urlscan.io logo urlscan.io
SecurityTrails logo

news.2xclick.ru Open in urlscan Pro
93.95.100.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://news.2xclick.ru/
Effective URL: https://news.2xclick.ru/
Submission: On November 25 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 8 countries across 21 domains to perform 84 HTTP transactions. The main IP is 93.95.100.117, located in Russian Federation and belongs to MTW-AS, RU. The main domain is news.2xclick.ru. The Cisco Umbrella rank of the primary domain is 160658.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.
This is the only time news.2xclick.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 93.95.100.117 48347 (MTW-AS)
38 93.95.99.151 48347 (MTW-AS)
1 142.250.181.234 15169 (GOOGLE)
1 185.148.37.79 48347 (MTW-AS)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 216.58.212.142 15169 (GOOGLE)
4 93.184.221.133 15133 (EDGECAST)
2 142.250.186.131 15169 (GOOGLE)
2 87.250.250.90 13238 (YANDEX)
3 10 87.250.251.119 13238 (YANDEX)
2 3 91.216.195.18 12516 (WEBORAMA ...)
2 4 34.111.205.194 396982 (GOOGLE-CL...)
1 1 35.190.24.218 15169 (GOOGLE)
5 178.154.131.217 13238 (YANDEX)
1 74.125.133.157 15169 (GOOGLE)
1 2 80.239.201.44 1299 (TWELVE99 ...)
2 34.149.247.216 15169 (GOOGLE)
1 142.250.185.132 15169 (GOOGLE)
1 172.217.23.99 15169 (GOOGLE)
1 34.107.182.139 396982 (GOOGLE-CL...)
2 2 142.250.181.226 15169 (GOOGLE)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 2 67.220.228.202 16509 (AMAZON-02)
3 145.239.211.22 16276 (OVH)
2 2 185.83.142.19 29990 (ASN-APPNEX)
1 2 185.86.139.114 201081 (SMARTADSE...)
84 25
4    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
38    93.95.99.151 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: mail3.itech-group.ru
zn2.gnezdo.news
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
1    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net
www.google-analytics.com
4    93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cstatic.weborama.fr
2    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com
2    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
10    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
3    91.216.195.18 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-01-vip.weborama.fr
gnezdoruanalytics.solution.weborama.fr
wam-google.solution.weborama.fr
4    34.111.205.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.205.111.34.bc.googleusercontent.com
dx.frontend.weborama.com
1    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
rd.frontend.weborama.fr
5    178.154.131.217 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net
2    80.239.201.44 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-44.teliacarrier-cust.com
mc.webvisor.org
2    34.149.247.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.247.149.34.bc.googleusercontent.com
ds.frontend.weborama.fr
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
www.google.se
1    34.107.182.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.182.107.34.bc.googleusercontent.com
bsd.frontend.weborama.fr
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    67.220.228.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    145.239.211.22 (Romans-sur-Isère, France)

ASN16276 (OVH, FR)
PTR: ip22.ip-145-239-211.eu
p.crm4d.com
2    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
Apex Domain
Subdomains		 Transfer
38 gnezdo.news
zn2.gnezdo.news
445 KB
12 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3506
mc.yandex.ru — Cisco Umbrella Rank: 3347
121 KB
12 weborama.fr
cstatic.weborama.fr — Cisco Umbrella Rank: 20056
gnezdoruanalytics.solution.weborama.fr
rd.frontend.weborama.fr — Cisco Umbrella Rank: 14997
ds.frontend.weborama.fr — Cisco Umbrella Rank: 94274
bsd.frontend.weborama.fr — Cisco Umbrella Rank: 94119
wam-google.solution.weborama.fr — Cisco Umbrella Rank: 126078
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 21961
15 KB
5 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6220
161 KB
4 weborama.com
dx.frontend.weborama.com — Cisco Umbrella Rank: 25176
520 B
3 crm4d.com
p.crm4d.com — Cisco Umbrella Rank: 182298
3 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
1 KB
3 gnezdo.ru
news.gnezdo.ru — Cisco Umbrella Rank: 131137
fcgi5.gnezdo.ru — Cisco Umbrella Rank: 105292
6 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1388
382 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
2 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 905
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 430
747 B
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 24640
713 B
2 gstatic.com
fonts.gstatic.com
26 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
20 KB
2 2xclick.ru
news.2xclick.ru — Cisco Umbrella Rank: 160658
8 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 333
448 B
1 google.se
www.google.se — Cisco Umbrella Rank: 26699
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 400
67 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
1 KB
84 21
Domain Requested by
38 zn2.gnezdo.news news.2xclick.ru
zn2.gnezdo.news
10 mc.yandex.ru 3 redirects news.2xclick.ru
cdn.jsdelivr.net
5 yastatic.net an.yandex.ru
4 dx.frontend.weborama.com 2 redirects news.2xclick.ru
cstatic.weborama.fr
4 cstatic.weborama.fr news.2xclick.ru
cstatic.weborama.fr
3 p.crm4d.com ds.frontend.weborama.fr
cstatic.weborama.fr
2 sync.smartadserver.com 1 redirects cstatic.weborama.fr
2 ib.adnxs.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects cstatic.weborama.fr
2 pixel.tapad.com 1 redirects cstatic.weborama.fr
2 cm.g.doubleclick.net 2 redirects
2 ds.frontend.weborama.fr cstatic.weborama.fr
2 mc.webvisor.org 1 redirects news.2xclick.ru
2 gnezdoruanalytics.solution.weborama.fr 1 redirects news.2xclick.ru
2 an.yandex.ru news.2xclick.ru
an.yandex.ru
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com news.2xclick.ru
www.google-analytics.com
2 news.gnezdo.ru news.2xclick.ru
2 news.2xclick.ru 1 redirects
1 idsync.rlcdn.com cstatic.weborama.fr
1 idsync.frontend.weborama.fr cstatic.weborama.fr
1 wam-google.solution.weborama.fr 1 redirects
1 bsd.frontend.weborama.fr cstatic.weborama.fr
1 www.google.se news.2xclick.ru
1 www.google.com news.2xclick.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 rd.frontend.weborama.fr 1 redirects
1 cdn.jsdelivr.net news.2xclick.ru
1 fcgi5.gnezdo.ru news.2xclick.ru
1 fonts.googleapis.com zn2.gnezdo.news
84 30

This site contains links to these domains. Also see Links.

Domain
gnezdo.online
lk-gnezdo.com
news.gnezdo.ru
Subject Issuer Validity Valid
news.2xclick.ru
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
zn2.gnezdo.ru
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
news.gnezdo.ru
R3		 2022-09-18 -
2022-12-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
fcgi5.gnezdo.ru
R3		 2022-11-05 -
2023-02-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-17 -
2023-11-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-21 -
2023-04-21		 6 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-08-31 -
2023-02-28		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2022-02-22 -
2023-03-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.se
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2022-08-30 -
2023-10-01		 a year crt.sh
crm4d.com
R3		 2022-10-21 -
2023-01-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://news.2xclick.ru/
Frame ID: 458048F355BE594CC230C73C1DB68369
Requests: 70 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Frame ID: 38ACAFD797421BF72F74A40C7B7EAC17
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gnezdo.ru

Page URL History Show full URLs

  1. http://news.2xclick.ru/ HTTP 301
    https://news.2xclick.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

88 %
HTTPS

0 %
IPv6

21
Domains

30
Subdomains

25
IPs

8
Countries

874 kB
Transfer

1880 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://news.2xclick.ru/ HTTP 301
    https://news.2xclick.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A244178988197%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A195117282%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Ast%3A1669365175&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A244178988197%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A195117282%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Ast%3A1669365175&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 49
  • https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A938094105402%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A375340620%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A938094105402%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A375340620%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Request Chain 53
  • https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref= HTTP 302
  • https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref=&BOUNCE=OK
Request Chain 54
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//news.2xclick.ru/ HTTP 302
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F&bounce=1&random=221520710 HTTP 302
  • https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=TcxeIoYmuG9N
Request Chain 64
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9833.fqefZZzmT5xVN-6av9JWqAizLYixk_oUwleEgqcCVtYq3h4j7xUnqW1b4Hortd_u.tAlN7_IPiqpSBrKvPtCmhZqPL3w%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9833.sFPYyUSCaU3MLPYYNDhhOWVCAB7yoRv0RB1N2Ejag_QiG3KPs9_XGIwWZBxPLC5lbGJmK4Tn-urD8AY6WUdgyoYvZ0zNkvYwOQ_sn2RkaDQ%2C.oA__VJZ0umqRSgtBw1f8LJXwydE%2C
Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1 HTTP 301
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1
Request Chain 74
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=TcxeIoYmuG9N HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=TcxeIoYmuG9N
Request Chain 75
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ&dcc=t
Request Chain 81
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID HTTP 302
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=6917734023066697573
Request Chain 82
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
news.2xclick.ru/
Redirect Chain
  • http://news.2xclick.ru/
  • https://news.2xclick.ru/
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
68ba2fc5583d97e65c356f62a2dc7440f1af8f3e35c80739a910a3cfa16c6f0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 25 Nov 2022 08:32:53 GMT
Expires
Fri, 25 Nov 2022 08:32:54 GMT
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx/1.10.3
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Fri, 25 Nov 2022 08:32:53 GMT
Location
https://news.2xclick.ru/
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Server
nginx/1.10.3
style15.css
zn2.gnezdo.news/new-lenta/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zn2.gnezdo.news/new-lenta/style15.css?1234
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Sep 2020 04:23:00 GMT
Server
nginx/1.18.0
ETag
"5f740824-848"
Content-Type
text/css
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
2120
Expires
Thu, 31 Dec 2037 23:55:55 GMT
health.css
zn2.gnezdo.news/new-lenta/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zn2.gnezdo.news/new-lenta/health.css?1
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Last-Modified
Tue, 29 Sep 2020 05:06:00 GMT
Server
nginx/1.18.0
ETag
"5f72c0b8-8f1"
Content-Type
text/css
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2289
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gnezdo_news_tracker_new.js
news.gnezdo.ru/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.gnezdo.ru/gnezdo_news_tracker_new.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
38ae87178f71332dbcae793c850eedc9424733257e213a1009dfa9a53ffc6ef0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 10:03:35 GMT
Server
nginx/1.10.3
ETag
"fb7-5eb7470459467-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1070
white-logo.png
zn2.gnezdo.news/new-lenta/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/new-lenta/img/white-logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Last-Modified
Fri, 12 Jul 2019 13:56:00 GMT
Server
nginx/1.18.0
ETag
"5d289170-1100"
Content-Type
image/png
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4352
Expires
Thu, 31 Dec 2037 23:55:55 GMT
enter_ad.png
zn2.gnezdo.news/src/ 		693 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/src/enter_ad.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
679c798fd4e7e8b2e875df662470ae6a0e01f5d8490a8d22bca5d419b30987cd

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Last-Modified
Tue, 25 Apr 2017 08:51:00 GMT
Server
nginx/1.18.0
ETag
"58ff0df4-2b5"
Content-Type
image/png
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
693
Expires
Thu, 31 Dec 2037 23:55:55 GMT
health.jpg
news.gnezdo.ru/tests/health/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/tests/health/health.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Last-Modified
Thu, 08 Nov 2018 10:09:56 GMT
Server
nginx/1.10.3
ETag
"5be40b74-110b"
Content-Type
image/jpeg
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4363
Expires
Sat, 25 Nov 2023 08:32:53 GMT
jquery-2.2.4.min.js
zn2.gnezdo.news/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn2.gnezdo.news/js/jquery-2.2.4.min.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Apr 2018 12:54:00 GMT
Server
nginx/1.18.0
ETag
"5ad9e2e8-7429"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
29737
Expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.js
zn2.gnezdo.news/new-lenta/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn2.gnezdo.news/new-lenta/modernizr.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jun 2018 11:03:00 GMT
Server
nginx/1.18.0
ETag
"5b34c064-53e"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
1342
Expires
Thu, 31 Dec 2037 23:55:55 GMT
new_lenta_colors15.js
zn2.gnezdo.news/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn2.gnezdo.news/js/new_lenta_colors15.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:53 GMT
Last-Modified
Wed, 19 Oct 2022 06:06:24 GMT
Server
nginx/1.18.0
ETag
"634f93e0-1253"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4691
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://zn2.gnezdo.news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 25 Nov 2022 08:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 07:46:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Nov 2022 08:32:53 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//news.2xclick.ru/&tracker_id=lenta&0.38718077456154965
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

server
nginx
date
Fri, 25 Nov 2022 08:32:54 GMT
content-type
image/gif; charset=windows-1251
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		161 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e54a9bc2d28a88e7e6d212e692821e07f601185ee5b5e972355a8bbcd9f3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28666
x-jsd-version
1.249.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA, cache-yyz4566-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NatIXPdWtWlS0wUtWKe3ztV1C8y6whbKCf%2FGIjejDd2c73Va8FTkqYAWsZDvLNFBFU6VRTJ6woTFMUBgEpAJVjJ03f9W7%2FU51CnzsUitX4yAnrnBoyee2SSlbBLLXaplyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76f90952993c0a44-ARN
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 25 Nov 2022 07:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4085
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 25 Nov 2022 09:24:49 GMT
products.js
cstatic.weborama.fr/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/products.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F763) /
Resource Hash
852e37ac44dab7846ddfac9f5e07eda80059ff907373269a0ef82e3e45031e46

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 14:56:17 GMT
server
ECAcc (ska/F763)
age
235919
etag
"55964192+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control
max-age=604800
accept-ranges
bytes
content-length
7329
expires
Fri, 02 Dec 2022 08:32:54 GMT
pink-top.png
zn2.gnezdo.news/new-lenta/img/ 		143 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/new-lenta/img/pink-top.png
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 20 Aug 2019 12:24:00 GMT
Server
nginx/1.18.0
ETag
"5d5be660-8f"
Content-Type
image/png
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
143
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1163851_24aff56726.jpg
zn2.gnezdo.news/img/300x300/851/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/851/1163851_24aff56726.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
295beed51d4e3ae8a6087b0af30dcc0093d8a498d7d48ad909c8f1d96316ca9b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 20 Jul 2021 06:12:00 GMT
Server
nginx/1.18.0
ETag
"60f66930-340d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13325
Expires
Thu, 31 Dec 2037 23:55:55 GMT
like.png
zn2.gnezdo.news/new-lenta/img/ 		684 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/new-lenta/img/like.png
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 28 Jun 2018 10:56:00 GMT
Server
nginx/1.18.0
ETag
"5b34bec0-2ac"
Content-Type
image/png
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
684
Expires
Thu, 31 Dec 2037 23:55:55 GMT
close.png
zn2.gnezdo.news/new-lenta/img/ 		276 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/new-lenta/img/close.png
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/new-lenta/style15.css?1234
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://zn2.gnezdo.news/new-lenta/style15.css?1234
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 28 Jun 2018 10:56:00 GMT
Server
nginx/1.18.0
ETag
"5b34bec0-114"
Content-Type
image/png
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
276
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1048915_7b068ea9d2.jpg
zn2.gnezdo.news/img/280x217/915/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/915/1048915_7b068ea9d2.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
07dff4294d7bce1593b3247b02972ba60bb4132aa18daccad3d4e6cc5752cff7

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 05 Jan 2021 17:03:00 GMT
Server
nginx/1.18.0
ETag
"5ff49bc4-4164"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
16740
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1298749_f802d27390.jpg
zn2.gnezdo.news/img/280x217/749/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/749/1298749_f802d27390.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
c079ec0d8d8e7f30048ac0bfe52c3ffc0b41b21924867edb849c194980395324

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 31 May 2022 03:28:56 GMT
Server
nginx/1.18.0
ETag
"62958b78-3265"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12901
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1469945_40ec2472be.jpg
zn2.gnezdo.news/img/300x300/945/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/945/1469945_40ec2472be.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
736b04e75aad7f9e077b34c0d4ce4dd260c3d586efeb4a0d572bc2f86724d2cb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 19 Nov 2022 12:30:14 GMT
Server
nginx/1.18.0
ETag
"6378cc56-4495"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17557
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1473028_a63a44636a.jpg
zn2.gnezdo.news/img/280x217/028/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/028/1473028_a63a44636a.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
3cf6952661c411edab6b566170f4fe561dec2689a8f61db7a41760a6b1dec85a

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 24 Nov 2022 18:24:50 GMT
Server
nginx/1.18.0
ETag
"637fb6f2-2581"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
9601
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:44:26 GMT
x-content-type-options
nosniff
age
586108
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9692
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 13:44:26 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 08:45:21 GMT
x-content-type-options
nosniff
age
258453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 08:45:21 GMT
context.js
an.yandex.ru/system/ 		429 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
a2c68e2102a75b29b86e21df3afed3d355400708566759f8a7e546047aec7eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-yandex-req-id
1669365174361671-586456720770877656300103-production-app-host-vla-pcode-429
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 25 Nov 2022 09:32:54 GMT
1473052_8cfc6521a6.jpg
zn2.gnezdo.news/img/280x217/052/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/052/1473052_8cfc6521a6.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
1f0ce2a0bd61ac89f3f54722b1876bc598895f0cb8ff3addf5594d16542a4100

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 24 Nov 2022 20:22:28 GMT
Server
nginx/1.18.0
ETag
"637fd284-2f9e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12190
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1471903_59da48c54a.jpg
zn2.gnezdo.news/img/280x217/903/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/903/1471903_59da48c54a.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
17aaf9309748e9da229fc45998b8995f912e3d9599d93e73b7ba4402101ea3bb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 22 Nov 2022 07:39:01 GMT
Server
nginx/1.18.0
ETag
"637c7c95-20b0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
8368
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1280952_6cf4b44735.jpg
zn2.gnezdo.news/img/280x217/952/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Wed, 30 Mar 2022 08:43:19 GMT
Server
nginx/1.18.0
ETag
"62441827-2cfa"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
11514
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1325538_db5e5e6aef.jpg
zn2.gnezdo.news/img/280x217/538/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/538/1325538_db5e5e6aef.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
20f18380c292adf28349a11dc4fb3865714488bed77419ebc5f907cac22c16fd

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 16 Jul 2022 18:01:52 GMT
Server
nginx/1.18.0
ETag
"62d2fd10-454f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17743
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1305305_dee7486505.jpg
zn2.gnezdo.news/img/280x217/305/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/305/1305305_dee7486505.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
44697c94e4fb48c39354eb432fd60c0bd60c39bdc358e9f2ca2369ebdc505b0e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 22 Nov 2022 12:14:49 GMT
Server
nginx/1.18.0
ETag
"637cbd39-30e2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12514
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1277746_617c54a149.jpg
zn2.gnezdo.news/img/300x300/746/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/746/1277746_617c54a149.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
ae664b3d2eb82eab3e5df67af987d1b769486c366926ee79afcd88eadc3efaac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Fri, 18 Mar 2022 14:53:18 GMT
Server
nginx/1.18.0
ETag
"62349cde-3d73"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
15731
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1403123_eeef480435.jpg
zn2.gnezdo.news/img/280x217/123/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/123/1403123_eeef480435.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
765a31aa8c860dc346f929d7f6f103018487b3f50683297bc1ca0ee9b485ac9b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 24 Sep 2022 10:54:14 GMT
Server
nginx/1.18.0
ETag
"632ee1d6-35a1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13729
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244183_c33d99d282.jpg
zn2.gnezdo.news/img/280x217/183/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/183/1244183_c33d99d282.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
386347b32d1c20291681b877cd61d438637d3d959210ad1b94f83c7014a471fa

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sun, 19 Dec 2021 13:59:00 GMT
Server
nginx/1.18.0
ETag
"61bf3aa4-3039"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1284000_c02cd0d572.jpg
zn2.gnezdo.news/img/300x300/000/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/000/1284000_c02cd0d572.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
dd0ef40944f18ed3626a27382f1721626f12a18a3992f95275fc332eeb7cd42c

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 09 Apr 2022 16:02:25 GMT
Server
nginx/1.18.0
ETag
"6251ae11-4c72"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
19570
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1163851_24aff56726.jpg
zn2.gnezdo.news/img/300x300/851/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/851/1163851_24aff56726.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
295beed51d4e3ae8a6087b0af30dcc0093d8a498d7d48ad909c8f1d96316ca9b

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 20 Jul 2021 06:12:00 GMT
Server
nginx/1.18.0
ETag
"60f66930-340d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13325
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1048915_7b068ea9d2.jpg
zn2.gnezdo.news/img/280x217/915/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/915/1048915_7b068ea9d2.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
07dff4294d7bce1593b3247b02972ba60bb4132aa18daccad3d4e6cc5752cff7

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 05 Jan 2021 17:03:00 GMT
Server
nginx/1.18.0
ETag
"5ff49bc4-4164"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
16740
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1298749_f802d27390.jpg
zn2.gnezdo.news/img/280x217/749/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/749/1298749_f802d27390.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
c079ec0d8d8e7f30048ac0bfe52c3ffc0b41b21924867edb849c194980395324

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 31 May 2022 03:28:56 GMT
Server
nginx/1.18.0
ETag
"62958b78-3265"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12901
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1469945_40ec2472be.jpg
zn2.gnezdo.news/img/300x300/945/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/945/1469945_40ec2472be.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
736b04e75aad7f9e077b34c0d4ce4dd260c3d586efeb4a0d572bc2f86724d2cb

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 19 Nov 2022 12:30:14 GMT
Server
nginx/1.18.0
ETag
"6378cc56-4495"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17557
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1473028_a63a44636a.jpg
zn2.gnezdo.news/img/280x217/028/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/028/1473028_a63a44636a.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
3cf6952661c411edab6b566170f4fe561dec2689a8f61db7a41760a6b1dec85a

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 24 Nov 2022 18:24:50 GMT
Server
nginx/1.18.0
ETag
"637fb6f2-2581"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
9601
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1473052_8cfc6521a6.jpg
zn2.gnezdo.news/img/280x217/052/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/052/1473052_8cfc6521a6.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
1f0ce2a0bd61ac89f3f54722b1876bc598895f0cb8ff3addf5594d16542a4100

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Thu, 24 Nov 2022 20:22:28 GMT
Server
nginx/1.18.0
ETag
"637fd284-2f9e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12190
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1471903_59da48c54a.jpg
zn2.gnezdo.news/img/280x217/903/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/903/1471903_59da48c54a.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
17aaf9309748e9da229fc45998b8995f912e3d9599d93e73b7ba4402101ea3bb

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 22 Nov 2022 07:39:01 GMT
Server
nginx/1.18.0
ETag
"637c7c95-20b0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
8368
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1280952_6cf4b44735.jpg
zn2.gnezdo.news/img/280x217/952/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/952/1280952_6cf4b44735.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Wed, 30 Mar 2022 08:43:19 GMT
Server
nginx/1.18.0
ETag
"62441827-2cfa"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
11514
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1325538_db5e5e6aef.jpg
zn2.gnezdo.news/img/280x217/538/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/538/1325538_db5e5e6aef.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
20f18380c292adf28349a11dc4fb3865714488bed77419ebc5f907cac22c16fd

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 16 Jul 2022 18:01:52 GMT
Server
nginx/1.18.0
ETag
"62d2fd10-454f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17743
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1305305_dee7486505.jpg
zn2.gnezdo.news/img/280x217/305/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/305/1305305_dee7486505.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
44697c94e4fb48c39354eb432fd60c0bd60c39bdc358e9f2ca2369ebdc505b0e

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Tue, 22 Nov 2022 12:14:49 GMT
Server
nginx/1.18.0
ETag
"637cbd39-30e2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12514
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1277746_617c54a149.jpg
zn2.gnezdo.news/img/300x300/746/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/746/1277746_617c54a149.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
ae664b3d2eb82eab3e5df67af987d1b769486c366926ee79afcd88eadc3efaac

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Fri, 18 Mar 2022 14:53:18 GMT
Server
nginx/1.18.0
ETag
"62349cde-3d73"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
15731
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1403123_eeef480435.jpg
zn2.gnezdo.news/img/280x217/123/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/123/1403123_eeef480435.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
765a31aa8c860dc346f929d7f6f103018487b3f50683297bc1ca0ee9b485ac9b

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 24 Sep 2022 10:54:14 GMT
Server
nginx/1.18.0
ETag
"632ee1d6-35a1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
13729
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1244183_c33d99d282.jpg
zn2.gnezdo.news/img/280x217/183/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/280x217/183/1244183_c33d99d282.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
386347b32d1c20291681b877cd61d438637d3d959210ad1b94f83c7014a471fa

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sun, 19 Dec 2021 13:59:00 GMT
Server
nginx/1.18.0
ETag
"61bf3aa4-3039"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
12345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1284000_c02cd0d572.jpg
zn2.gnezdo.news/img/300x300/000/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn2.gnezdo.news/img/300x300/000/1284000_c02cd0d572.jpg
Requested by
Host: zn2.gnezdo.news
URL: https://zn2.gnezdo.news/js/new_lenta_colors15.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
mail3.itech-group.ru
Software
nginx/1.18.0 /
Resource Hash
dd0ef40944f18ed3626a27382f1721626f12a18a3992f95275fc332eeb7cd42c

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 25 Nov 2022 08:32:54 GMT
Last-Modified
Sat, 09 Apr 2022 16:02:25 GMT
Server
nginx/1.18.0
ETag
"6251ae11-4c72"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
19570
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-...
264 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A244178988197%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A195117282%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Ast%3A1669365175&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b8ea3abdd1602e823c4dd5266f82a2174f4314bded3b2e2319c8c4271038fb51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 25-Nov-2022 08:32:54 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A244178988197%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A195117282%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Ast%3A1669365175&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:54 GMT
1
mc.yandex.ru/watch/11859022/
Redirect Chain
  • https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gne...
  • https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22g...
428 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A938094105402%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A375340620%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
a265735ccf8150ce06ab39ec231ce8001759a54e7be3582c98b422fc97c07345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 25-Nov-2022 08:32:54 GMT
location
/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A938094105402%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083254%3Aet%3A1669365175%3Ac%3A1%3Arn%3A375340620%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Ans%3A1669365173273%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:54 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 24 Nov 2022 13:04:34 GMT
etag
"637f41b2-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 25 Nov 2022 09:32:54 GMT
sync.html
cstatic.weborama.fr/iframe/ Frame 38AC 		336 B
313 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F77B) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Referer
https://news.2xclick.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29302
cache-control
max-age=604800
content-encoding
gzip
content-length
207
content-type
text/html
date
Fri, 25 Nov 2022 08:32:54 GMT
etag
"282943589+gzip"
expires
Fri, 02 Dec 2022 08:32:54 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (ska/F77B)
vary
Accept-Encoding
x-cache
HIT
topics.js
cstatic.weborama.fr/js/topics/ 		1 KB
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/topics/topics.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F779) /
Resource Hash
146cf0f46027121c37ec63209f3adf33d31f6dbf7b25fa5e3f7c771a14139837

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
gzip
last-modified
Mon, 22 Aug 2022 15:53:26 GMT
server
ECAcc (ska/F779)
age
29280
etag
"1437162110+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control
max-age=604800
accept-ranges
bytes
content-length
652
expires
Fri, 02 Dec 2022 08:32:54 GMT
comptage_wreport.fcgi
gnezdoruanalytics.solution.weborama.fr/fcgi-bin/
Redirect Chain
  • https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref=
  • https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref=&BOUNCE=OK
67 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref=&BOUNCE=OK
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
HTTP/1.1
Server
91.216.195.18 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS
std-collect-lb-c03-01-vip.weborama.fr
Software
Apache /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
cache-control
no-cache
server
Apache
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1669365174&ta=1600x1200&co=24&ref=&BOUNCE=OK
date
Fri, 25 Nov 2022 08:32:54 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
Apache
content-length
399
content-type
text/html; charset=iso-8859-1
collect
dx.frontend.weborama.com/
Redirect Chain
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//news.2xclick.ru/
  • https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fnews.2xclick.ru%2F&bounce=1&random=221520710
  • https://rd.frontend.weborama.fr/rd?key=wamsync
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=TcxeIoYmuG9N
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=TcxeIoYmuG9N
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H3
Server
34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.205.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=TcxeIoYmuG9N
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=923754968&t=pageview&_s=1&dl=https%3A%2F%2Fnews.2xclick.ru%2F&ul=en-us&de=UTF-8&dt=Gnezdo.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1159401751&gjid=1480112468&cid=782271835.1669365175&tid=UA-5044672-6&_gid=1976011201.1669365175&_r=1&_slc=1&z=1499506686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://news.2xclick.ru/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.2xclick.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame 38AC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F68B) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (ska/F68B)
age
29280
etag
"3142978827+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control
max-age=604800
accept-ranges
bytes
content-length
3062
expires
Fri, 02 Dec 2022 08:32:54 GMT
3521127290410543dbe9.js
yastatic.net/partner-code-bundles/685389/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/685389/3521127290410543dbe9.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
528f7aac0e024a13198fcaf269f76cb6f7e24089319de15f9993d46e9950a436
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4801
last-modified
Wed, 23 Nov 2022 15:54:54 GMT
server
nginx/1.17.9
etag
"d18bbc88871c27c06a0279a02aa8fadc"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 24 Nov 2052 15:08:24 GMT
f818b2a1393131cf949c.js
yastatic.net/partner-code-bundles/685389/ 		107 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/685389/f818b2a1393131cf949c.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
343dc911fa35037f18ef296ed9b0392ab393729b163e89345b283c48ccbb2a13
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23479
last-modified
Wed, 23 Nov 2022 15:54:54 GMT
server
nginx/1.17.9
etag
"f0cb8d108f64506a48ad2d38644cc301"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 24 Nov 2052 15:08:24 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 24 Nov 2052 15:08:43 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
492ec440d9274efa
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 14:21:54 GMT
320977
an.yandex.ru/meta/ 		29 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C48%3B677435%2C0%2C21%3B672576%2C0%2C49%3B679611%2C0%2C85%3B683850%2C0%2C3%3B679028%2C0%2C31%3B682309%2C0%2C36%3B684084%2C0%2C95%3B681842%2C0%2C22&pcode-flags-map=eJytWNty2zYQ%2FZWOnjMpb%2BAlbyAJSqhJgAVA2Uomg1FixdXUdjqxk0mayb93QVIySStQNNWbZGsPFns5exbfZ3TOuCC6olKSXOdYYV1jgSupCy70kuaEa8p0xquUz169%2BT77sr79vJm9mm2%2B%2FjN7MXvcPDzSa%2FiKEidAaPbj7YvZEkstyJ8NkUovK1zrQvBK41yO7JVoyBAgdCMvdloAwnBaksnh8KGgjCoC%2FmUXcsGVvqRqwRulMfiupM27EKEw9k8GPwcyLktdC543mZLPjzkNmgDkiXkZgJi8wJmXkApd4pSULRSApJgxIuzZCX0%2FiFqYnGvGO6AlEYpmuNR0qdNGKc7sIJDhKJ6CgC2AXBxzIPLdJOhsqewCDfdRpsgUnh%2BzjZ3kwLmkJBVh6khhgrXbRVDmusJXmmAhdU1EBrYjU88ZGwa%2BFw7zJy8g2kssKGZqWidFU5YyE4QwrXiTLaxJjQM3QL%2BMXHLIM87PgYjzgl%2F1BQPfazwn53N0BN7%2B73zYrwk7H1gtSEWb6owpekp%2BTuSF4vX5sFf43LHMSYGb0s5dzwAZuexA2yrSJcc5ZLku8WrS%2Bc%2BQkJckTwSmut4nQtIJ3QDPJXE0sQ3DrgMbRvsjDenhahTgx0%2BfNwOzwAOkbhQ1EkIhW5ac2Ez9HBjB9aRJJU8lEcvp9e7X7243I0s%2F9JKOWwt6BaOY6QWh84XSTNmPDJCfuK3hCrOcXGnR6JxXmFprHTmR54f781LBL8BZOEvPBbWyBHIjFIcHD9TAykrQ1GruuU7YcTi0o9dWPczZHAYtrY4wCYJ66uVBa7sbAikXJqkC57SRv%2F0iwgobvzuHYUBf4pV1xqPAj%2Fo450UN2kbWnEFhKFoR0B%2BTEeA4Y9vA8bs71xnPCbQQmDJr86AAAUxfSoYSBTG1uztPkytrWcCRUeQ9N6eFabxL00TEzoY%2FQ9g5sMRlM8qW7xy2LmFUMl0ZhdlzyThYo0OR4%2FRRrgXlgqqVTlfAPeSy5sIesDAK%2B97b1UVOBcmUzqSVXFDiRvGgIqnUGRYC5B%2FOsqkymLAESnzkuiPbtorlXpfWOM8pm9tBAhR0nme8YQpKWa1qon2710EcoUF6KpFBnCRNaQlRsx%2BXROFPLTUHii9BjB05fYdRwRSg%2FbwGgi0orBDUXKLAmb2bk9iLooEfw6EP%2BscUqhkNKchk0zFK8LI8MiccD%2BRWCzkXOPXsv4USdZ5%2BqyV9PfIXuZ5j%2B%2F2BznfRTyx2xbEg7fgRBCY8bF1W%2F1zkhZ21GZuCFMA5C5iZc5rZ7WK%2FJ1gIWkFFZTpIELabeyBcUjvFh8DRnjtqJZiBAuoadEC2IJCPgViR0i5U3MQNOn8GRriuzVXm0Bp2Y89N0MiTBVXtNU6US37keaM9KqsrXZGcYg0gWNFlO%2BTtGIk%2F3k6zOvvfGId11YlbYoCcXuPswiQrLJSGBbwhBvxYkoxG6uJc4terVpnpdlYNrb7PPmwe3%2F9VrT%2FdbO%2F7ar%2F7%2BG57u5Hv17fb%2B5vZK%2B%2FHaGFETi9qhu7A6NJpabq6hPE7PODN7G69vX356TP49m19f735Cp9%2F396tbzYPoz%2FdrO%2Fav1z%2Fu7nvfr7%2Bsn382H28e7n%2F8vawN%2B3WuBBmex1HnwDvC8OAlMF8o6DhyiORj9yoZxwjE3sKKzGbN8fWIhAUcbcIZ%2BZ9gLO%2BR3FhJgAtBK5IJ5HtzRrFSZjsPSgEBZhypTt72rbaCfbpxTMifGYRJn7f0QOLUx%2BLwigJnGiPAiohNwj2hQpWitCdnty1oP0sz3O6LBnqhc4yjVofvynsDn7HGv0bmVwxtSCKZt2rVjun27cyoo4%2BXkSB37UYZX8YXTJgsKfxZgZftmjYxdF4vn%2B8ndwR9SN5UtTt%2FqJW5UCVwCghyo6WhL2wMWIVLpMpcOeSlnn%2FygP%2BjQXzu%2B3NOHZ%2BjJwp75vt4iBfPz%2Ff8eJ9pp%2Fi0z66FKCyasGXB15uPjzo683D348fJ4n0%2FP71B%2BfpfnGQC5wDCbTjRGrYZrp3kiNLrdOqxR%2F%2FAU1cOyQ%3D&pcode-icookie=th2V%2F02idF3kafhgUJP2mfxLvfpigCV44enJFE%2FJxghfEHkCCHoD4zq6nresyp64ZOW5emIAHkeUhcThvnYtRI0XxnE%3D&duid=MTY2OTM2NTE3NTU0Njc3NzQxOQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=183068686024706&ad-session-id=4113171669365174899&target-id=68761792&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.2xclick.ru&top-ancestor-undetermined=0&pcode-version=685389&pcodever=685389&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A639%2C%22top%22%3A1091%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=2088&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxOH0KWqeysOSo6yIYqENN-cR6iXyjqFUFShXZAq9E5B3uTh3wm_BWberJ3lt9-epKlevab1-R1PIB45xwBvQQAlxhjBDzO7_ZakwPfyBDhgghjDDCCHF8kJUBXK3CKCdDSp2wE6AJcsLOSPUIfZVap0cYhFqd3tf46kCHTlBvKHq9oZBQKrTwdHqtBn5GpA5lMjDpRxPI6ZkpESmUfqD0TxdatGoFheIgDCEzOVWgJKNBTVKjpNflhBeJEysJG_5QlwBJXiRNXsJKrCg5IG6O0pycA8hOrkUWShIkzMRpusN0uCWn5kT8xLZI450e60i8KB2yxqyQGR4pEwo5fyGlk8s02oAytJ3Q6WXkoVKXcJ4FI5Is07FwImES5Od2TuM8F6He0ARRJD_Kp1UGQMlo1RrZskI8aDXqTKENCCG1zrLWbUqt05PrEtRKE6XJjZL8l92cxI8WI7lJ_FO9HEkikH081hH_aVj_lx1JcuL9P9YpWIefIMIEQ28gR482hFiMqlCjpEXuUl8DN5BnrYKMUh2gQuyPNkHrmNyEGWFGUrr8CGeUB_94uBXIjfWY7rYVpOgBwKTLbTL3ZxD8m1PnxL_jzr10R48iMBkZpZUJ-jHj96Txs73jhx5h_-PGmmMl422QURIJMjhIdtrpmhhxPhlxg_qnC5JTuELqcfJQBE8eyn3ltBhohVrhK-C1SiLzVH-IzJXYz4y52xNrz5PcSDeVJBLmBc1__AvEnU4LyjqkuzV5xpxwdl6feJhmBuHB4khqdijkSDg_Zmu60j4br-HbVq3II9F8MBqN5m4k3GlGHXfXXeNtQsL49-U3rHvKytTUeZ_PXFTb7h9-uPeT-3C9NflmK-qiF7ai0zP_vuG1x_j0ZsfjXD-2-V5nlbbgif_z5g5niay5s0yuB5UCglYwU2Sod5LVZhH2Gp1azepYXK4utJpax0VMl8saUjR95dsaLDBzBkr3GKx_TDoFnXaLOoVo67gv7pJL-3Px5j7i78HWXW5yaBNWa5LT2C_AVu6Ib34xYnJ14Cs1CBjUcOgLp6cvzFP9y--1IkZi0Vr3rhDBzQnbdlbYbbgm6Ren0vyNLNMgoaExuxhaTTHXz1W_S-KiwPSrMFs7YnKF3KcBm0FnIE_w9eKq1n6BqFFr1zYvaV29loqSqzZgbXJeOTH9li6aJmpfyDuYY-YCasz7How-i78SLlFduj4Z7EBQ1UELwa_uuFU-mPMm8T-8K8CsTVASvXTjLoCVu8TdHjmmmXN4_fPKinZ3M8OHWpyeJHvdU-8Ld_jqrlnof97__pci0bVtfjqwClWoBEnjM_T3I2zmn6iKpNj-lu19Nqf1XtDOL1J2F_YW_N5Ak4QRiI5IUtX980wEez8-HwR1fSe_TwQtyQXHpSRUhW2yeeBlMjK5KtBqQgbfBwgtjB0iqXBfZw992-ZUb07ycl_6eD-UZJ1RIQjG3Nriq_l9Mz9wJ6mT08te53nb_YV9v8TM5UViE1eACWSqkCKEq1EG4MHjt8XhTFHaEJIenDPkDpp5seyu4bQMEydej2Ztb9_tQdgYGP8U9t0Y7ja7j3xvJ5fOljIm_wOnQCAnozD68BkQcYD_D6GlDDZ3t46nQucJkS2FM_M9qV6_Sdu3oLe58bWjsLnRlogt-FZ5NYq6Zc91Uq-LzzuHV4sbhPWCNj8clECl0jA2eqj9QYsjq2hZt-r05lDaY166XKU9fRtCem6zS9Gr_m2-aB5NWvBM9D7C6UbcGeyWv58dFQq8M1ofmywexEPiMugD7pztkYwT7AIStfgX2sbFomKCdm8PODckZjExXg3q0PXVX8KS2gCc4bcHKrE49H3Ae-Ib5cmIihmzRPsOF9XYTV4HPdAcyhR8GTkYtj_o7Fy3XXMSpy-p3xK-xYjN6tTrZ3CbJfFyST7XMsw_cgYVa3Y0jFkDo6ueqA56P6Ozb9vk2wd68xGQZrrBAd65N7bTvGprqrAbe6wRQfEJ3DnbkS6QxDc_D4RAjVJpmVEFnLihgeEG8A%3D%3D&uniformat=true&callback=Ya%5B9631411024974%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.2xclick.ru/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 25 Nov 2022 08:32:54 GMT
x-yandex-req-id
1669365174964605-461607030050319230000099-production-app-host-sas-pcode-437
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://news.2xclick.ru
content-type
text/html; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 25 Nov 2022 08:32:54 GMT
4477807ef68813e63b1d.js
yastatic.net/partner-code-bundles/685389/ 		477 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/685389/4477807ef68813e63b1d.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
9dba201359b32eb8f2606a56896ec674074f2f479544a16f4e310f9db987f802
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://news.2xclick.ru/
Origin
https://news.2xclick.ru
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:54 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
99116
last-modified
Wed, 23 Nov 2022 15:54:54 GMT
server
nginx/1.17.9
etag
"d7b6a1abba4155384637aa203ba6d523"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 24 Nov 2052 15:08:24 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5044672-6&cid=782271835.1669365175&jid=1159401751&gjid=1480112468&_gid=1976011201.1669365175&_u=IEBAAEAAAAAAACAAI~&z=174094126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://news.2xclick.ru/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 25 Nov 2022 08:32:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://news.2xclick.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9833.fqefZZzmT5xVN-6av9JWqAizLYixk_oUwleEgqcCVtYq3h4j7xUnqW1b4Hortd_u.tAlN7_IPiqpSBrKvPtCmhZqPL3w%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9833.sFPYyUSCaU3MLPYYNDhhOWVCAB7yoRv0RB1N2Ejag_QiG3KPs9_XGIwWZBxPLC5lbGJmK4Tn-urD8AY6WUdgyoYvZ0zNkvYwOQ_sn2RkaDQ%2C.oA__VJZ0umqRSgtBw1f8LJXwyd...
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9833.sFPYyUSCaU3MLPYYNDhhOWVCAB7yoRv0RB1N2Ejag_QiG3KPs9_XGIwWZBxPLC5lbGJmK4Tn-urD8AY6WUdgyoYvZ0zNkvYwOQ_sn2RkaDQ%2C.oA__VJZ0umqRSgtBw1f8LJXwydE%2C
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Server
80.239.201.44 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
80-239-201-44.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9833.sFPYyUSCaU3MLPYYNDhhOWVCAB7yoRv0RB1N2Ejag_QiG3KPs9_XGIwWZBxPLC5lbGJmK4Tn-urD8AY6WUdgyoYvZ0zNkvYwOQ_sn2RkaDQ%2C.oA__VJZ0umqRSgtBw1f8LJXwydE%2C
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync
ds.frontend.weborama.fr/ Frame 38AC 		669 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/sync?key=all&src=products.js&wamid=485736&v=2021091401&callback=Utils.handleDataSync&ref=news.2xclick.ru
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.247.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.247.149.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
8e0cf3d4fca37915b6610dd4606e10b30aa49bd8c0a4534b6ed23d5209e55b90

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
669
expires
Tue, 03 Jul 2001 06:00:00 GMT
1
mc.yandex.ru/watch/11859022/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/11859022/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&ut=noindex&hittoken=1669365175_73d43a61ad5806de4ed574e56499db84bdff1d2fe00850fe6be2c51410524eb6&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A1%3Als%3A938094105402%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083255%3Aet%3A1669365175%3Ac%3A1%3Arn%3A300178231%3Arqn%3A2%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1669365173273%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669365175&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(39500)aw(1)rqnl(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.2xclick.ru/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
image/gif
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5044672-6&cid=782271835.1669365175&jid=1159401751&_u=IEBAAEAAAAAAACAAI~&z=962657750
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.se/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5044672-6&cid=782271835.1669365175&jid=1159401751&_u=IEBAAEAAAAAAACAAI~&z=962657750
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prx
bsd.frontend.weborama.fr/ Frame 38AC 		25 B
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bsd.frontend.weborama.fr/prx?callback=Utils.handleDataSync
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.182.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.182.107.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25
expires
Tue, 03 Jul 2001 06:00:00 GMT
cj
ds.frontend.weborama.fr/ Frame 38AC 		360 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/cj?key=graphinium
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.247.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.247.149.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
b2256e9293d0c8e2ae403168a63a745100635694ffbc3ba6597a852363b89b23

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
expires
Tue, 03 Jul 2001 06:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame 38AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc=
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_gid=CAESEGmPy0EIn0Ew4wvhwbFxXJU&google_cver=1
date
Fri, 25 Nov 2022 08:32:55 GMT
server
Apache
content-length
354
content-type
text/html; charset=iso-8859-1
401736.gif
idsync.rlcdn.com/ Frame 38AC 		42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401736.gif?partner_uid=4BymTf7z1QhHDe6HMgCNzu
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
collect
dx.frontend.weborama.com/ Frame 38AC 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=TcxeIoYmuG9N
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.205.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
via
1.1 google
last-modified
Fri, 25 Nov 2022 08:32:55 GMT
server
Weborama Collect Frontend
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 38AC
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=TcxeIoYmuG9N
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=TcxeIoYmuG9N
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=TcxeIoYmuG9N
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=TcxeIoYmuG9N
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 38AC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ&dcc=t
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
HTTP/1.1
Server
67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Nov 2022 08:32:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SDBAZBDJTTHP6TX9PJHD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Nov 2022 08:32:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EKNYSC6T7BQS1JNRJ5DZ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=NEJ5bVRmN3oxUWhIRGU2SE1nQ056dQ&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
weborama.js
p.crm4d.com/sync/ Frame 38AC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.crm4d.com/sync/weborama.js?r=9935753177343546648&gdpr=&gdpr_consent=
Requested by
Host: ds.frontend.weborama.fr
URL: https://ds.frontend.weborama.fr/cj?key=graphinium
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Romans-sur-Isère, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
9723d3b4739b4479c707ca62252f55f096956028fb47fb18767daf11d3f96a90

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
text/javascript; charset=utf-8
Date
Fri, 25 Nov 2022 08:32:55 GMT
Content-Encoding
gzip
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
320977
mc.yandex.ru/watch/ 		391 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/320977?wmode=7&page-url=https%3A%2F%2Fnews.2xclick.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A3%3Adp%3A1%3Als%3A1017183410070%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083255%3Aet%3A1669365175%3Ac%3A1%3Arn%3A774621543%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669365173273%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr(14)mc(p-1)clc(0-0-0)lt(39500)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
0d8e4fb34e351793dc2a209094eafb26db343d2bda39f9ecdd62cd65281c732b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
391
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT
1
mc.yandex.ru/watch/320977/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/320977/1?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&cnt-class=1&hittoken=1669365175_b011b913205f2c56421d77be250ccf24a283dbb8f8004956a950afbf96b64bbd&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A849%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A3%3Adp%3A1%3Als%3A1017183410070%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083255%3Aet%3A1669365175%3Ac%3A1%3Arn%3A580477472%3Arqn%3A1%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C154%2C96%2C1%2C109%2C0%2C%2C557%2C11%2C%2C%2C%2C918%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669365173273%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669365175&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(39500)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://news.2xclick.ru/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
image/gif
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT
320977
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/320977?page-url=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&cnt-class=1&hittoken=1669365175_b011b913205f2c56421d77be250ccf24a283dbb8f8004956a950afbf96b64bbd&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A3%3Adp%3A1%3Als%3A1017183410070%3Ahid%3A330854071%3Az%3A0%3Ai%3A20221125083255%3Aet%3A1669365175%3Ac%3A1%3Arn%3A817824038%3Arqn%3A2%3Au%3A1669365175546777419%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1669365173273%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1669365175%3At%3AGnezdo.ru&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(39500)aw(1)ecs(1)rqnl(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://news.2xclick.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Nov 2022 08:32:55 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 25-Nov-2022 08:32:55 GMT
content-type
image/gif
access-control-allow-origin
https://news.2xclick.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 25-Nov-2022 08:32:55 GMT
match
p.crm4d.com/sync/weborama/ Frame 38AC 		42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.crm4d.com/sync/weborama/match?uid=4BymTf7z1QhHDe6HMgCNzu
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Romans-sur-Isère, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 25 Nov 2022 08:32:55 GMT
Connection
keep-alive
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
s.gif
p.crm4d.com/sync/appnexus/ Frame 38AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=6917734023066697573
42 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=6917734023066697573
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
HTTP/1.1
Server
145.239.211.22 Romans-sur-Isère, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 25 Nov 2022 08:32:55 GMT
Connection
keep-alive
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
no-cache
Date
Fri, 25 Nov 2022 08:32:55 GMT
AN-X-Request-Uuid
f3d418e6-290f-49c9-8dac-bad9c1083d42
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=6917734023066697573
Connection
keep-alive
X-Proxy-Origin
185.147.213.56; 185.147.213.56; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/ Frame 38AC
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.2xclick.ru&site=485736
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 08:32:55 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://p.crm4d.com/sync/sas/s.gif?bounce=1&uid=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 25 Nov 2022 08:32:54 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| frame function| lp2 object| gnezdo_tracker object| gnezdoTrackerAsyncCallbacks string| GoogleAnalyticsObject function| ga string| WRP_HOST number| WRP_ID string| WRP_SECTION string| WRP_SUBSECTION object| yandexContextAsyncCallbacks function| $ function| jQuery object| Modernizr function| getAverageRGB function| tizerProc function| fillGradient function| resize_subtitles function| jx_lenta_load boolean| was_click boolean| was_scroll object| Ya object| yaCounter11859022 function| _send_after_cmp_check function| _create_element_of_given_type function| _create_image_for function| _create_iframe_for function| _ap_defined function| wis_defined function| getCookieVal function| GetCookie function| SetCookie function| encode_en_lettre function| traite_chaine function| convertir function| traduction function| unicite_espace function| wf_uaO number| _NB_MAX_EXTEND_PARAMETERS number| _TAILLE_MAX_EXTEND_PARAMETER_ object| _ap_an function| getEncodedHost function| create_ifrtrk function| retrieve_tpcs object| acc_list function| wr_aff_pub object| _ap_ad string| wr_solutions string| ref string| _ap_script boolean| _ap_first string| k string| key number| _NB_MAX_CONTENU_ number| _TAILLE_MAX_CONTENU_ number| _TAILLE_MAX_CHAINE_ number| _TAILLE_MAX_ALPHANUM_ string| _COOKIE_SEGMENTATION object| _ap_adlist object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| cnc object| webpackChunkyandex_pcode object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| yaads object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter320977

40 Cookies

Domain/Path Name / Value
.gnezdo.ru/ Name: uid
Value: XV9kdWOAfbVyDAZ+nOr/Ag==
.2xclick.ru/ Name: _ym_uid
Value: 1669365175546777419
.2xclick.ru/ Name: _ym_d
Value: 1669365175
.2xclick.ru/ Name: _ga
Value: GA1.2.782271835.1669365175
.2xclick.ru/ Name: _gid
Value: GA1.2.1976011201.1669365175
.2xclick.ru/ Name: _gat
Value: 1
.yandex.ru/ Name: yandexuid
Value: 7900719881669365174
.yandex.ru/ Name: yuidss
Value: 7900719881669365174
mc.yandex.ru/ Name: yabs-sid
Value: 2397496991669365174
.yandex.ru/ Name: i
Value: Ol7YHGi6K+FLDmh1p+5JxFh8fUk8MMr+jTnSYbwLqfQV/BM7ISw4HVYdytkkYu7SHeL6S7EBpSPp1InY4zKNKYmTGMU=
.weborama.com/ Name: wui
Value: 106B2C47-0BDA-4F91-9A64-31A176C6313D
.weborama.fr/ Name: AFFICHE_W
Value: TcxeIoYmuG9N54
.2xclick.ru/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: ymex
Value: 1700901174.yrts.1669365174#1700901174.yrtsi.1669365174
.weborama.fr/ Name: wbo_temps_reel
Value: NDg1NzM2
.gnezdoruanalytics.solution.weborama.fr/ Name: _wrvur
Value: AgKbaaS
.gnezdoruanalytics.solution.weborama.fr/ Name: _wrvusr
Value: AgKbaaeacW
.2xclick.ru/ Name: _ym_visorc
Value: b
cstatic.weborama.fr/ Name: _xttrk2_all
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_ids
Value: 1
cstatic.weborama.fr/ Name: _xttrk2
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_mpub
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_uk
Value: 1
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 765315943fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1429335218fake
.rlcdn.com/ Name: rlas3
Value: iEm7Ht6WGenhs22+vYgsoWZbS43SmuiozjjOp1ViODU=
.rlcdn.com/ Name: pxrc
Value: CAA=
.tapad.com/ Name: TapAd_TS
Value: 1669365175357
.tapad.com/ Name: TapAd_DID
Value: 945e6b31-5d6b-4740-a29b-9ef8baea5041
.webvisor.org/ Name: yandexuid
Value: 7900719881669365174
.webvisor.org/ Name: yuidss
Value: 7900719881669365174
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUkB-CqZ-VfMcUdJoB0Kc_QWntc_iNMvdF5-rsE2trjIylRV0T4WoOtTRdJllSc
.crm4d.com/ Name: c4d
Value: DNxHgvIJoWYAsRLVeCPqL72xp2xVMy0w2JEt3mP7APxNAjBYMmusQfAhWK
p.crm4d.com/ Name: ls
Value: 1669365175
.amazon-adsystem.com/ Name: ad-id
Value: A7zE15bt-kzlo88-RCXFT5U
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: uuid2
Value: 6917734023066697573
p.crm4d.com/ Name: css
Value: weborama:463712,appnexus:463712

2 Console Messages

Source Level URL
Text
network error URL: https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.2xclick.ru%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C48%3B677435%2C0%2C21%3B672576%2C0%2C49%3B679611%2C0%2C85%3B683850%2C0%2C3%3B679028%2C0%2C31%3B682309%2C0%2C36%3B684084%2C0%2C95%3B681842%2C0%2C22&pcode-flags-map=eJytWNty2zYQ%2FZWOnjMpb%2BAlbyAJSqhJgAVA2Uomg1FixdXUdjqxk0mayb93QVIySStQNNWbZGsPFns5exbfZ3TOuCC6olKSXOdYYV1jgSupCy70kuaEa8p0xquUz169%2BT77sr79vJm9mm2%2B%2FjN7MXvcPDzSa%2FiKEidAaPbj7YvZEkstyJ8NkUovK1zrQvBK41yO7JVoyBAgdCMvdloAwnBaksnh8KGgjCoC%2FmUXcsGVvqRqwRulMfiupM27EKEw9k8GPwcyLktdC543mZLPjzkNmgDkiXkZgJi8wJmXkApd4pSULRSApJgxIuzZCX0%2FiFqYnGvGO6AlEYpmuNR0qdNGKc7sIJDhKJ6CgC2AXBxzIPLdJOhsqewCDfdRpsgUnh%2BzjZ3kwLmkJBVh6khhgrXbRVDmusJXmmAhdU1EBrYjU88ZGwa%2BFw7zJy8g2kssKGZqWidFU5YyE4QwrXiTLaxJjQM3QL%2BMXHLIM87PgYjzgl%2F1BQPfazwn53N0BN7%2B73zYrwk7H1gtSEWb6owpekp%2BTuSF4vX5sFf43LHMSYGb0s5dzwAZuexA2yrSJcc5ZLku8WrS%2Bc%2BQkJckTwSmut4nQtIJ3QDPJXE0sQ3DrgMbRvsjDenhahTgx0%2BfNwOzwAOkbhQ1EkIhW5ac2Ez9HBjB9aRJJU8lEcvp9e7X7243I0s%2F9JKOWwt6BaOY6QWh84XSTNmPDJCfuK3hCrOcXGnR6JxXmFprHTmR54f781LBL8BZOEvPBbWyBHIjFIcHD9TAykrQ1GruuU7YcTi0o9dWPczZHAYtrY4wCYJ66uVBa7sbAikXJqkC57SRv%2F0iwgobvzuHYUBf4pV1xqPAj%2Fo450UN2kbWnEFhKFoR0B%2BTEeA4Y9vA8bs71xnPCbQQmDJr86AAAUxfSoYSBTG1uztPkytrWcCRUeQ9N6eFabxL00TEzoY%2FQ9g5sMRlM8qW7xy2LmFUMl0ZhdlzyThYo0OR4%2FRRrgXlgqqVTlfAPeSy5sIesDAK%2B97b1UVOBcmUzqSVXFDiRvGgIqnUGRYC5B%2FOsqkymLAESnzkuiPbtorlXpfWOM8pm9tBAhR0nme8YQpKWa1qon2710EcoUF6KpFBnCRNaQlRsx%2BXROFPLTUHii9BjB05fYdRwRSg%2FbwGgi0orBDUXKLAmb2bk9iLooEfw6EP%2BscUqhkNKchk0zFK8LI8MiccD%2BRWCzkXOPXsv4USdZ5%2BqyV9PfIXuZ5j%2B%2F2BznfRTyx2xbEg7fgRBCY8bF1W%2F1zkhZ21GZuCFMA5C5iZc5rZ7WK%2FJ1gIWkFFZTpIELabeyBcUjvFh8DRnjtqJZiBAuoadEC2IJCPgViR0i5U3MQNOn8GRriuzVXm0Bp2Y89N0MiTBVXtNU6US37keaM9KqsrXZGcYg0gWNFlO%2BTtGIk%2F3k6zOvvfGId11YlbYoCcXuPswiQrLJSGBbwhBvxYkoxG6uJc4terVpnpdlYNrb7PPmwe3%2F9VrT%2FdbO%2F7ar%2F7%2BG57u5Hv17fb%2B5vZK%2B%2FHaGFETi9qhu7A6NJpabq6hPE7PODN7G69vX356TP49m19f735Cp9%2F396tbzYPoz%2FdrO%2Fav1z%2Fu7nvfr7%2Bsn382H28e7n%2F8vawN%2B3WuBBmex1HnwDvC8OAlMF8o6DhyiORj9yoZxwjE3sKKzGbN8fWIhAUcbcIZ%2BZ9gLO%2BR3FhJgAtBK5IJ5HtzRrFSZjsPSgEBZhypTt72rbaCfbpxTMifGYRJn7f0QOLUx%2BLwigJnGiPAiohNwj2hQpWitCdnty1oP0sz3O6LBnqhc4yjVofvynsDn7HGv0bmVwxtSCKZt2rVjun27cyoo4%2BXkSB37UYZX8YXTJgsKfxZgZftmjYxdF4vn%2B8ndwR9SN5UtTt%2FqJW5UCVwCghyo6WhL2wMWIVLpMpcOeSlnn%2FygP%2BjQXzu%2B3NOHZ%2BjJwp75vt4iBfPz%2Ff8eJ9pp%2Fi0z66FKCyasGXB15uPjzo683D348fJ4n0%2FP71B%2BfpfnGQC5wDCbTjRGrYZrp3kiNLrdOqxR%2F%2FAU1cOyQ%3D&pcode-icookie=th2V%2F02idF3kafhgUJP2mfxLvfpigCV44enJFE%2FJxghfEHkCCHoD4zq6nresyp64ZOW5emIAHkeUhcThvnYtRI0XxnE%3D&duid=MTY2OTM2NTE3NTU0Njc3NzQxOQ%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=183068686024706&ad-session-id=4113171669365174899&target-id=68761792&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.2xclick.ru&top-ancestor-undetermined=0&pcode-version=685389&pcodever=685389&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A639%2C%22top%22%3A1091%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=2088&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxOH0KWqeysOSo6yIYqENN-cR6iXyjqFUFShXZAq9E5B3uTh3wm_BWberJ3lt9-epKlevab1-R1PIB45xwBvQQAlxhjBDzO7_ZakwPfyBDhgghjDDCCHF8kJUBXK3CKCdDSp2wE6AJcsLOSPUIfZVap0cYhFqd3tf46kCHTlBvKHq9oZBQKrTwdHqtBn5GpA5lMjDpRxPI6ZkpESmUfqD0TxdatGoFheIgDCEzOVWgJKNBTVKjpNflhBeJEysJG_5QlwBJXiRNXsJKrCg5IG6O0pycA8hOrkUWShIkzMRpusN0uCWn5kT8xLZI450e60i8KB2yxqyQGR4pEwo5fyGlk8s02oAytJ3Q6WXkoVKXcJ4FI5Is07FwImES5Od2TuM8F6He0ARRJD_Kp1UGQMlo1RrZskI8aDXqTKENCCG1zrLWbUqt05PrEtRKE6XJjZL8l92cxI8WI7lJ_FO9HEkikH081hH_aVj_lx1JcuL9P9YpWIefIMIEQ28gR482hFiMqlCjpEXuUl8DN5BnrYKMUh2gQuyPNkHrmNyEGWFGUrr8CGeUB_94uBXIjfWY7rYVpOgBwKTLbTL3ZxD8m1PnxL_jzr10R48iMBkZpZUJ-jHj96Txs73jhx5h_-PGmmMl422QURIJMjhIdtrpmhhxPhlxg_qnC5JTuELqcfJQBE8eyn3ltBhohVrhK-C1SiLzVH-IzJXYz4y52xNrz5PcSDeVJBLmBc1__AvEnU4LyjqkuzV5xpxwdl6feJhmBuHB4khqdijkSDg_Zmu60j4br-HbVq3II9F8MBqN5m4k3GlGHXfXXeNtQsL49-U3rHvKytTUeZ_PXFTb7h9-uPeT-3C9NflmK-qiF7ai0zP_vuG1x_j0ZsfjXD-2-V5nlbbgif_z5g5niay5s0yuB5UCglYwU2Sod5LVZhH2Gp1azepYXK4utJpax0VMl8saUjR95dsaLDBzBkr3GKx_TDoFnXaLOoVo67gv7pJL-3Px5j7i78HWXW5yaBNWa5LT2C_AVu6Ib34xYnJ14Cs1CBjUcOgLp6cvzFP9y--1IkZi0Vr3rhDBzQnbdlbYbbgm6Ren0vyNLNMgoaExuxhaTTHXz1W_S-KiwPSrMFs7YnKF3KcBm0FnIE_w9eKq1n6BqFFr1zYvaV29loqSqzZgbXJeOTH9li6aJmpfyDuYY-YCasz7How-i78SLlFduj4Z7EBQ1UELwa_uuFU-mPMm8T-8K8CsTVASvXTjLoCVu8TdHjmmmXN4_fPKinZ3M8OHWpyeJHvdU-8Ld_jqrlnof97__pci0bVtfjqwClWoBEnjM_T3I2zmn6iKpNj-lu19Nqf1XtDOL1J2F_YW_N5Ak4QRiI5IUtX980wEez8-HwR1fSe_TwQtyQXHpSRUhW2yeeBlMjK5KtBqQgbfBwgtjB0iqXBfZw992-ZUb07ycl_6eD-UZJ1RIQjG3Nriq_l9Mz9wJ6mT08te53nb_YV9v8TM5UViE1eACWSqkCKEq1EG4MHjt8XhTFHaEJIenDPkDpp5seyu4bQMEydej2Ztb9_tQdgYGP8U9t0Y7ja7j3xvJ5fOljIm_wOnQCAnozD68BkQcYD_D6GlDDZ3t46nQucJkS2FM_M9qV6_Sdu3oLe58bWjsLnRlogt-FZ5NYq6Zc91Uq-LzzuHV4sbhPWCNj8clECl0jA2eqj9QYsjq2hZt-r05lDaY166XKU9fRtCem6zS9Gr_m2-aB5NWvBM9D7C6UbcGeyWv58dFQq8M1ofmywexEPiMugD7pztkYwT7AIStfgX2sbFomKCdm8PODckZjExXg3q0PXVX8KS2gCc4bcHKrE49H3Ae-Ib5cmIihmzRPsOF9XYTV4HPdAcyhR8GTkYtj_o7Fy3XXMSpy-p3xK-xYjN6tTrZ3CbJfFyST7XMsw_cgYVa3Y0jFkDo6ueqA56P6Ozb9vk2wd68xGQZrrBAd65N7bTvGprqrAbe6wRQfEJ3DnbkS6QxDc_D4RAjVJpmVEFnLihgeEG8A%3D%3D&uniformat=true&callback=Ya%5B9631411024974%5D
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cstatic.weborama.fr/js/topics/topics.js(Line 10)
Message:
Unrecognized feature: 'browsing-topics'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
an.yandex.ru
bsd.frontend.weborama.fr
cdn.jsdelivr.net
cm.g.doubleclick.net
cstatic.weborama.fr
ds.frontend.weborama.fr
dx.frontend.weborama.com
fcgi5.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gnezdoruanalytics.solution.weborama.fr
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
mc.webvisor.org
mc.yandex.ru
news.2xclick.ru
news.gnezdo.ru
p.crm4d.com
pixel.tapad.com
rd.frontend.weborama.fr
stats.g.doubleclick.net
sync.smartadserver.com
wam-google.solution.weborama.fr
www.google-analytics.com
www.google.com
www.google.se
yastatic.net
zn2.gnezdo.news
104.16.88.20
142.250.181.226
142.250.181.234
142.250.185.132
142.250.186.131
145.239.211.22
172.217.23.99
178.154.131.217
185.148.37.79
185.83.142.19
185.86.139.114
216.58.212.142
34.107.182.139
34.111.131.239
34.111.205.194
34.149.247.216
35.190.24.218
35.227.248.159
35.244.174.68
67.220.228.202
74.125.133.157
80.239.201.44
87.250.250.90
87.250.251.119
91.216.195.18
93.184.221.133
93.95.100.117
93.95.99.151
01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07dff4294d7bce1593b3247b02972ba60bb4132aa18daccad3d4e6cc5752cff7
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0d8e4fb34e351793dc2a209094eafb26db343d2bda39f9ecdd62cd65281c732b
146cf0f46027121c37ec63209f3adf33d31f6dbf7b25fa5e3f7c771a14139837
17aaf9309748e9da229fc45998b8995f912e3d9599d93e73b7ba4402101ea3bb
1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6
1f0ce2a0bd61ac89f3f54722b1876bc598895f0cb8ff3addf5594d16542a4100
20f18380c292adf28349a11dc4fb3865714488bed77419ebc5f907cac22c16fd
295beed51d4e3ae8a6087b0af30dcc0093d8a498d7d48ad909c8f1d96316ca9b
343dc911fa35037f18ef296ed9b0392ab393729b163e89345b283c48ccbb2a13
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
386347b32d1c20291681b877cd61d438637d3d959210ad1b94f83c7014a471fa
38ae87178f71332dbcae793c850eedc9424733257e213a1009dfa9a53ffc6ef0
3cf6952661c411edab6b566170f4fe561dec2689a8f61db7a41760a6b1dec85a
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44697c94e4fb48c39354eb432fd60c0bd60c39bdc358e9f2ca2369ebdc505b0e
528f7aac0e024a13198fcaf269f76cb6f7e24089319de15f9993d46e9950a436
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e54a9bc2d28a88e7e6d212e692821e07f601185ee5b5e972355a8bbcd9f3cd
679c798fd4e7e8b2e875df662470ae6a0e01f5d8490a8d22bca5d419b30987cd
68ba2fc5583d97e65c356f62a2dc7440f1af8f3e35c80739a910a3cfa16c6f0c
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
736b04e75aad7f9e077b34c0d4ce4dd260c3d586efeb4a0d572bc2f86724d2cb
765a31aa8c860dc346f929d7f6f103018487b3f50683297bc1ca0ee9b485ac9b
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
852e37ac44dab7846ddfac9f5e07eda80059ff907373269a0ef82e3e45031e46
8e0cf3d4fca37915b6610dd4606e10b30aa49bd8c0a4534b6ed23d5209e55b90
91a23159638a846a426eb990ec53821e49518e78924d10f45ee5178ba44de83b
95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4
9723d3b4739b4479c707ca62252f55f096956028fb47fb18767daf11d3f96a90
9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5
9dba201359b32eb8f2606a56896ec674074f2f479544a16f4e310f9db987f802
a265735ccf8150ce06ab39ec231ce8001759a54e7be3582c98b422fc97c07345
a2c68e2102a75b29b86e21df3afed3d355400708566759f8a7e546047aec7eda
ae664b3d2eb82eab3e5df67af987d1b769486c366926ee79afcd88eadc3efaac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2256e9293d0c8e2ae403168a63a745100635694ffbc3ba6597a852363b89b23
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f
b8ea3abdd1602e823c4dd5266f82a2174f4314bded3b2e2319c8c4271038fb51
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
be450e094e932689916b0c110039b96d637600afba33dd944f6de2e5785c9d52
c079ec0d8d8e7f30048ac0bfe52c3ffc0b41b21924867edb849c194980395324
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db
dd0ef40944f18ed3626a27382f1721626f12a18a3992f95275fc332eeb7cd42c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d3d5e79c6c3971916ebb40d8f16c3d584efe53669023273eeca33928178bfe
f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3
fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9