
Redirect Chain

http://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xp...
http://lpt2tv.ru/images/adv.gif?id=hr_6ztb30pqs580_1v95e8ioijog&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_6ztb30pqs580_1v95e8ioijog%26redirect%3Dhttps%253A%252F%252Fdmg.digital...
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_6ztb30pqs580_1v95e8ioijog&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.670718990927030%26a%3D86%26e%3D5EFC831F...
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_6ztb30pqs580_1v95e8ioijog&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.670718990927030%26a%3D8...
https://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=534579386333996.670718990927030&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:d...
https://ad.mail.ru/cm.gif?p=61&id=gWQK5eKKR8L6REn7AkJm

43 B
635 B

131ms
46ms

Image
image/gif

2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=61&id=gWQK5eKKR8L6REn7AkJm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 13:34:05 GMT
Last-Modified: Sat, 10 Apr 2021 13:34:05 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sat, 10 Apr 2021 19:34:05 GMT

Redirect headers

Date: Sat, 10 Apr 2021 13:34:05 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://ad.mail.ru/cm.gif?p=61&id=gWQK5eKKR8L6REn7AkJm
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 109
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

404

5461E6CD9BAAA1B4
an.yandex.ru/setud/adsniper/
Redirect Chain

http://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.xp...
http://lpt2tv.ru/images/adv.gif?id=hr_wd3oku75vps_4eqs8ee1pri0&r=http%3A%2F%2Fh.dmg.digitaltarget.ru%2Fawg%2F7273%3Fhrid%3Dhr_wd3oku75vps_4eqs8ee1pri0%26redirect%3Dhttps%253A%252F%252Fdmg.digitalta...
http://h.dmg.digitaltarget.ru/awg/7273?hrid=hr_wd3oku75vps_4eqs8ee1pri0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.474918074549719%26a%3D86%26e%3D5EFC831FF...
http://h.dmg.digitaltarget.ru/awg/7273?call_source=awg&hrid=hr_wd3oku75vps_4eqs8ee1pri0&redirect=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F1086%2Fi%2Fi%3Fi%3D534579386333996.474918074549719%26a%3D86...
https://dmg.digitaltarget.ru/1/1086/i/i?i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:duMZkUtL8nAD_8RuAIsBqpZe.x...
https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=534579386333996.474918074549719&a=86&e=5EFC831FF5A871602E0BE284023B1147&c=ss:86.up:5EFC831FF5A871602E0BE284023B1147.sync:up.xdua:d...
https://sync.bumlam.com/?src=amb2&uid=essmeo6ELCJTLsB7Hg6t
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjM0saDBlIF4-CkuQViFGVzc21lbzZFTENKVExzQjdIZzZ0
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjM0saDBlIF4-CkuQViFGVzc21lbzZFTENKVExzQjdIZzZ0ogEQa1PAypoBEeum6QAlkMgkNw**
https://sync.bumlam.com/?src=amb2&s_data=CAIQABjM0saDBmIUZXNzbWVvNkVMQ0pUTHNCN0hnNnSiARBrU8DKmgER66bpACWQyCQ3
https://sync.bumlam.com/?src=amb2&s_data=CAIQARjM0saDBmIUZXNzbWVvNkVMQ0pUTHNCN0hnNnSiARBrU8DKmgER66bpACWQyCQ3
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext
https://sync3.sniperlog.ru/?src=ggl&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext&google_gid=CAESEE2NotRTC9z6Cbvw1bAOiwg&google_cver=1
https://sync.bumlam.com/?src=ggl&extra1=essmeo6ELCJTLsB7Hg6t&extra2=amber&extra3=ext&google_gid=CAESEE2NotRTC9z6Cbvw1bAOiwg&google_cver=1
https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?sign=959761067
https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?redir-setuniq=1&sign=959761067

43 B
113 B

85ms
84ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?redir-setuniq=1&sign=959761067

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://rutor-info.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:05 GMT
content-encoding: gzip
last-modified: Sat, 10 Apr 2021 13:34:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 10 Apr 2021 13:34:05 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:05 GMT
content-encoding: gzip
last-modified: Sat, 10 Apr 2021 13:34:05 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/5461E6CD9BAAA1B4?redir-setuniq=1&sign=959761067
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 10 Apr 2021 13:34:05 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 99E3 42 B
155 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbm8dgrIcMl_CIMc92i49xLXy5MFj2LhCWReWKVOngXwwWily0D3jmm7s2o9Av4C9MwTsM89ZiFmr1BWbCjJOgtrGu4Yd395X-CK7shcVS8i_offkAibcF0Eearw&sai=AMfl-YS9dunOJAGPJJWjkn2rFo7_h1deDGibtj169mt-OI_mp_4CnMomQWEBXyaa6yn6VuBrhmXwY7iTyo8C&sig=Cg0ArKJSzFQpUP0T1CWWEAE&id=osdim&mcvt=1001&p=392,321,672,657&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=66431862&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618061642899&dlt=580&rpt=68&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D96E 42 B
66 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss68iCtjZvX5GYJqIlog8svoR5T80cHUVx2VHVlKbihvyP_9sc9iTuaFWgVlSfWihE2lkEBdHvtA4JDkI3pe4bo_3w6zS00ASCLcvHrwL1fuGhG0-nJCRJC37hBtw&sai=AMfl-YQTk2vXHb7pR1IzR5SZC0G5DcNI5-Wi-DFBr2fXMGlO1VSfgXETVUQzW5YuLZQnODeolD3LNbBLy0SC&sig=Cg0ArKJSzHvtyU2l9QTzEAE&id=osdim&mcvt=1003&p=190,1336,720,1601&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1418534667&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618061642911&dlt=619&rpt=53&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A7E 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbslKABce31FrsnWGIqRsIy51kLhVRH3SpCIn_i1CkCindXS8wFbB42O2TAQ2UdHcDGLMk1_Q4cPwsS5nNyZ4NfVRvlAqlX11wMLt_Grn3vNI3mKb8VwHZkdUlFw&sai=AMfl-YS1jUyztxzLFcKw44tY4vyBjF27iCqgYAQwe3b-lyK5iCnlRwfQxGjOmXccZyQxTWbKTlSKDqpsnhU9&sig=Cg0ArKJSzJrJluh3A9W8EAE&id=osdim&mcvt=1000&p=392,664,672,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=66431862&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618061642907&dlt=0&rpt=51&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 13:34:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:27:45	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 17:27:42	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 02:49:17	Name: IDE Value: AHWqTUlN2_LOxXI1mR78_lTdgO0mK8auH3yzZcuoZM7vMYzK6FAQPpuYcyV7wryJ7No
.rutor-info.ru/	1970-01-20 02:49:17	Name: __gads Value: ID=01a86fca3d4bfa89-228fd6ea0ebb000f:T=1618061642:RT=1618061642:S=ALNI_MbBFsk7QFLgvWOT-uCP0h_ec5cDwA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adservice.google.com
adservice.google.de
an.yandex.ru
cm.g.doubleclick.net
counter.yadro.ru
dmg.digitaltarget.ru
fnc.rt.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.dmg.digitaltarget.ru
kitbit.net
lpt2tv.ru
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rutor-info.ru
share.pluso.ru
sync.bumlam.com
sync3.adsniper.ru
sync3.sniperlog.ru
tag.digitaltarget.ru
tpc.googlesyndication.com
ut9.rktch.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
142.250.186.162
185.15.175.132
185.15.175.134
185.15.175.137
185.15.175.158
2606:4700:3035::ac43:c8d3
2a00:1148:db00::17
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a02:6b8::90
2a02:6ea0:c700::1
31.131.252.94
31.172.81.159
31.172.81.172
37.200.67.210
78.140.160.182
81.177.135.211
88.212.201.198
89.108.97.2
0188fab720f1334270627cccac2585f2b94617812e6dcf51ec5e69e68d73d080
01b69ade62056d22d583483df94ee90f3744a84e44a618e965c1400f5c115f37
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
134b5d30b0454de8889032ab475e1fe745fc026f439d5c3921c7de4c61271e0e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c1c637da9d143c6c966e19af8009b92e87bd75cfe918b32ac0ec238c97b776
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
1f2188a40d661fbfc65861b22187ec21e37e65ae4520274dc4d84b971d5e9a95
1f7074979fd5d0bd1b952ba189e7767c19a93f86d9fd67dc3557dcf58aea6c26
1fc322e402725e574ed8d6cbe52904a48c6ae55a1676719a63dc762c2b90fc4c
24743bed02587747939aa125d9b36b01eb3f6c8a679f3ac7abd44e33d3c0f320
25065c049280432e34d89a1bc4812b1bd7e3a933fb77ea89d9f1d42b0fe78be1
251c8b18f67c644044d52a834a078824d30bddcf3163ef77f87a4a268035ac83
2cccdfc9685c82f9da35b309e421801f5503721b4b8651f35145b81d829c2904
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3148cdea46438ed09146552a04ed07050ef1cabbd95e0b2033acbfc7deb0a8d2
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3fec3621e4e3989a14afebcde4f0f183ce4b1140ccc5df193423c63aa9bee6df
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
4379d5f31e3f6afe959f9b9a7f92c2b482dbddff7f95a73abf78066dc7d7facc
451eeb3a16182e4f5ab0f67ffd585f78d1f0251af49a1efb24cf7384af3c88e7
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47266f5d8118cec1898402204dbdfa8d5a2343b6ceec8c2036ea1d86552d519b
48812a181d2bcf8275caf8a5dc0213d4bd96d339e7062517d9f88b49b117fca4
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b6220b0f6af9f9b9b4345bb6c0e498e179e36738167179148b7fae427792946
503788ea940d8a9f9052ba8bc4a9bfb9e5d1c5a8f38f82dcafe96e586f5c9775
566af4e3b3a178c76efd695efb2daf41c281ae784f6e5dee103e6fa952469ec2
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
79df9f5b18cac4dbaec0808448c15e094b5fe20d04aabfe7bed9e6ae07739dfd
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
7c92953d5d4f2bc3748f9061c5a38e692cbc92ab71c28daf1dde164c88d31107
874d19eae19d9f20a884d976ccca6092c91da6ee8c71d8be1c5c893acbad9159
8b9592e1f87ca0409266d4b98fd553dec8c9905ec2782f1c0526db1178e48757
8b9ba20fc2492e59160f17f7e54141a1e7005f4f3df8dbada5826ba2b70abdf4
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9ddfefbc0661b31651a3afc9c6776d3d8c68c6bd0d19276500e469ba822e3e58
a1d3e2383ecd387242844341a7200834f5cf3517ab846f17d276a2adc0286421
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a682fdf55d12206673fd39d71e37893badd8286e7c511dfa95e05c0b509b9618
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab2ef986feb77abadf3bc5d66f6b465efe5e4fa46887de8439ab1210c838b03c
acde19dd39fd4b3b76819f21d622af86dcdf0cb00967a337a01005e8316ccb1f
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
ba0ca671bddf97d40808b2bced95243bbaa112c01b025e3941f2a3789ffcc01b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd2700255f057947632bdc6f4dccc4e35df9d4bc2d2fbdb556112dcc2b86a134
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
c028d76eeda7817318146db5c07b10937c018983799da121b3b2a4338d393c62
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc5fb9f3f03b87b14d7ab37b3f0d3a156649abd7b740cfa32faab7da33dc00f8
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d47ad6a2c2fa3bbd326ea77e4a328ea45e13f67593684237859ef21ed594222d
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
dadb1f3229dd52f23244c449e7bb7d30aeb1eda1b6fb731410d87056d173fa37
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0c4fc86fa3c0f341f7a9e1a54bbb7f696fa4cbbe22e2b6fa0f7151ae206f2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b184eb5417b9a81ab455fc07378efa326bbed2a5c74869b3d876b287307d8
f7fe3911f940e9d2bc35755db55f76ddbd7dd0940d1c817d7e6c165fc37f8bc4
fea4e35b5430f28f154377a99921705a947621fb63a413f50b3f269763f92c65

rutor-info.ru Open in urlscan Pro 81.177.135.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

76 %HTTPS

53 %IPv6

23 Domains

29 Subdomains

23 IPs

4 Countries

846 kBTransfer

1859 kBSize

4 Cookies

2 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rutor-info.ru Open in urlscan Pro
81.177.135.211 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

76 %
HTTPS

53 %
IPv6

23
Domains

29
Subdomains

23
IPs

4
Countries

846 kB
Transfer

1859 kB
Size

4
Cookies

92 HTTP transactions
4 data transactions