Submitted URL: http://www.domofond.ru/
Effective URL: https://www.domofond.ru/?domofond
Submission: On November 23 via manual from US — Scanned from DE

Summary

This website contacted 49 IPs in 9 countries across 35 domains to perform 80 HTTP transactions. The main IP is 146.158.52.9, located in Czech Republic and belongs to AVITO, RU. The main domain is www.domofond.ru.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 25th 2022. Valid for: a year.
This is the only time www.domofond.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 146.158.48.9 201012 (AVITO)
10 146.158.52.9 201012 (AVITO)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 146.158.48.128 44546 (ALFATELECOM)
4 146.158.48.208 44546 (ALFATELECOM)
2 146.158.54.168 44546 (ALFATELECOM)
2 163.171.128.148 54994 (QUANTILNE...)
4 5 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.2.146 44788 (ASN-CRITE...)
2 138.201.14.3 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 146.158.48.7 44546 (ALFATELECOM)
1 146.158.54.148 201012 (AVITO)
2 146.158.54.188 44546 (ALFATELECOM)
1 146.158.48.148 201012 (AVITO)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 182.161.74.16 55569 (CRITEO-AS...)
3 178.250.2.151 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.192.2.142 16509 (AMAZON-02)
1 1 142.250.186.34 15169 (GOOGLE)
2 2 185.89.210.180 29990 (ASN-APPNEX)
1 2 172.64.154.237 13335 (CLOUDFLAR...)
1 2 52.212.100.153 16509 (AMAZON-02)
1 104.79.88.129 16625 (AKAMAI-AS)
1 70.42.32.159 22075 (AS-OUTBRAIN)
1 69.173.144.139 26667 (RUBICONPR...)
1 3.123.115.183 16509 (AMAZON-02)
1 185.86.139.115 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
1 37.157.4.25 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
1 2 176.34.205.255 16509 (AMAZON-02)
1 162.19.138.118 16276 (OVH)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.74.101.32 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 72.247.157.213 16625 (AKAMAI-AS)
1 34.252.59.114 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 54.72.57.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.18.206.73 16509 (AMAZON-02)
80 49
Apex Domain
Subdomains
Transfer
27 domofond.ru
www.domofond.ru
st12.domofond.ru
st01.domofond.ru
st84.domofond.ru
st46.domofond.ru
api.domofond.ru
st21.domofond.ru
st94.domofond.ru
st81.domofond.ru
st06.domofond.ru
st76.domofond.ru
st48.domofond.ru
st17.domofond.ru
st33.domofond.ru
st93.domofond.ru
st67.domofond.ru
1 MB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 381
mug.criteo.com — Cisco Umbrella Rank: 2612
sslwidget.criteo.com — Cisco Umbrella Rank: 1499
widget.eu.criteo.com — Cisco Umbrella Rank: 18001
dis.criteo.com — Cisco Umbrella Rank: 639
13 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
42 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
132 KB
4 retailrocket.net
cdn.retailrocket.net — Cisco Umbrella Rank: 62658
tracking.retailrocket.net — Cisco Umbrella Rank: 64038
71 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 189
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 288
508 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 624
851 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1257
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 83
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
20 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1748
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 539
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1640
220 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3769
522 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 1656
183 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1199
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2265
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 492
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 745
235 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1380
163 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 344
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1637
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1106
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 562
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 502
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 314
239 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 670
145 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 537
784 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 293
72 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7898
792 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
27 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
49 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 601
14 KB
80 35
Domain Requested by
11 www.domofond.ru 1 redirects www.domofond.ru
5 pagead2.googlesyndication.com www.domofond.ru
tpc.googlesyndication.com
5 gum.criteo.com 4 redirects static.criteo.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 dpm.demdex.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 securepubads.g.doubleclick.net www.googletagservices.com
www.domofond.ru
2 api.domofond.ru www.domofond.ru
2 tracking.retailrocket.net cdn.retailrocket.net
www.domofond.ru
2 cdn.retailrocket.net www.domofond.ru
2 www.google-analytics.com www.domofond.ru
1 s.thebrighttag.com
1 www.google.com tpc.googlesyndication.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 criteo-partners.tremorhub.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 sync.outbrain.com
1 contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 x.bidswitch.net
1 8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 widget.eu.criteo.com www.domofond.ru
1 sslwidget.criteo.com 1 redirects
1 stats.g.doubleclick.net www.domofond.ru
1 st67.domofond.ru www.domofond.ru
1 st93.domofond.ru www.domofond.ru
1 st33.domofond.ru www.domofond.ru
1 st17.domofond.ru www.domofond.ru
1 st48.domofond.ru www.domofond.ru
1 st76.domofond.ru www.domofond.ru
1 st06.domofond.ru www.domofond.ru
1 st81.domofond.ru www.domofond.ru
1 st94.domofond.ru www.domofond.ru
1 st21.domofond.ru www.domofond.ru
1 www.googletagservices.com www.domofond.ru
1 mug.criteo.com www.domofond.ru
1 st46.domofond.ru www.domofond.ru
1 st84.domofond.ru www.domofond.ru
1 st01.domofond.ru www.domofond.ru
1 st12.domofond.ru www.domofond.ru
1 www.googletagmanager.com www.domofond.ru
1 static.criteo.net www.domofond.ru
80 60

This site contains links to these domains. Also see Links.

Domain
vk.com
www.odnoklassniki.ru
www.youtube.com
zen.yandex.ru
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
*.domofond.ru
Thawte TLS RSA CA G1
2022-01-25 -
2023-01-28
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-08 -
2023-02-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.retailrocket.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-27 -
2023-05-31
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-10-31 -
2023-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.de
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2022-11-06 -
2023-11-28
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.sharethrough.com
Amazon
2022-07-14 -
2023-08-12
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
teads.tv
R3
2022-10-27 -
2023-01-25
3 months crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-05-18 -
2023-06-16
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.id5-sync.com
R3
2022-11-09 -
2023-02-07
3 months crt.sh
itm.ivitrack.com
R3
2022-10-06 -
2023-01-04
3 months crt.sh
exchange.mediavine.com
Amazon
2022-07-06 -
2023-08-04
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-15
a year crt.sh
*.ads.yieldmo.com
Amazon
2022-06-02 -
2023-07-01
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.domofond.ru/?domofond
Frame ID: 199626C05EA4BB2758AA62194A5EFDAE
Requests: 50 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.domofond.ru&origin=onetag
Frame ID: A3DD4560AFC6CF891BFC0A0EB10528C4
Requests: 2 HTTP requests in this frame

Frame: https://8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF8246516A194C3A8ECAFAAC10A9276A
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kTtQ18X2z6aLJepwSeODEhq8tBXml5tIYqYg9Q&expires=30
Frame ID: ECB443EF98FE44ABC7134F051136FD97
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5387FC027A1AA7E459F524858132BD44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02966BA5A37962F1B5BDA9A0FA309C2D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Продажа и аренда недвижимости : Domofond.ru

Page URL History Show full URLs

  1. http://www.domofond.ru/ HTTP 302
    https://www.domofond.ru/?domofond Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

80
Requests

85 %
HTTPS

27 %
IPv6

35
Domains

60
Subdomains

49
IPs

9
Countries

1789 kB
Transfer

5069 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.domofond.ru/ HTTP 302
    https://www.domofond.ru/?domofond Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://gum.criteo.com/sid/json?origin=onetag&domain=domofond.ru&sn=ChromeSyncframe&so=0&topUrl=www.domofond.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=RDTmXHxPUmtyN0hpMzlkZFdmSVRyOG5lNHMzbytWUm1kc2pML1IrelZrd2M4OUp4WWVuQ01VTDZKaHc5NkJ3WE9LRUltQStRNGJDVHcwd0pXOXBGZ0F6MWtXTTRZbTQzQStTYkhrUTRBNklWUGNpTVVoQ3ZJREJ0aG0xcGhVNDRhUTM1SEtmQmtBMGp5VjJMYW5lZXdSTitVaWhqRXdqMjdLdnhhY0RQT2tUWjFiYzdibVBKMytNUkxSd2k2dTN1RkRZdU8yR09Dazh1MXpzeGY5ZEhEejUrQk01THRSaVJIYS95d2JTQkdNcjJFVmhySkVURFdOZlJMODRWTmRQNFB1N3RDdUpOcGg2RzJnb2pEUE0wZlZSenZrQT09fA&cppv=2
Request Chain 38
  • https://sslwidget.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293 HTTP 302
  • https://widget.eu.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_cm&google_hm=ay11M2QtamNYMno2YUxKZXB3U2VPREVocTh0QlZFb3R6cmx1dWhYQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_gid=CAESEMAW2CC4VVWUhDCmS2BoQrQ&google_cver=1&google_ula=913071,0
Request Chain 52
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8816548972910309475
Request Chain 53
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA&C=1
Request Chain 54
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
Request Chain 63
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw&verify=true
Request Chain 66
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
Request Chain 74
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WnlqYuKIHQCvaRrxQ7QW5N1UKK1WTveb
Request Chain 77
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Y7Ytx9kjibnhnnKAv4JD_BEJaLHxQ4Ch

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.domofond.ru/
Redirect Chain
  • http://www.domofond.ru/
  • https://www.domofond.ru/?domofond
173 KB
44 KB
Document
General
Full URL
https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR / Express
Resource Hash
f95adccf0663425023b8af4f4c5716c46f987c0b6439582ae2d5c839ac4b9998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 23 Nov 2022 19:22:40 GMT
Keep-Alive
timeout=15
Server
QRATOR
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
etag
W/"2b2d4-spv8NOoYhvMqj/szk7ys0PUw8DI"
x-envoy-upstream-service-time
110
x-powered-by
Express
x-request-id
33103505-ec84-49a1-8d08-9c6c158dcfa1

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Wed, 23 Nov 2022 19:22:39 GMT
Keep-Alive
timeout=15
Location
https://www.domofond.ru/?domofond
Server
QRATOR
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
ld.js
static.criteo.net/js/ld/
42 KB
14 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 08 Nov 2022 15:05:46 GMT
server
nginx
etag
W/"636a704a-a8d9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Nov 2022 19:22:40 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 23 Nov 2022 17:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7071
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 23 Nov 2022 19:24:49 GMT
ui.desktop.a7d7f591b219a45e652e.css
www.domofond.ru/build/
115 KB
32 KB
Stylesheet
General
Full URL
https://www.domofond.ru/build/ui.desktop.a7d7f591b219a45e652e.css
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b9a05746fd8873c51fd711d39b869214930c7d4d3951c81e1b0c372f5a619009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:55 GMT
Server
QRATOR
etag
W/"63639c5b-1cbcf"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
x-envoy-upstream-service-time
19
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
ab502566-0b70-429f-ac44-f8bb2225cd93
styles.desktop.eb93242d7af49e102bce.css
www.domofond.ru/build/
301 KB
73 KB
Stylesheet
General
Full URL
https://www.domofond.ru/build/styles.desktop.eb93242d7af49e102bce.css
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
071c00fcc888eda82100ec82b489faadd1fc96e4bcefd7d6dd817947322d88ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:48:01 GMT
Server
QRATOR
etag
W/"63639c61-4b27e"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
x-envoy-upstream-service-time
10
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
37cef40e-2eb5-4bbc-8701-804474f05afa
vendor.desktop.e06fce3c4a52085d35ca.js
www.domofond.ru/build/
208 KB
61 KB
Script
General
Full URL
https://www.domofond.ru/build/vendor.desktop.e06fce3c4a52085d35ca.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b7af873e25665ff42dcfe12392bad38939a07cc6cc5eac14cabdcaa3b912d1b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:48:01 GMT
Server
QRATOR
etag
W/"63639c61-34143"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
18
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
5476d4c0-e9d3-4b5e-bf11-dff537db41e5
ui.desktop.a7d7f591b219a45e652e.js
www.domofond.ru/build/
330 KB
77 KB
Script
General
Full URL
https://www.domofond.ru/build/ui.desktop.a7d7f591b219a45e652e.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
40df67df4e6b0f692c04047842520977aba8fec4f425d94da5915a2080574b13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:48:01 GMT
Server
QRATOR
etag
W/"63639c61-527de"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
9
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
9dda0d8c-8d82-40fb-895a-007ea6bb2588
gtm.js
www.googletagmanager.com/
129 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MZPV7N
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1d8236c8c7eb44ab4e1a414bb61f63af0568c023c2117dc8d07a0949f3d0e3b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49872
x-xss-protection
0
last-modified
Wed, 23 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 23 Nov 2022 19:22:40 GMT
1.6WFCIba24Yn2QkRK92qnC2XcR4jygIeJNIFH.j3W_RsJuA8L6fuYwDv9w6FKBkpAuV7wDuzd7I8EOcPw
st12.domofond.ru/image/1/
16 KB
16 KB
Image
General
Full URL
https://st12.domofond.ru/image/1/1.6WFCIba24Yn2QkRK92qnC2XcR4jygIeJNIFH.j3W_RsJuA8L6fuYwDv9w6FKBkpAuV7wDuzd7I8EOcPw
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.128 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
3f8ee094d6325a6ab3838224055dddd7ca129ae059568922afc1ee80aa5a1255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:40 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
15914
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
20c4b004ds80864e54-5df4ab451af89c014f
content-length
15914
1.OHeDYLa2MJ83A5VcNgk9U52elp4zwVaf9cCW.ljAPfBGKxRvVa3p3hBZgzDUi9NTtN0uGW0ZaYVtkKDM
st01.domofond.ru/image/1/
22 KB
22 KB
Image
General
Full URL
https://st01.domofond.ru/image/1/1.OHeDYLa2MJ83A5VcNgk9U52elp4zwVaf9cCW.ljAPfBGKxRvVa3p3hBZgzDUi9NTtN0uGW0ZaYVtkKDM
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.128 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
5602cd1eaaaf369fb995b07a067109f745b9d6b3b178c64190d63a52114cc633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:40 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
22050
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
d203ab5ddl3c3c4b19-83520955d4f7e9015a
content-length
22050
1.yQPmJLa2wetSR2QoUy-XJOLaZ-pWhafrkIRn.3-OpgS1-aiWLlLdV1aFRDDRYlXl727JYeaueLbVjoVQ
st84.domofond.ru/image/1/
15 KB
15 KB
Image
General
Full URL
https://st84.domofond.ru/image/1/1.yQPmJLa2wetSR2QoUy-XJOLaZ-pWhafrkIRn.3-OpgS1-aiWLlLdV1aFRDDRYlXl727JYeaueLbVjoVQ
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.208 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
4b68bef6c9dbb1d0ebea39e6a160b6b35a50f96bcda34904c9ec7d2b56896e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:40 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
14972
cache-control
public,max-age=7776000
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.avito.ru, https://m.avito.ru, https://www.domofond.ru
avito-whiff
3dd3ffdedla4e69687-0844c9daca4dc10527
content-length
14972
1.e8k1kLa2cyGB89bigP9Hpw1t1SCFMRUhQzDV.zF-nf3F6Nm517D1qAbzceeU4xhENYxGrQdKMTgtAvCk
st46.domofond.ru/image/1/
18 KB
18 KB
Image
General
Full URL
https://st46.domofond.ru/image/1/1.e8k1kLa2cyGB89bigP9Hpw1t1SCFMRUhQzDV.zF-nf3F6Nm517D1qAbzceeU4xhENYxGrQdKMTgtAvCk
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.54.168 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
c24e6cc3be7abd60db0f0bf8e299f60681d990e0daed8a3bacc966adafc9fe22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:40 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
18375
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
ef43e481ixcade936c-85a2e787d5aadc031b
content-length
18375
rub.png
www.domofond.ru/static/images/gid/main/
2 KB
2 KB
Image
General
Full URL
https://www.domofond.ru/static/images/gid/main/rub.png
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
27aa83819f29eaa1837456a877686bcaa56ef548f3b9eab4ab3a8e142396d401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:52 GMT
Server
QRATOR
etag
W/"63639c58-67f"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
x-envoy-upstream-service-time
8
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
663bff4d-a0c2-4956-a6f2-e36d8a8fd35f
reports.png
www.domofond.ru/static/images/gid/main/
10 KB
11 KB
Image
General
Full URL
https://www.domofond.ru/static/images/gid/main/reports.png
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
da0aff4248e503812c4439af7ed830a5c552c024533726b4c77bed976001912e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:58 GMT
Server
QRATOR
etag
W/"63639c5e-2970"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
x-envoy-upstream-service-time
6
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
b12a8106-a6a5-4fad-bef7-e0378cb70149
documents.png
www.domofond.ru/static/images/gid/main/
1 KB
2 KB
Image
General
Full URL
https://www.domofond.ru/static/images/gid/main/documents.png
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
7c6dbf2ac080248eac108b6d4cb199e65e10c30cd095dfe87b10e223f378d1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:53 GMT
Server
QRATOR
etag
W/"63639c59-5b9"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
x-envoy-upstream-service-time
7
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
df31b319-8379-4693-babd-bc09194faa2a
main.desktop.eb93242d7af49e102bce.js
www.domofond.ru/build/
2 MB
555 KB
Script
General
Full URL
https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
34c5cc0a6f805e515af1d674aaed4eab56d83a2d597b0468c4f65dc53ba17c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:57 GMT
Server
QRATOR
etag
W/"63639c5d-264636"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
40
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
98766741-a3f0-46ce-a2bc-c320366a24a2
tracking.js
cdn.retailrocket.net/content/javascript/
69 KB
70 KB
Script
General
Full URL
https://cdn.retailrocket.net/content/javascript/tracking.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
9d6d297069f0c1bb1165f52fa52da19b84997686dd44d4360d7885642eaae008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
x-amz-version-id
4DwZeQOQFP046UoJv2oyjviE5ta9n0SY
X-Content-Type-Options
nosniff
x-amz-request-id
TT27VGSG7FVGRVVY
Age
1
X-Via
1.1 PSdgflkfFRA1je97:5 (Cdn Cache Server V2.0)
Connection
keep-alive
Content-Length
70637
x-amz-id-2
frVqE6YDWwIlUKWRoj0jmKobW8kwDgbNxSMlRiZMasdgAUR/g59Q/mSfH/u/7OGr7CUGarDjtOU=
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Nov 2022 12:53:40 GMT
Server
nginx
ETag
"9c6e15025432c292723c5965e045372c"
X-Frame-Options
SAMEORIGIN
X-Ws-Request-Id
637e7300_PSdgflkfFRA1vg90_10765-25976
Content-Type
application/javascript
Cache-Control
max-age=300
home_banner.jpg
www.domofond.ru/static/images/
263 KB
262 KB
Image
General
Full URL
https://www.domofond.ru/static/images/home_banner.jpg
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.52.9 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
5c0eb5a128fde5001b950224dc74aaaa3ca90f5c42e4f5fa11015da2e66ba8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/?domofond
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:40 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
last-modified
Thu, 03 Nov 2022 10:47:53 GMT
Server
QRATOR
etag
W/"63639c59-41d21"
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
x-envoy-upstream-service-time
8
Connection
keep-alive
Keep-Alive
timeout=15
X-XSS-Protection
1; mode=block
x-request-id
a8b20111-0e45-47e2-86d1-d039a16cd2f3
syncframe
gum.criteo.com/ Frame A3DD
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.domofond.ru&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.domofond.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 19:22:40 GMT
server
Kestrel
server-processing-duration-in-ticks
712375
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afb977f2f99c21f6f09b324d821400d8d9916577f2f860b5cd51709179561e15

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4bed5c5c9ccd56214a7c78747044195268b203f4160f132a6605c119a5796bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
620 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f18a115222437b352fb0df4a11761f7ca09b43eaf732818e5ab17f84d755d648

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
sid
mug.criteo.com/ Frame A3DD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=domofond.ru&sn=ChromeSyncframe&so=0&topUrl=www.domofond.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=RDTmXHxPUmtyN0hpMzlkZFdmSVRyOG5lNHMzbytWUm1kc2pML1IrelZrd2M4OUp4WWVuQ01VTDZKaHc5NkJ3WE9LRUltQStRNGJDVHcwd0pXOXBGZ0F6MWtXTTRZbTQzQStTYkhrUTRBNklWUGNpTVVoQ3ZJREJ0aG0xcG...
433 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=RDTmXHxPUmtyN0hpMzlkZFdmSVRyOG5lNHMzbytWUm1kc2pML1IrelZrd2M4OUp4WWVuQ01VTDZKaHc5NkJ3WE9LRUltQStRNGJDVHcwd0pXOXBGZ0F6MWtXTTRZbTQzQStTYkhrUTRBNklWUGNpTVVoQ3ZJREJ0aG0xcGhVNDRhUTM1SEtmQmtBMGp5VjJMYW5lZXdSTitVaWhqRXdqMjdLdnhhY0RQT2tUWjFiYzdibVBKMytNUkxSd2k2dTN1RkRZdU8yR09Dazh1MXpzeGY5ZEhEejUrQk01THRSaVJIYS95d2JTQkdNcjJFVmhySkVURFdOZlJMODRWTmRQNFB1N3RDdUpOcGg2RzJnb2pEUE0wZlZSenZrQT09fA&cppv=2
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f43fe00e5712727d272f78c5926d1da7432b675565a29d18d253121dffde0923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3490307
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=RDTmXHxPUmtyN0hpMzlkZFdmSVRyOG5lNHMzbytWUm1kc2pML1IrelZrd2M4OUp4WWVuQ01VTDZKaHc5NkJ3WE9LRUltQStRNGJDVHcwd0pXOXBGZ0F6MWtXTTRZbTQzQStTYkhrUTRBNklWUGNpTVVoQ3ZJREJ0aG0xcGhVNDRhUTM1SEtmQmtBMGp5VjJMYW5lZXdSTitVaWhqRXdqMjdLdnhhY0RQT2tUWjFiYzdibVBKMytNUkxSd2k2dTN1RkRZdU8yR09Dazh1MXpzeGY5ZEhEejUrQk01THRSaVJIYS95d2JTQkdNcjJFVmhySkVURFdOZlJMODRWTmRQNFB1N3RDdUpOcGg2RzJnb2pEUE0wZlZSenZrQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
565416
content-length
0
expires
0
5a097b2cc7d010afd4bfba6d
tracking.retailrocket.net/1.0/event/initialize/
74 B
451 B
XHR
General
Full URL
https://tracking.retailrocket.net/1.0/event/initialize/5a097b2cc7d010afd4bfba6d?&_nocache=16692313606870.83296907409863
Requested by
Host: cdn.retailrocket.net
URL: https://cdn.retailrocket.net/content/javascript/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.14.3 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.3.14.201.138.clients.your-server.de
Software
nginx /
Resource Hash
a54aa6b96c35e424d0917cac8c71889d46d9a77bb1e1412cf51423294f617537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.domofond.ru
cache-control
no-store,no-cache
access-control-allow-credentials
true
x-xss-protection
1; mode=block
gpt.js
www.googletagservices.com/tag/js/
78 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1401 / 741 of 1000 / last-modified: 1669205225"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 23 Nov 2022 19:22:41 GMT
rpc
api.domofond.ru/
62 KB
14 KB
Fetch
General
Full URL
https://api.domofond.ru/rpc
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.48.7 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
QRATOR /
Resource Hash
c83688caf222cba0e49c41567834d20f87c145e2546f187ff5126082e6fff6c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.domofond.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
x-envoy-upstream-service-time
61
Connection
keep-alive
X-XSS-Protection
1; mode=block
x-request-id
40d9403e-2f69-4e1f-95a2-39b8ffaa97d6
Server
QRATOR
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET, POST
Content-Type
application/json
access-control-allow-origin
https://www.domofond.ru
X-Frame-Options
SAMEORIGIN
access-control-allow-credentials
true
Keep-Alive
timeout=15
access-control-allow-headers
X-PINGOTHER, Content-Type, X-Request-Id
collect
www.google-analytics.com/j/
4 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=316776277&t=pageview&_s=1&dl=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&dp=%2F%3Fdomofond&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%20%D0%B8%20%D0%B0%D1%80%D0%B5%D0%BD%D0%B4%D0%B0%20%D0%BD%D0%B5%D0%B4%D0%B2%D0%B8%D0%B6%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D0%B8%20%3A%20Domofond.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=1757663149&gjid=1805709503&cid=179398499.1669231360&tid=UA-46373805-1&_gid=852330988.1669231360&_r=1&_slc=1&cd17=Desktop&cd21=New&cd22=bannerOptionA&z=279308393
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.domofond.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.domofond.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rpc
api.domofond.ru/
77 B
731 B
Fetch
General
Full URL
https://api.domofond.ru/rpc
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.158.48.7 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
QRATOR /
Resource Hash
a787e40546a26b0c8e75af6ebcea7b697cb8995eb17a8934da9cd5c1d828811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.domofond.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
x-envoy-upstream-service-time
6
Connection
keep-alive
X-XSS-Protection
1; mode=block
x-request-id
031bda9d-2b04-45b6-a197-db48dc648799
Server
QRATOR
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET, POST
Content-Type
application/json
access-control-allow-origin
https://www.domofond.ru
X-Frame-Options
SAMEORIGIN
access-control-allow-credentials
true
Keep-Alive
timeout=15
access-control-allow-headers
X-PINGOTHER, Content-Type, X-Request-Id
1.gL-v87axvlcbsCjcHOrft9AmLlYdRipU.jM-ffyb6szh3RBEaMQm4XUUo0CiuNWupwEkGnLsVe7Q
st21.domofond.ru/image/1/
17 KB
17 KB
Image
General
Full URL
https://st21.domofond.ru/image/1/1.gL-v87axvlcbsCjcHOrft9AmLlYdRipU.jM-ffyb6szh3RBEaMQm4XUUo0CiuNWupwEkGnLsVe7Q
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.54.148 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
nginx /
Resource Hash
c78e1a4bf98b6c6a85104739131c66936598473eee0ac619f0a42c164df0ab0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
17418
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
5cad52bdixcb4d6d7c-3d25ab66a14606026c
content-length
17418
1.4-cxSbax3Q-FCkuEghbF5E6cTQ6D_EkM.8-TNdk7-Hgqhf0Kwf2_1bRqPbv-RPxbzU_ilqA7ZEyY
st94.domofond.ru/image/1/
22 KB
22 KB
Image
General
Full URL
https://st94.domofond.ru/image/1/1.4-cxSbax3Q-FCkuEghbF5E6cTQ6D_EkM.8-TNdk7-Hgqhf0Kwf2_1bRqPbv-RPxbzU_ilqA7ZEyY
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.208 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
0c13c9f30d030c0250da9d89517f4d66afa51ae3cdf9b2184a25d96e167ef90b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
22297
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
62796a33dl08bffbe8-d37f75bcebb42e0572
content-length
22297
1.WAkfvraxZuGr_fBqrJcQfh5v9uCtC_Li.R4ubFjC3mFu7fOVboQ9V-vdCq7rLZs3p64l5m-ybihY
st81.domofond.ru/image/1/
4 KB
5 KB
Image
General
Full URL
https://st81.domofond.ru/image/1/1.WAkfvraxZuGr_fBqrJcQfh5v9uCtC_Li.R4ubFjC3mFu7fOVboQ9V-vdCq7rLZs3p64l5m-ybihY
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.208 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
f0e169fee8ebafda850dbdd65445f16858f3be57fbbcd7a2ea8c15f1a6da1d3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
MISS
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
4533
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
99c503a0dl1ae03b11-1328f15891d35e05fc
content-length
4533
1.RztRCraxedPlSe9Y4h0_PhXb6dLjv-3Q.eLjo_UTfSxNqTlZ3l7oVJp6s3nkNDTNpl-YNyKM_eVw
st06.domofond.ru/image/1/
34 KB
34 KB
Image
General
Full URL
https://st06.domofond.ru/image/1/1.RztRCraxedPlSe9Y4h0_PhXb6dLjv-3Q.eLjo_UTfSxNqTlZ3l7oVJp6s3nkNDTNpl-YNyKM_eVw
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.128 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
0f267dc923e34c1cb38e5d35f049f9755a02b6dd76a2a0e2db068abcc11f1794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
MISS
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
34566
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
89235a5edl8241130a-b1befa940b30c601cb
content-length
34566
1.cbHImLaxT1l829nSe-NZtNpJ31h6Ldta.MROtmgdAUz9y19H1hX3wlZ-sg-jxO3dcLoAbSP7WAzw
st76.domofond.ru/image/1/
9 KB
9 KB
Image
General
Full URL
https://st76.domofond.ru/image/1/1.cbHImLaxT1l829nSe-NZtNpJ31h6Ldta.MROtmgdAUz9y19H1hX3wlZ-sg-jxO3dcLoAbSP7WAzw
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.54.188 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
9d143f8ef2ce6de1c2d1304f144ebc4d1e8a924851dcbbc59a82269885e51eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
9302
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
6c9616fbix7fba6d4a-6ebd9f76a661e5042e
content-length
9302
1.oXsekLaxn5Oq0wkYrcv-YGFFD5KsJQuQ.r_08TwQQ3VtV5AC_udkneI8PczuRbmTcvCqb_Nwjce0
st48.domofond.ru/image/1/
12 KB
12 KB
Image
General
Full URL
https://st48.domofond.ru/image/1/1.oXsekLaxn5Oq0wkYrcv-YGFFD5KsJQuQ.r_08TwQQ3VtV5AC_udkneI8PczuRbmTcvCqb_Nwjce0
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.54.168 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
9bed24084bd7041d0ec41ee4984f14495e3fd306d585b77d73ff2bc44e66c84c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
12259
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
047bb1dfix6353419c-276aa492e77c1d03b7
content-length
12259
1.3J5JE7ax4nb9UHT9-jLy3E7Dcnf7pnZ1.iUnQeq2itq6enWTnz9z5isFa5fXWIWy1cG_kRAKo6gk
st17.domofond.ru/image/1/
38 KB
38 KB
Image
General
Full URL
https://st17.domofond.ru/image/1/1.3J5JE7ax4nb9UHT9-jLy3E7Dcnf7pnZ1.iUnQeq2itq6enWTnz9z5isFa5fXWIWy1cG_kRAKo6gk
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.128 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
b8ca5d059ede0dbf28e6eb6922b6365b0d10426effb2e493a3a1c0e27225f283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
38557
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
2729b864dl75f6d335-08ce8f0b3343bc0101
content-length
38557
1.7JJJE7ax0nr9UETx-lLO0E7DQnv7pkZ5.eXPyzzwFYXv_X627KoF8bYANcOYCNrbqklXH7cUsXwE
st33.domofond.ru/image/1/
20 KB
20 KB
Image
General
Full URL
https://st33.domofond.ru/image/1/1.7JJJE7ax0nr9UETx-lLO0E7DQnv7pkZ5.eXPyzzwFYXv_X627KoF8bYANcOYCNrbqklXH7cUsXwE
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.148 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software
nginx /
Resource Hash
1a347aec50c1f3fcdbbf28f26166d23c52ac3e7818521eb5492082fda2d4ebd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
20350
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
85ce8056dla988078a-ef473e328d61930215
content-length
20350
1.kI_iuraxrmdW-TjsUYOPgZ1vPmZQDzpk.EKToEsJ44e6H_3MG9Nm5Euab1HJRcavkSEQ-0IHIEVo
st93.domofond.ru/image/1/
24 KB
25 KB
Image
General
Full URL
https://st93.domofond.ru/image/1/1.kI_iuraxrmdW-TjsUYOPgZ1vPmZQDzpk.EKToEsJ44e6H_3MG9Nm5Euab1HJRcavkSEQ-0IHIEVo
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.48.208 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
ba8fcb7703c90fc1cec3ec6a2bb3e2b4ade3f69cfb42a0df6e8091b03e877a77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
24958
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
8f0db3ebdl36e90dc8-5397ebea683b5405e2
content-length
24958
1.VjW43LaxaN0Mn_5WC-k2Z7wM-NwKafze.Z3iW1Tgfudv9zpSLgbM_Zva2z5ptH_8m2TaEKeK44og
st67.domofond.ru/image/1/
26 KB
26 KB
Image
General
Full URL
https://st67.domofond.ru/image/1/1.VjW43LaxaN0Mn_5WC-k2Z7wM-NwKafze.Z3iW1Tgfudv9zpSLgbM_Zva2z5ptH_8m2TaEKeK44og
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.158.54.188 , Czech Republic, ASN44546 (ALFATELECOM, CZ),
Reverse DNS
Software
nginx /
Resource Hash
9fc56ff8f93b0be6e94e26e0a283328869828f93ba3ca886cd66b3b8a8ec2600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

avito-cache-status
HIT
date
Wed, 23 Nov 2022 19:22:41 GMT
server
nginx
vary
Origin
avito-x-origin-image-router
1
content-type
image/jpeg
length
26195
cache-control
public,max-age=7776000,public
access-control-allow-origin
https://www.domofond.ru
timing-allow-origin
https://www.domofond.ru
avito-whiff
11e6a498ix8dd34c03-b0bde1e4f5cb20043e
content-length
26195
collect
stats.g.doubleclick.net/j/
1 B
439 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46373805-1&cid=179398499.1669231360&jid=1757663149&gjid=1805709503&_gid=852330988.1669231360&_u=aEBAAEAAAAAAACAAI~&z=561450308
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.domofond.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 23 Nov 2022 19:22:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.domofond.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
widget.eu.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JM...
  • https://widget.eu.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JM...
8 KB
4 KB
Script
General
Full URL
https://widget.eu.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3f11cfe32a0c4b323fc92d24ecbf4d1d29efb11f0ffe6d8ad2fd6f11e6583a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9619469
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.eu.criteo.com/event?a=30476&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q&tld=domofond.ru&fu=https%253A%252F%252Fwww.domofond.ru%252F%253Fdomofond&dtycbr=4293
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5527879
timing-allow-origin
*
content-length
0
expires
0
5a097b2cc7d010afd4bfba6d
tracking.retailrocket.net/1.0/event/pageView/
2 B
265 B
XHR
General
Full URL
https://tracking.retailrocket.net/1.0/event/pageView/5a097b2cc7d010afd4bfba6d?&session=637e7301fc7824bd0ba83d0a&pvid=504322450027362&pageUrl=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&_no_cache_=1669231361059
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.14.3 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.3.14.201.138.clients.your-server.de
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.domofond.ru
access-control-allow-credentials
true
x-xss-protection
1; mode=block
5a097b2cc7d010afd4bfba6d
cdn.retailrocket.net/api/1.0/PushPartnerSettings/
78 B
594 B
XHR
General
Full URL
https://cdn.retailrocket.net/api/1.0/PushPartnerSettings/5a097b2cc7d010afd4bfba6d?format=json
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
ca1e51b137335d9bc710460b95c93e78a282fcfe7fbab4670b92665c1f5bd9a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:41 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
SAMEORIGIN
X-Ws-Request-Id
637e7301_PSdgflkfFRA1vg90_10816-30066
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control
public, max-age=300
X-Via
1.1 PS-FRA-01lai110:11 (Cdn Cache Server V2.0)
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
78
X-XSS-Protection
1; mode=block
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 18:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 18:44:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
88 B
704 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.domofond.ru
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
079fa011e93ea6f1a6115bc6c09f4a10590532a331f9aa331e0a9fbd1831fca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Wed, 23 Nov 2022 19:22:41 GMT
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.domofond.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.domofond.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
442 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=160958688875784&vrg=2022111501&nw_id=7870&nslots=2&pub_url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&sig=0&req=0&req_cnt=2&dm=8
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/?domofond
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
0
0

ads
securepubads.g.doubleclick.net/gampad/
0
0

container.html
8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF82
6 KB
3 KB
Document
General
Full URL
https://8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.domofond.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 19:22:41 GMT
expires
Thu, 23 Nov 2023 19:22:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: www.domofond.ru
URL: https://www.domofond.ru/build/main.desktop.eb93242d7af49e102bce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2872717f6b3dd6614f3ea134c787ca3bfee8b67c275da97c15af662d000e48a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11202
x-xss-protection
0
sync
x.bidswitch.net/ Frame ECB4
0
72 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-kTtQ18X2z6aLJepwSeODEhq8tBXml5tIYqYg9Q&expires=30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.2.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-2-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
no-cache, no-store, must-revalidate
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame ECB4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_cm&google_hm=ay11M2QtamNYMno2YUxKZXB3U2VPREVocTh0QlZFb3R6c...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_gid=CAESEMAW2CC4VVWUhDCmS2BoQrQ&google_cver=1&google_ula=913071,0
43 B
371 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_gid=CAESEMAW2CC4VVWUhDCmS2BoQrQ&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1191987
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-u3d-jcX2z6aLJepwSeODEhq8tBVEotzrluuhXA&google_gid=CAESEMAW2CC4VVWUhDCmS2BoQrQ&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame ECB4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8816548972910309475
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8816548972910309475
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1951014
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 19:22:42 GMT
AN-X-Request-Uuid
26f41cfb-55cf-4fda-93a2-e8df35c65f7b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8816548972910309475
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame ECB4
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA&C=1
43 B
871 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA&C=1
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E%2B0wvqVVCRx98BnYN%2FigKCZleim46oyKy%2FpNO%2B6ezkkI%2FFYCEyewZ7Yj9OVCM060pR7S8f8GhFWlNT7%2FzTW8D6awyjoljrzAqagvJdOX6SdSqkVOqHmabPanrVXUcruykAL"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
76ec4670bfd89a21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKl1d%2FflzvbQX3HQ%2Flymvnm8KPs7OEoKlJcRrP4Y3A%2Bi5iW8vs8noqbmsfSEGPbA6JZE2WWq5JtJiu4o2ZpVkUXW%2B58ejxi%2Bl62syaYr5sdOwLlwZP7%2B3WOKLaxTXODYD01i"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-XB9DlcX2z6aLJepwSeODEhq8tBVYgolxBh99sA&C=1
cache-control
no-cache
cf-ray
76ec46700def9b21-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
ad.360yield.com/ul_cb/ Frame ECB4
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
43 B
446 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
Protocol
H2
Server
52.212.100.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-100-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 23 Nov 2022 19:22:42 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-sLUSaMX2z6aLJepwSeODEhq8tBWpI_oEeUF3Ew
date
Wed, 23 Nov 2022 19:22:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame ECB4
45 B
784 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-CtReM8X2z6aLJepwSeODEhq8tBVX6TlakhPxaw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-129.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 23 Nov 2022 19:22:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 23 Nov 2022 19:22:42 GMT
cookie-sync
sync.outbrain.com/ Frame ECB4
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k--WOCHMX2z6aLJepwSeODEhq8tBUePfLv0Y3lag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Wed, 23 Nov 2022 19:22:42 GMT
Cache-Control
no-cache
X-TraceId
35647b56472f87ae107fe99f45f54b31
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame ECB4
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-PfkTG8X2z6aLJepwSeODEhq8tBWD2gNVgmBc5A&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame ECB4
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Bc1cNsX2z6aLJepwSeODEhq8tBWGLTg6xltmuw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.115.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-115-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
/
rtb-csync.smartadserver.com/redir/ Frame ECB4
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Je_LC8X2z6aLJepwSeODEhq8tBW9CGyCekbWtg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame ECB4
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-4dVgWcX2z6aLJepwSeODEhq8tBUee65VloybXA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22948
um
criteo-sync.teads.tv/ Frame ECB4
23 B
172 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-OWduj8X2z6aLJepwSeODEhq8tBWxtpMx1yM_Pw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires
Wed, 23 Nov 2022 19:22:42 GMT
pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame ECB4
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-yVWud8X2z6aLJepwSeODEhq8tBUyvtWSxROJMw&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame ECB4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw&verify=true
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Q5SRA8X2z6aLJepwSeODEhq8tBVnasB54BWdkw&verify=true
date
Wed, 23 Nov 2022 19:22:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame ECB4
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-NfnG0sX2z6aLJepwSeODEhq8tBX5LfJN8JfGrQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
last-modified
Wed, 11 Oct 2017 14:26:30 GMT
server
nginx
accept-ranges
bytes
etag
"59de2a16-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame ECB4
49 B
235 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-HW5DY8X2z6aLJepwSeODEhq8tBX6cQUk9WUWDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
demconf.jpg
dpm.demdex.net/ Frame ECB4
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
Protocol
HTTP/1.1
Server
176.34.205.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-205-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0135a6b4d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dlGM6JrZTtU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-078a58cff.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GgKyvbPiREc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=vLJ6peJYIF68Bkj6aSm67akY8ly4rqr-
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame ECB4
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-t4D6v8X2z6aLJepwSeODEhq8tBWhYy2zmY_19A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 23 Nov 2022 19:22:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
matching.ivitrack.com/ Frame ECB4
42 B
274 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-BBwTecX2z6aLJepwSeODEhq8tBWel5YAgGMFEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame ECB4
0
884 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-9PUHd8X2z6aLJepwSeODEhq8tBWZafmxMlt_Sg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.101.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-101-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
sync
criteo-partners.tremorhub.com/ Frame ECB4
43 B
183 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-X-cErcX2z6aLJepwSeODEhq8tBWcjkNT8XvJKA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 23 Nov 2022 19:22:43 GMT
server
Apache-Coyote/1.1
content-type
image/gif
m
ad.yieldlab.net/ Frame ECB4
0
522 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-qv88dcX2z6aLJepwSeODEhq8tBUoN53yfKWINw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
72.247.157.213 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-157-213.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 23 Nov 2022 19:22:42 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 22 Nov 2022 19:22:42 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame ECB4
43 B
220 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-6Iy498X2z6aLJepwSeODEhq8tBWfNMT2vQt40Q&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.59.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-59-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 23 Nov 2022 19:22:42 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 23 Nov 2022 19:22:42 GMT
usermatch.gif
beacon.krxd.net/ Frame ECB4
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WnlqYuKIHQCvaRrxQ7QW5N1UKK1WTveb
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WnlqYuKIHQCvaRrxQ7QW5N1UKK1WTveb
Protocol
H2
Server
54.72.57.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-57-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
beacon-n011-dub-prod.krxd.net
date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=52 t=1669231361
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=WnlqYuKIHQCvaRrxQ7QW5N1UKK1WTveb
date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1589529
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5387
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.domofond.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 18:58:20 GMT
expires
Thu, 23 Nov 2023 18:58:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0296
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
516c44bf8da8e2daae38155c951d637e56f9455313d0f71120881c9297ff5b88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-go7NmeFlR2VETE93zP40CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.domofond.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-go7NmeFlR2VETE93zP40CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 19:22:43 GMT
expires
Wed, 23 Nov 2022 19:22:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cs
s.thebrighttag.com/ Frame ECB4
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Y7Ytx9kjibnhnnKAv4JD_BEJaLHxQ4Ch
35 B
268 B
Image
General
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Y7Ytx9kjibnhnnKAv4JD_BEJaLHxQ4Ch
Protocol
H2
Server
3.18.206.73 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-206-73.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Nov 2022 19:22:43 GMT
x-bt-requestid
341c6090-6b64-11ed-9c15-0000ac170070
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=Y7Ytx9kjibnhnnKAv4JD_BEJaLHxQ4Ch
date
Wed, 23 Nov 2022 19:22:42 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1382331
content-length
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 5387
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:14:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 16:14:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0296
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=160958688875784&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 5387
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?fA1UDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 19:22:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=160958688875784&bg=!oqGloeXNAAbvMpMzzzI7ACkAdvg8Wlv8OEhCD7vcXXKEtDZ1lD7S8ga2ONZIzNaO7Ez7eTNW8kQ63wIAAABTUgAAAAhoAQcKANiaKJ98kkJhYT9DLAZkt4OD1bZ6afbNszLJgL_L4UnxPiqQZB16HNkqHsgKE_nNHaufyXG1W20n_luqn_ax9aU_Pk1qR_QRPdnCjhyP4VI059K8luovst2VPPEIToj7GFErwPBVb3DsOGWXGea00CJgyRntC-4NqKUQ_PUej4yQU7PlyfCydBgVsFfC3kM9LRDStWYnnrDSZSPzS5RNGgLtL7DzGjESUEocJUj1cMmWQn5stMtmf5k7GpKq3NeHRcI31sA3NnV0PJBrNU9_jJn2ELhWx3gQZNGZAqz5xTsmxy4cUkz5bdxVJZOXzNnjIl9kLZApHwkhau4WZR-YV5S_ZFm2Aoy4MmaoCqTTPuaP-Oi-AyhqXCHmzLYlDfqc99UaroHepZLGifr3CsT86Rgi1Vb48bTp4ngSK-97S82lvDlKA6gNYpDqxOcjNAO3ggw22POweq23KIV-PNpxooFluICmx_MYVEnm0Z5qPgnqNQYEfdBRL4fT-DrqNL0qNCb44Vr1AOkAKUJiwX9BQGT9kT6kDoL7ML-Ddaa1qVgPLAaXmQdOOLINHSNxvXl4MMO3hS-pidYGhTiP7JCDVgQWgqniyr6wBqgIbGa2iY5gvIRG2MT8I1Au7hfqAeFpT-2QEyoLJ5abcoilLzfkeJuzhjWGLWaLT7SMAtylLdfIsNIl36vpPVgiO8fQeCJJvDzYoXsv1S3GM2PoTBS_8hyK1A02Mc2UfmyYu1pTapJcNTSAa_uTbdx5MIhO-lmw4Yl1uoaAvxoZ7NlJtd3Kr_1cqBXcR-AbqjANGXMpsPJrdB6sJ840LyD6ITqxn-3stUQV8CHw-quT_ZqfIQRSLkqJVt34XVQbU6jYoE7u7TYnCd4mFE84Gu2sENYvp_yg5mPaw4Kcf4mgRNISarENbygpe51fQzxYmZOY918qWdGkH5K6UY7RbnLK32u_jS9HZ8pz5bN5OW26enB5PR99b17quJ28a4cYJf-IxypaWSUJ_AP3Qy5zovBlGbR8_kyMiH0igNbEhfmH3OZA84nlJZoruQL00j9A1thRZxajhbyYrloNCdOVkDXZb8H5qOUsPnItJv6quS4QilYLJNftjJD-6kTHAHvmGOVtORYp2rlpzd7aZ0WBYWsVEqiZGu1AQT7mIkHo_PUKeBPF7_wLYNTQLPYOsFFlKImRkpDEdAAlYr-lOE6LVV0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.domofond.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cdesktop_superbanner_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=964x250%7C970x90%7C728x90&ifi=1&adks=746316736&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361325&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=318&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x2802&msz=1600x0&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cmain_button&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=150x50&ifi=2&adks=3863473930&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361331&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=1450&adys=5&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x60&msz=150x50&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer object| criteo_q function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __INITIAL_DATA__ string| __IMAGESURL__ string| rrPartnerId object| rrApi object| rrApiOnReady object| webpackJsonp object| google_tag_manager object| retailrocket object| rrLibrary undefined| errorModel undefined| request object| rcApi object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_image_requests object| GoogleGcLKhOms

40 Cookies

Domain/Path Name / Value
.domofond.ru/ Name: dfuid
Value: 0049996d-be67-45ff-99dd-98a437d62720
.domofond.ru/ Name: _ga
Value: GA1.2.179398499.1669231360
.domofond.ru/ Name: _gid
Value: GA1.2.852330988.1669231360
.criteo.com/ Name: uid
Value: d8798e72-2b3a-4246-9b8b-98c76f53da76
.domofond.ru/ Name: rr-testCookie
Value: testvalue
.domofond.ru/ Name: rrpvid
Value: 504322450027362
.domofond.ru/ Name: _gat
Value: 1
.domofond.ru/ Name: cto_bundle
Value: Em7JEl9tbW5DWWRXRFVHY3NmVCUyQmZtRHRpNjcxemRFQTklMkZmY2JMa0pMd3Eyd2VDMVV4V2NjSlM2VGFlSFZ5SUZYWGtidXdwR3NzZHlJNng1UWxuYndHTUZoaEtVQUU1U3lBTUtIcWxyc3puJTJCNlNVNEElMkZ2b29xYklYOXV6RFJBRGpIJTJGOVFNZTZ5dW5wdm9HWjRJcU5tbWQlMkZVVlElM0QlM0Q
.retailrocket.net/ Name: rcuid
Value: 637e7301fc7824bd0ba83d0a
.domofond.ru/ Name: rcuid
Value: 637e7301fc7824bd0ba83d0a
.doubleclick.net/ Name: IDE
Value: AHWqTUkZyuLP6Yj_OBDzQEKapxqzi-JOqDaskjhdf6I8bAZtULuZ8ZJ1i1IF7nL2Xe0
.adnxs.com/ Name: uuid2
Value: 8816548972910309475
.casalemedia.com/ Name: CMID
Value: Y35zAqLoP-.5l5s6JcUsjgAA
.casalemedia.com/ Name: CMPS
Value: 1138
.casalemedia.com/ Name: CMPRO
Value: 1138
.media.net/ Name: visitor-id
Value: 3122329627575485000V10
.media.net/ Name: data-c-ts
Value: 1669231362
.media.net/ Name: data-c
Value: k-CtReM8X2z6aLJepwSeODEhq8tBVX6TlakhPxaw~~3
.360yield.com/ Name: tuuid
Value: 2229cab3-1e6f-4133-b213-11296b99c3df
.360yield.com/ Name: tuuid_lu
Value: 1669231362
.360yield.com/ Name: um
Value: !38,eqfMrEs.-r5kA9xFmCVuvtKVS2DiIpIQgzEj0D7Qlj.j-xL8defUy7pADCwI5pLyebuY4b5A,1677007362
.360yield.com/ Name: umeh
Value: !38,0,1731439362,-1
.demdex.net/ Name: demdex
Value: 46697114976847338204138215056115376134
.casalemedia.com/ Name: CMTS
Value: 2219
.dpm.demdex.net/ Name: dpm
Value: 46697114976847338204138215056115376134
.yahoo.com/ Name: A3
Value: d=AQABBAJzfmMCEEGfHd83rQAvylKjyKRxcRwFEgEBAQHEf2OIYwAAAAAA_eMAAA&S=AQAAAjKTO5mVUNv1eBPMabNfV50
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~28gj
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2233cbf6a0-6b64-11ed-94de-f97458f09563%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-9PUHd8X2z6aLJepwSeODEhq8tBWZafmxMlt_Sg%22%2C%22version%22%3A%22criteo%22%7D
.yieldlab.net/ Name: id
Value: f10cba82-326e-4aa4-9ffe-807ae9f1ae9d
.krxd.net/ Name: _kuid_
Value: PN3BwWVH

4 Console Messages

Source Level URL
Text
javascript error URL: https://www.domofond.ru/?domofond
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cdesktop_superbanner_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=964x250%7C970x90%7C728x90&ifi=1&adks=746316736&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361325&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=318&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x2802&msz=1600x0&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true' from origin 'https://www.domofond.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cdesktop_superbanner_top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=964x250%7C970x90%7C728x90&ifi=1&adks=746316736&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361325&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=318&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x2802&msz=1600x0&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.domofond.ru/?domofond
Message:
Access to XMLHttpRequest at 'https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cmain_button&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=150x50&ifi=2&adks=3863473930&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361331&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=1450&adys=5&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x60&msz=150x50&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true' from origin 'https://www.domofond.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=160958688875784&correlator=4137299420461971&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=7870%2CDF%2CMain%2CRoot%2CSearch%2Cmain_button&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=150x50&ifi=2&adks=3863473930&sfv=1-0-40&prev_scp=platformDF%3Ddesktop%26cityIdDf%3D3584%26regionIdDf%3Dnull%26propertyType%3Dapartment%26parType%3Dapartment%26itemType%3Dsale%26isDevelopment%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1669231361331&lmt=1669231361&dlt=1669231360143&idt=1149&adxs=1450&adys=5&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.domofond.ru%2F%3Fdomofond&frm=20&vis=1&psz=1600x60&msz=150x50&fws=0&ohw=0&ga_vid=179398499.1669231360&ga_sid=1669231361&ga_hid=316776277&ga_fc=true
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8fdbf36af4be374008d48025c966824d.safeframe.googlesyndication.com
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
api.domofond.ru
beacon.krxd.net
cdn.retailrocket.net
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
securepubads.g.doubleclick.net
sslwidget.criteo.com
st01.domofond.ru
st06.domofond.ru
st12.domofond.ru
st17.domofond.ru
st21.domofond.ru
st33.domofond.ru
st46.domofond.ru
st48.domofond.ru
st67.domofond.ru
st76.domofond.ru
st81.domofond.ru
st84.domofond.ru
st93.domofond.ru
st94.domofond.ru
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tpc.googlesyndication.com
tracking.retailrocket.net
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.eu.criteo.com
www.domofond.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
securepubads.g.doubleclick.net
104.111.242.245
104.79.88.129
138.201.14.3
141.226.228.48
142.250.186.34
146.158.48.128
146.158.48.148
146.158.48.208
146.158.48.7
146.158.48.9
146.158.52.9
146.158.54.148
146.158.54.168
146.158.54.188
162.19.138.118
163.171.128.148
172.64.154.237
176.34.205.255
178.250.2.146
178.250.2.151
18.192.2.142
182.161.74.16
185.255.84.152
185.86.139.115
185.89.210.180
2600:1f18:612b:4264:d47e:9b8d:b43d:b5ab
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638:1::3
3.123.115.183
3.126.56.137
3.18.206.73
3.74.101.32
34.117.157.22
34.252.59.114
37.157.4.25
52.212.100.153
54.72.57.83
69.173.144.139
70.42.32.159
72.247.157.213
76.223.111.18
071c00fcc888eda82100ec82b489faadd1fc96e4bcefd7d6dd817947322d88ae
079fa011e93ea6f1a6115bc6c09f4a10590532a331f9aa331e0a9fbd1831fca5
0c13c9f30d030c0250da9d89517f4d66afa51ae3cdf9b2184a25d96e167ef90b
0f267dc923e34c1cb38e5d35f049f9755a02b6dd76a2a0e2db068abcc11f1794
1a347aec50c1f3fcdbbf28f26166d23c52ac3e7818521eb5492082fda2d4ebd0
1d8236c8c7eb44ab4e1a414bb61f63af0568c023c2117dc8d07a0949f3d0e3b9
27aa83819f29eaa1837456a877686bcaa56ef548f3b9eab4ab3a8e142396d401
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34c5cc0a6f805e515af1d674aaed4eab56d83a2d597b0468c4f65dc53ba17c34
3f11cfe32a0c4b323fc92d24ecbf4d1d29efb11f0ffe6d8ad2fd6f11e6583a6e
3f8ee094d6325a6ab3838224055dddd7ca129ae059568922afc1ee80aa5a1255
40df67df4e6b0f692c04047842520977aba8fec4f425d94da5915a2080574b13
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b68bef6c9dbb1d0ebea39e6a160b6b35a50f96bcda34904c9ec7d2b56896e53
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516c44bf8da8e2daae38155c951d637e56f9455313d0f71120881c9297ff5b88
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602cd1eaaaf369fb995b07a067109f745b9d6b3b178c64190d63a52114cc633
5c0eb5a128fde5001b950224dc74aaaa3ca90f5c42e4f5fa11015da2e66ba8ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c6dbf2ac080248eac108b6d4cb199e65e10c30cd095dfe87b10e223f378d1eb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9bed24084bd7041d0ec41ee4984f14495e3fd306d585b77d73ff2bc44e66c84c
9d143f8ef2ce6de1c2d1304f144ebc4d1e8a924851dcbbc59a82269885e51eec
9d6d297069f0c1bb1165f52fa52da19b84997686dd44d4360d7885642eaae008
9fc56ff8f93b0be6e94e26e0a283328869828f93ba3ca886cd66b3b8a8ec2600
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a54aa6b96c35e424d0917cac8c71889d46d9a77bb1e1412cf51423294f617537
a787e40546a26b0c8e75af6ebcea7b697cb8995eb17a8934da9cd5c1d828811a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb977f2f99c21f6f09b324d821400d8d9916577f2f860b5cd51709179561e15
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2872717f6b3dd6614f3ea134c787ca3bfee8b67c275da97c15af662d000e48a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7af873e25665ff42dcfe12392bad38939a07cc6cc5eac14cabdcaa3b912d1b5
b8ca5d059ede0dbf28e6eb6922b6365b0d10426effb2e493a3a1c0e27225f283
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
b9a05746fd8873c51fd711d39b869214930c7d4d3951c81e1b0c372f5a619009
ba8fcb7703c90fc1cec3ec6a2bb3e2b4ade3f69cfb42a0df6e8091b03e877a77
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c24e6cc3be7abd60db0f0bf8e299f60681d990e0daed8a3bacc966adafc9fe22
c78e1a4bf98b6c6a85104739131c66936598473eee0ac619f0a42c164df0ab0a
c83688caf222cba0e49c41567834d20f87c145e2546f187ff5126082e6fff6c2
ca1e51b137335d9bc710460b95c93e78a282fcfe7fbab4670b92665c1f5bd9a7
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4bed5c5c9ccd56214a7c78747044195268b203f4160f132a6605c119a5796bc
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
da0aff4248e503812c4439af7ed830a5c552c024533726b4c77bed976001912e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e169fee8ebafda850dbdd65445f16858f3be57fbbcd7a2ea8c15f1a6da1d3d
f18a115222437b352fb0df4a11761f7ca09b43eaf732818e5ab17f84d755d648
f43fe00e5712727d272f78c5926d1da7432b675565a29d18d253121dffde0923
f95adccf0663425023b8af4f4c5716c46f987c0b6439582ae2d5c839ac4b9998