ponominalu.ru Open in urlscan Pro
213.108.128.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ponominalu.ru/
Effective URL:
https://ponominalu.ru/
Submission: On October 26 via manual (October 26th 2022, 11:52:35 pm UTC) from CA — Scanned from CA

Summary HTTP 140 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 59 IPs in 6 countries across 52 domains to perform 140 HTTP transactions. The main IP is 213.108.128.54, located in Moscow, Russian Federation and belongs to MTS, RU. The main domain is ponominalu.ru.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 15th 2022. Valid for: a year.

This is the only time ponominalu.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	213.108.128.54 213.108.128.54	8359 (MTS) (MTS)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
3	2607:f8b0:400... 2607:f8b0:4006:816::2008	15169 (GOOGLE) (GOOGLE)
1	77.238.96.5 77.238.96.5	199599 (CIREX) (CIREX)
3	84.252.130.113 84.252.130.113	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
7	23.111.96.44 23.111.96.44	39134 (UNITEDNET) (UNITEDNET)
9	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
3 4	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
4	23.36.1.98 23.36.1.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
5	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2620:100:a001... 2620:100:a001::17	19750 (AS-CRITEO) (AS-CRITEO)
1	2a02:2638::22 2a02:2638::22	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1 3	195.209.108.37 195.209.108.37	52007 (ADRIVER-AS) (ADRIVER-AS)
2	212.41.26.148 212.41.26.148	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	46.254.20.215 46.254.20.215	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
3	5.189.239.194 5.189.239.194	49505 (SELECTEL) (SELECTEL)
1	195.209.108.36 195.209.108.36	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.132 68.67.160.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.247.240.231 34.247.240.231	16509 (AMAZON-02) (AMAZON-02)
1 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.3.184.194 52.3.184.194	14618 (AMAZON-AES) (AMAZON-AES)
1	23.195.108.24 23.195.108.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.21.246.162 52.21.246.162	14618 (AMAZON-AES) (AMAZON-AES)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	104.36.115.109 104.36.115.109	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.84.171.38 54.84.171.38	14618 (AMAZON-AES) (AMAZON-AES)
1	199.187.193.199 199.187.193.199	47043 (SMARTADSE...) (SMARTADSERVER)
1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.197.21.93 23.197.21.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 2	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
1	202.241.208.57 202.241.208.57	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	52.41.101.164 52.41.101.164	16509 (AMAZON-02) (AMAZON-02)
1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.230.222.9 3.230.222.9	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:c4e3:3eb9:eebf:6813	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	44.206.182.6 44.206.182.6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2600:9000:220... 2600:9000:2209:d200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:141b:13:... 2600:141b:13::172f:91aa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	100.24.185.7 100.24.185.7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.82.147.58 35.82.147.58	16509 (AMAZON-02) (AMAZON-02)
140	59

23 213.108.128.54 (Moscow, Russian Federation) 1 redirects

ASN8359 (MTS, RU)

ponominalu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.238.96.5 (Moscow, Russian Federation)

ASN199599 (CIREX, RU)
PTR: 5-96-238-77.host.cirex.ru

www.ticketland.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.252.130.113 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

api.mindbox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.111.96.44 (Russian Federation)

ASN39134 (UNITEDNET, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servers4.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::c (United States) 3 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.1.98 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-1-98.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::17 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::22 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.37 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.41.26.148 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

code.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.254.20.215 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: adv-cake.ru

server.adv-cake.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.189.239.194 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

www.gdeslon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clicks.gdeslon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.108.36 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ad-tst.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.132 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.240.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-240-231.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.184.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-184-194.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.108.24 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-108-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.246.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-246-162.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.171.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-171-38.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.199 (Canada)

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.21.93 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-21-93.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.87.114 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.41.101.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-101-164.us-west-2.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.222.9 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-222-9.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:c4e3:3eb9:eebf:6813 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.182.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-182-6.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:d200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::172f:91aa (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.185.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-185-7.compute-1.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.147.58 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-147-58.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ponominalu.ru 1 redirects ponominalu.ru	576 KB
11	adriver.ru 1 redirects content.adriver.ru — Cisco Umbrella Rank: 37280 ad.adriver.ru — Cisco Umbrella Rank: 18931 servers4.adriver.ru — Cisco Umbrella Rank: 132155 ad-tst.adriver.ru — Cisco Umbrella Rank: 153256	55 KB
10	gstatic.com fonts.gstatic.com	128 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2786 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 widget.eu.criteo.com — Cisco Umbrella Rank: 22716 dis.criteo.com — Cisco Umbrella Rank: 679	13 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	109 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	3 KB
6	google.ca www.google.ca — Cisco Umbrella Rank: 9257	951 B
6	google.com www.google.com — Cisco Umbrella Rank: 2	951 B
6	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 9135 ad.mail.ru — Cisco Umbrella Rank: 9746	18 KB
5	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3510	131 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 872	94 KB
4	vk.com vk.com — Cisco Umbrella Rank: 5752	47 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 586 i6.liadm.com — Cisco Umbrella Rank: 2244	1 KB
3	gdeslon.ru www.gdeslon.ru — Cisco Umbrella Rank: 874640 clicks.gdeslon.ru — Cisco Umbrella Rank: 271402	4 KB
3	mindbox.ru api.mindbox.ru — Cisco Umbrella Rank: 47897	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	150 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 717	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	507 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	738 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	853 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	1 KB
2	acstat.com code.acstat.com — Cisco Umbrella Rank: 207874 hit.acstat.com — Cisco Umbrella Rank: 114939	10 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	468 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2495	280 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2159	407 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 1865	531 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 236	668 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2682	274 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 702	661 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 539	557 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1104	386 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1201	875 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	287 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1296	232 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	688 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	280 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	787 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	308 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	969 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 570	786 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1867	232 B
1	adv-cake.ru server.adv-cake.ru	246 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	1 KB
1	mts.ru tech.rtb.mts.ru — Cisco Umbrella Rank: 31436
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 680	14 KB
1	ticketland.ru www.ticketland.ru	870 B
140	52

	Domain	Requested by
23	ponominalu.ru	1 redirects ponominalu.ru
10	fonts.gstatic.com	fonts.googleapis.com
9	www.google-analytics.com	ponominalu.ru www.googletagmanager.com www.google-analytics.com
6	www.google.ca	ponominalu.ru
6	www.google.com	ponominalu.ru
5	stats.g.doubleclick.net	www.google-analytics.com
5	top-fwz1.mail.ru	ponominalu.ru
5	mc.yandex.ru	1 redirects ponominalu.ru
4	analytics.tiktok.com	ponominalu.ru analytics.tiktok.com
4	gum.criteo.com	3 redirects static.criteo.net
4	content.adriver.ru	ponominalu.ru ad.adriver.ru content.adriver.ru
4	vk.com	ponominalu.ru
3	servers4.adriver.ru	ponominalu.ru
3	ad.adriver.ru	1 redirects ponominalu.ru
3	api.mindbox.ru	ponominalu.ru
3	www.googletagmanager.com	ponominalu.ru
2	dpm.demdex.net	1 redirects
2	s.ad.smaato.net	1 redirects
2	i.liadm.com	2 redirects
2	ups.analytics.yahoo.com	1 redirects
2	eb2.3lift.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	www.gdeslon.ru	code.acstat.com www.gdeslon.ru
2	www.facebook.com	ponominalu.ru
2	connect.facebook.net	ponominalu.ru connect.facebook.net
1	sync-criteo.ads.yieldmo.com
1	ade.clmbtech.com
1	criteo-partners.tremorhub.com
1	trends.revcontent.com
1	c.bing.com
1	i6.liadm.com
1	matching.ivitrack.com
1	ads.stickyadstv.com
1	tags.bluekai.com
1	visitor.omnitagjs.com
1	tg.socdm.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	clicks.gdeslon.ru	www.gdeslon.ru
1	ad-tst.adriver.ru	ponominalu.ru
1	hit.acstat.com	ponominalu.ru
1	server.adv-cake.ru	ponominalu.ru
1	code.acstat.com	ponominalu.ru
1	ad.mail.ru	ponominalu.ru
1	widget.eu.criteo.com	ponominalu.ru
1	sslwidget.criteo.com	1 redirects
1	fonts.googleapis.com	ponominalu.ru
1	mug.criteo.com	ponominalu.ru
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tech.rtb.mts.ru	ponominalu.ru
1	static.criteo.net	ponominalu.ru
1	www.ticketland.ru	ponominalu.ru
140	65

This site contains links to these domains. Also see Links.

Domain
sova.ponominalu.ru
itunes.apple.com

Subject Issuer	Validity	Valid
*.ponominalu.ru GlobalSign RSA OV SSL CA 2018	`2022-03-15` - `2023-04-16`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.ticketland.ru R3	`2022-09-29` - `2022-12-28`	3 months	crt.sh
*.mindbox.ru Go Daddy Secure Certificate Authority - G2	`2022-03-16` - `2023-04-17`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.rtb.mts.ru Thawte RSA CA 2018	`2021-12-21` - `2023-01-19`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.acstat.com R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
server.adv-cake.ru R3	`2022-04-17` - `2022-07-16`	3 months	crt.sh
*.gdeslon.ru R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.omnitagjs.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-19` - `2023-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
revcontent.com Amazon	`2022-06-16` - `2023-07-16`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
colombiaonline.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://ponominalu.ru/
Frame ID: 8D09F3D27766F929E5252955B533B8A1
Requests: 111 HTTP requests in this frame

Frame: https://tech.rtb.mts.ru/
Frame ID: C83B66D70BBC11C8CDE0319DEC41EBF0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ponominalu.ru&origin=onetag
Frame ID: 985219EC4BDC583FD2D9B51A93B3D87F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5ED1D1D874E1B7F485D8E05A68A19EFB
Requests: 1 HTTP requests in this frame

Frame: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&5386463&0&0&278&149.56.153.186&merle&1
Frame ID: AA8C0F37B402F78DE4700C88D4C1A077
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30
Frame ID: F5C1569CBED9F9FA2A2B42B6AE793B68
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Билеты Пономиналу — ни сборов, ни наценки!

Page URL History Show full URLs

http://ponominalu.ru/ HTTP 301
https://ponominalu.ru/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*id="__nuxt"
/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

140
Requests

89 %
HTTPS

34 %
IPv6

52
Domains

65
Subdomains

59
IPs

6
Countries

1500 kB
Transfer

4517 kB
Size

96
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://sova.ponominalu.ru/
Title: Ежедневное издание «Сова»

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ru/app/bilety-na-koncerty-ponominalu.ru/id572036396?mt=8
Title: App Store

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ponominalu.ru/ HTTP 301
https://ponominalu.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=onetag&domain=ponominalu.ru&sn=ChromeSyncframe&so=0&topUrl=ponominalu.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=flfdjHwydXJtbHlwNlBpcGUxOGNiYVJzL0I1SU4wd25tVm5mRUxkYnkxNzNQcUhzR3dNakZ1YzNLOTNaOUhFbWVDa1BLdUJCZWN2S0RxQzRSMVNPc1ZFTG9OVHNPTVN4UGRQY0wwZThmWHMraXlucG1zU3ZXV2RLeHBVWGpyTW03dEN2TlVieTdtb0dwMHl5SDdaM2pUYW9CZWtoWG9mTDBBR0crUkR3RHZGbGJsVFBvUzFBTDBKWk1EQis0TjI1MThKTndFQVFNV2JsaHVuOHRLc25jV0liNisvTWJOV1VxYzBhMnVWNHdPYktPbWFFUFltdFhkSjQ0N1lvSzJmcVlZZW1HLzFLd05nVTVRcTVIdEtkUGFHS1JLUT09fA&cppv=2

Request Chain 76

https://mc.yandex.ru/watch/2917771?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A651778461129%3Ahid%3A358255645%3Az%3A0%3Ai%3A20221026235229%3Aet%3A1666828349%3Ac%3A1%3Arn%3A889970930%3Arqn%3A1%3Au%3A16668283491024691002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C293%2C138%2C276%2C615%2C0%2C%2C317%2C0%2C%2C%2C%2C1973%3Acpf%3A1%3Ans%3A1666828346826%3Arqnl%3A1%3Ast%3A1666828349%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/2917771/1?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A651778461129%3Ahid%3A358255645%3Az%3A0%3Ai%3A20221026235229%3Aet%3A1666828349%3Ac%3A1%3Arn%3A889970930%3Arqn%3A1%3Au%3A16668283491024691002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C293%2C138%2C276%2C615%2C0%2C%2C317%2C0%2C%2C%2C%2C1973%3Acpf%3A1%3Ans%3A1666828346826%3Arqnl%3A1%3Ast%3A1666828349%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 87

https://sslwidget.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNPM1RHMFlqckdwTkQ2JTJGS1ZWc0JMQWdUdnBZTnRucVpmNUdBVng2aFUlMkY4QjBkajBDQ2VYcjBUTUdqdkhsUTFzTFpDeFVvZ2FmWktXOG5odkd4MlE2TDhlM25DNHltc0lJWkpFVEF6ZzlRNEFpbUklMkZ4MVElM0QlM0Q&tld=ponominalu.ru&fu=https%253A%252F%252Fponominalu.ru%252F&dtycbr=36167 HTTP 302
https://widget.eu.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNPM1RHMFlqckdwTkQ2JTJGS1ZWc0JMQWdUdnBZTnRucVpmNUdBVng2aFUlMkY4QjBkajBDQ2VYcjBUTUdqdkhsUTFzTFpDeFVvZ2FmWktXOG5odkd4MlE2TDhlM25DNHltc0lJWkpFVEF6ZzlRNEFpbUklMkZ4MVElM0QlM0Q&tld=ponominalu.ru&fu=https%253A%252F%252Fponominalu.ru%252F&dtycbr=36167

Request Chain 96

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996 HTTP 302
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996&tuid=-5066177086

Request Chain 115

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_cm&google_hm=ay1NMnJKMW5xbm1UU2tnYldMODR1b1VTUnU4Xzc0aTBFcDNrbEt4Zw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_gid=CAESEKAzWpl-1Al0-ggvfMpwIOI&google_cver=1&google_ula=913071,0

Request Chain 117

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8727410531749484197

Request Chain 119

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw&C=1

Request Chain 120

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA

Request Chain 130

https://eb2.3lift.com/xuid?mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 131

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA&verify=true

Request Chain 134

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=FWImUESwaMOyeeUmLIwYfXtC-1_0RlLC

Request Chain 137

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ&_li_chk=true&previous_uuid=7448608275e9407288b0b50511340181 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ

Request Chain 140

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ&cookieCheck=1

Request Chain 145

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS

140 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ponominalu.ru/
Redirect Chain

http://ponominalu.ru/
https://ponominalu.ru/

201 KB
35 KB

431ms
138ms

Document
text/html

213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

6d37aaff26dc50b46e555d58951244e3d7e309f57b423ad58c5a0a4e30bdb9ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 26 Oct 2022 23:52:27 GMT
expires: Thu, 27 Oct 2022 00:02:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache-status: STALE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 26 Oct 2022 23:52:27 GMT
Location: https://ponominalu.ru

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 452ms
157ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11eb5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73397
expires: Thu, 27 Oct 2022 00:52:28 GMT

GET
H2 200 9c2481387e9f47c6994ab13fe1e85cc9586f8135.jpg
ponominalu.ru/media/in/1350x720/ 60 KB
59 KB 281ms
279ms Image
image/jpeg 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponominalu.ru/media/in/1350x720/9c2481387e9f47c6994ab13fe1e85cc9586f8135.jpg

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

a61f8b05d397288ebe718137c19db87e9262922930376c12696e2cef6b43a084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 25 Jun 2020 15:16:11 GMT
etag: "5ef4bfbb-e95d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes, bytes
content-length: 59741
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 680ms
281ms Script
application/x-javascript 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?160
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
x-frontend: front225207
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Sun, 30 Oct 2022 23:52:28 GMT

GET
H2 200 adriver.core.2.js Show response
ponominalu.ru/ 6 KB
2 KB 280ms
279ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/adriver.core.2.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

1b748b2a19ea102ecb1c5116d2dab223a338064511efe1b955a5d0b1c7863b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:20:16 GMT
etag: W/"183e-1833adeaf80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 127ms
77ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36442360-15

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95754decdece636527db8ad19d70324f7b2c64bf0762d35bedefe45933fe008a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43635
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 22:59:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 101ms
51ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-36442360-7

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf690d2e62f771f4836e02cddd58667b4c8dca88d91fa6a47f474cb43ccf6a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43602
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 22:59:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2 200 fda.js Show response
www.ticketland.ru/static/nocache/js/ 1 KB
870 B 640ms
139ms Script
application/javascript 77.238.96.5
CIREX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ticketland.ru/static/nocache/js/fda.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

77.238.96.5 Moscow, Russian Federation, ASN199599 (CIREX, RU),

Reverse DNS

5-96-238-77.host.cirex.ru

Software

nginx /

Resource Hash

0b4c44df3366635bacaca69debd70b263b472ad38239661feefc8940a0afd484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
strict-transport-security: max-age=31536000;
content-encoding: gzip
last-modified: Tue, 25 Oct 2022 08:19:33 GMT
server: nginx
etag: W/"63579c15-5ee"
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK tracker.js Show response
api.mindbox.ru/scripts/v1/ 72 KB
21 KB 569ms
146ms Script
application/javascript 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/scripts/v1/tracker.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx /

Resource Hash

21723a349f5e89d03ecd836af2588d5347cd41f983246b4a1d7200460bfca2ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 23:52:28 GMT
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-amz-request-id: 9b8ce1b5a3cc4f65
transfer-encoding: chunked
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 20 Sep 2022 09:38:04 UTC
server: nginx
etag: W/"24473e5412c044b52e5ad196a0c69093"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-frame-options: DENY
content-type: application/javascript
cache-control: public,max-age=604800
feature-policy: vibrate 'self'

GET
H2 200 styles.css
ponominalu.ru/_nuxt/ 407 KB
55 KB 141ms
140ms Stylesheet
text/css 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/styles.css?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

f792526fa1a37eafb684e421d29bc210b606eb1dcdc853d17db83d2e98726d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-da71"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 55921
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 app.css
ponominalu.ru/_nuxt/ 46 KB
14 KB 278ms
277ms Stylesheet
text/css 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/app.css?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

02c2c6fc11267ecec77f5c6b8db011dcdfd5b555a27e0a595bb73e58eaf524a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-3645"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 13893
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 runtime.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 3 KB
2 KB 141ms
139ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

ebb0222e798766528c1fd854e98828e478e394ea0580ee1ef5d5e15354b4480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponominalu.ru/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-54f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1359
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 commons.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/node_modules/ 168 KB
58 KB 150ms
148ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/node_modules/commons.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

59e196cbc31bfac7cb5ebda2906309a5349b7bafc25668f6f14ffc9ad7709023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponominalu.ru/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
content-encoding: gzip
etag: W/"63218226-2a102"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 styles.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 747 KB
170 KB 152ms
151ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/styles.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

9d762ea467db66c02a25bfa9d5e4b0d0f7b5d48aebaf9cf739b0804134aa9044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponominalu.ru/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-2a6d9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 173785
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 app.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 440 KB
137 KB 287ms
286ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/app.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

93174d63a8acf2be2800eb32965154e583906b85ef7b329f977ae8e83a753914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ponominalu.ru/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-22301"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 140033
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 98ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Oct 2022 23:52:28 GMT

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 745ms
136ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
last-modified: Tue, 18 Oct 2022 10:33:30 GMT
server: nginx
etag: "634e80fa-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Thu, 27 Oct 2022 00:52:28 GMT

GET
H2 200 070208eea6ca69122f4a1360f6f1d88da825a9b1.jpg
ponominalu.ru/media/library/original/ 6 KB
6 KB 371ms
370ms Image
image/jpeg 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponominalu.ru/media/library/original/070208eea6ca69122f4a1360f6f1d88da825a9b1.jpg

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/styles.css?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

87834f1791047499d1e6ea306e3127c4728e2ce35655386ff70fe2a9404eb1f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/_nuxt/styles.css?build=00003147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2019 10:27:57 GMT
etag: W/"5c8789ad-17b6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2aee23e580e20a7eae628e3f758356a6974508d60e377a9203e3b523fde2b16c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 b000f6cb50e805f55a59680a42e0c11e1470fadc.jpg
ponominalu.ru/media/library/original/ 6 KB
6 KB 369ms
369ms Image
image/jpeg 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponominalu.ru/media/library/original/b000f6cb50e805f55a59680a42e0c11e1470fadc.jpg

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/styles.css?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

76b3bda7082d9d4d81bd203969c2d529c753951033cd8373dc7488107020f770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/_nuxt/styles.css?build=00003147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2019 10:28:32 GMT
etag: W/"5c8789d0-1778"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89b199cab9c3b3dc601d366faaa333a26eaaeb9b5a3a19038695fd8b01bf3786

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 e7ce8f04abce8a42e22704e6fb5268d7bd03d47c.jpg
ponominalu.ru/media/library/original/ 6 KB
6 KB 366ms
365ms Image
image/jpeg 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponominalu.ru/media/library/original/e7ce8f04abce8a42e22704e6fb5268d7bd03d47c.jpg

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/styles.css?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

75569be3804e61d5612fa7731ff4edf9b17f17c6d1278cbe9f3719dd28542f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/_nuxt/styles.css?build=00003147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2019 10:28:50 GMT
etag: W/"5c8789e2-1838"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 930 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f59df75b8e878b60686ee2ef9186a717e5bd4df180ada2ef7a17a44743e09d6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 62ff5159e66c9815835563441375e92ee3f1d3f7.jpg
ponominalu.ru/media/library/original/ 6 KB
6 KB 367ms
366ms Image
image/jpeg 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ponominalu.ru/media/library/original/62ff5159e66c9815835563441375e92ee3f1d3f7.jpg

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/styles.css?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

7beac6018d4928abb2e5d0d747752e921ec6217d0b9c0ab1bafdbd7d60fb6fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/_nuxt/styles.css?build=00003147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 12 Mar 2019 10:29:12 GMT
etag: W/"5c8789f8-17a8"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89a061aeab2a00ef4f61261f157044d27270a88a38f3448a82477d7b6a9b4b94

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 518 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c992775c4f98fa59a549cce6cee80ba961e8a076ba9653aa714421b5854a41dd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 181 KB
65 KB 57ms
56ms Script
application/javascript 2607:f8b0:4006:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MFVDM3

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

215e7c30ebbc2c3f0cec92da4ff648c855db5ca0cfad8c47e00520a524436c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66017
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 22:59:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 79ms
19ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 22:34:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4650
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 27 Oct 2022 00:34:58 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
14 KB 688ms
272ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

d3a5658442dc185ac523409a71942d994df1e015a7f15032c517c5e323879ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Mon, 17 Oct 2022 16:59:26 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"634d89ee-841a"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Thu, 27 Oct 2022 00:52:28 GMT

GET
H/1.1 204
No Content /
tech.rtb.mts.ru/ Frame C83B 0
0 546ms
137ms Document
text/html 213.87.44.187
MTSNET Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://tech.rtb.mts.ru/
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS: infrastructure-187-44.mts.ru
Software: nginx/1.20.2 /
Resource Hash

Request headers

Referer: https://ponominalu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 23:52:28 GMT
Server: nginx/1.20.2

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9852 15 KB
6 KB 78ms
27ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=ponominalu.ru&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ponominalu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 23:52:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 558493
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/985602121/ 2 KB
2 KB 88ms
38ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/985602121/?random=1666828348543&cv=11&fst=1666828348543&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fponominalu.ru%2F&tiba=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFVDM3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90ec6a7ae309538467bd0be975d59f7ffca8c89bb050fbb1e9ed6656be7b1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1013
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 128ms
37ms Script
application/javascript 23.36.1.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BQJU3DN3QM8FN6J79BSG
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.98 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2dca1e5f4d19fa689883bdf106954573a5c0d57b09d76375f48dae47ec55597

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 733d102a.39ad5dd
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-1-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 16,23.36.1.94
server-timing: cdn-cache; desc=MISS, edge; dur=10, origin; dur=7, inner; dur=4
content-length: 1385
pragma: no-cache
server: nginx
x-tt-logid: 20221026235228F169F1A0EF56969209C3
x-cache-remote: TCP_MISS from a23-220-105-83.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.105.83
x-tt-trace-host: 01e9de859ad2e33abbaf7df8cd5e2b0dec542a34d7900634e339abc61ec398c001a93e9d022ae840dc68143ecbd40ed36d18a16b71bed2cecf3bb93fc76e0766ab0d17f6c4b65981d9a903b16361021d40a6a348954234e2f3d5dfed52d4c4c70b
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 113 KB
44 KB 115ms
71ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-KT89QJ3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFVDM3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45252c16252eaa36b7ec9ae5354a6130e4a41185dec48a0d98832bbed221e559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 64ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 23:52:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nKxom7/ExQerZBiZc6Ghnr7v3GP5/Hdd58N81q6EzTIDoxR4VQWsiknRD/C/4Fx+8N4oPsLvav7dNlfQ37l71w==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
57 KB 320ms
319ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a1cf62faca35612e6efc3f6c593cd5c8f99cae0a6405e9e6adb624cb6e874c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-e1aa"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57770
expires: Thu, 27 Oct 2022 00:52:28 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 599ms
422ms Script
application/x-javascript 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?162
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
x-frontend: front225207
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Sun, 30 Oct 2022 23:52:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 63ms
33ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=415910025&t=pageview&_s=1&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAADQAAAAC~&jid=1798974873&gjid=1075970407&cid=1869228377.1666828349&tid=UA-36442360-13&_gid=863533573.1666828349&_r=1&_slc=1&cd1=1869228377.1666828349&z=475184852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 57ms
34ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=415910025&t=pageview&_s=1&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUADRAAAACAAI~&jid=150667372&gjid=809542223&cid=1869228377.1666828349&tid=UA-36442360-15&_gid=863533573.1666828349&_r=1&gtm=2ouaq0&z=810066183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 114 KB
44 KB 71ms
52ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KT89QJ3&t=gtag_UA_36442360_7&cid=1869228377.1666828349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85397c94af328df8f9d8ac32720b4df0ebc6a2038c316a2b1807565ad17c5e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45298
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9852
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=ponominalu.ru&sn=ChromeSyncframe&so=0&topUrl=ponominalu.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=flfdjHwydXJtbHlwNlBpcGUxOGNiYVJzL0I1SU4wd25tVm5mRUxkYnkxNzNQcUhzR3dNakZ1YzNLOTNaOUhFbWVDa1BLdUJCZWN2S0RxQzRSMVNPc1ZFTG9OVHNPTVN4UGRQY0wwZThmWHMraXlucG1zU3ZXV2RLeHBVWG...

425 B
649 B

98ms
26ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=flfdjHwydXJtbHlwNlBpcGUxOGNiYVJzL0I1SU4wd25tVm5mRUxkYnkxNzNQcUhzR3dNakZ1YzNLOTNaOUhFbWVDa1BLdUJCZWN2S0RxQzRSMVNPc1ZFTG9OVHNPTVN4UGRQY0wwZThmWHMraXlucG1zU3ZXV2RLeHBVWGpyTW03dEN2TlVieTdtb0dwMHl5SDdaM2pUYW9CZWtoWG9mTDBBR0crUkR3RHZGbGJsVFBvUzFBTDBKWk1EQis0TjI1MThKTndFQVFNV2JsaHVuOHRLc25jV0liNisvTWJOV1VxYzBhMnVWNHdPYktPbWFFUFltdFhkSjQ0N1lvSzJmcVlZZW1HLzFLd05nVTVRcTVIdEtkUGFHS1JLUT09fA&cppv=2

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8bf2ec255f7531825cc4506462c9cf58461d4a0abecd3b1fcab17bcdc081b695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2662759
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=flfdjHwydXJtbHlwNlBpcGUxOGNiYVJzL0I1SU4wd25tVm5mRUxkYnkxNzNQcUhzR3dNakZ1YzNLOTNaOUhFbWVDa1BLdUJCZWN2S0RxQzRSMVNPc1ZFTG9OVHNPTVN4UGRQY0wwZThmWHMraXlucG1zU3ZXV2RLeHBVWGpyTW03dEN2TlVieTdtb0dwMHl5SDdaM2pUYW9CZWtoWG9mTDBBR0crUkR3RHZGbGJsVFBvUzFBTDBKWk1EQis0TjI1MThKTndFQVFNV2JsaHVuOHRLc25jV0liNisvTWJOV1VxYzBhMnVWNHdPYktPbWFFUFltdFhkSjQ0N1lvSzJmcVlZZW1HLzFLd05nVTVRcTVIdEtkUGFHS1JLUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 790363
content-length: 0
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 86ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36442360-13&cid=1869228377.1666828349&jid=1798974873&gjid=1075970407&_gid=863533573.1666828349&_u=aGBAAAACQAAAAC~&z=566709525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 86ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36442360-15&cid=1869228377.1666828349&jid=150667372&gjid=809542223&_gid=863533573.1666828349&_u=aGDACUADRAAAACAAI~&z=497839434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1539679842915884 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 334ms
310ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1539679842915884?v=2.9.88&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6d9eb1e6011d313af292617c2c06bab0dd1a125f662c12e457d1b9732af0ce6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 26 Oct 2022 23:52:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: x2CSt9GAafO0mJR01Vx/nrrvn+y7sgj8izeJIUjOchIfbLiu81MyI51IJ4duMJI5ZgCJCg8QRs1hUrIW/n2f+Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/985602121/ 42 B
548 B 88ms
38ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/985602121/?random=1666828348543&cv=11&fst=1666825200000&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fponominalu.ru%2F&tiba=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&fmt=3&is_vtc=1&random=2770390452&rmt_tld=0&ipr=y

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/985602121/ 42 B
548 B 102ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/985602121/?random=1666828348543&cv=11&fst=1666825200000&bg=ffffff&guid=ON&async=1&gtm=2wgaq0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fponominalu.ru%2F&tiba=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&fmt=3&is_vtc=1&random=2770390452&rmt_tld=1&ipr=y

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
32ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=415910025&t=pageview&_s=1&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUADRAAAACAAI~&jid=1114069786&gjid=1167675760&cid=1869228377.1666828349&tid=UA-36442360-7&_gid=863533573.1666828349&_r=1&gtm=2ouaq0&z=1406482485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
32ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=415910025&t=pageview&_s=1&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGjACUADRAAAACAAM~&jid=2136549692&gjid=1661098547&cid=1869228377.1666828349&tid=UA-36442360-16&_gid=95826612.1666828349&_r=1&gtm=2wgaq0MFVDM3&z=679836512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.Mi4wLjAuNjBfMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 210 KB
61 KB 23ms
21ms Script
application/javascript 23.36.1.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNjBfMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BQJU3DN3QM8FN6J79BSG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.98 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 49821e4d8511f26d5c180ba214c469286fc451f294997dd93a5e5b4643292827

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 39ad5f9
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202210251323384DADD75271E3BA72DDD4
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-1-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014eeb68fd7cdc1157f0815c2a886b4a8dae90cc17576d43b2e06691949927725e15359e452843aeb21b7afe40b8348b9c7403dfb3229022b1417dc0f334752b8d48701557cd8f8bb49fd064357e652fc8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 61875

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 81ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1720264146&gjid=238791352&_gid=863533573.1666828349&_u=aHjAiUADRAAAAGAAM~&z=354044411

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=415910025&t=pageview&_s=1&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHjAiUADRAAAACAAM~&jid=1720264146&gjid=238791352&cid=1869228377.1666828349&tid=UA-36442360-7&_gid=863533573.1666828349&gtm=2wgaq0MFVDM3&cg3=nnn&cd9=1869228377.1666828349&z=1734377587

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 21:23:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8931
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-13&cid=1869228377.1666828349&jid=1798974873&_u=aGBAAAACQAAAAC~&z=521264894

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 39ms
39ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-13&cid=1869228377.1666828349&jid=1798974873&_u=aGBAAAACQAAAAC~&z=521264894

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 40ms
39ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-15&cid=1869228377.1666828349&jid=150667372&_u=aGDACUADRAAAACAAI~&z=72060243

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 38ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-15&cid=1869228377.1666828349&jid=150667372&_u=aGDACUADRAAAACAAI~&z=72060243

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 84ms
37ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/app.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 23:52:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H2 200 39.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 4 KB
2 KB 140ms
139ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/39.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

2b5d214474b163179559d0d5ccc4f4486dd4095bd33d40f17311f4a0aed084ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-627"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1575
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:28 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 32ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1114069786&gjid=1167675760&_gid=863533573.1666828349&_u=aGDACUADRAAAACAAI~&z=1034986356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 32ms
32ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-36442360-16&cid=1869228377.1666828349&jid=2136549692&gjid=1661098547&_gid=95826612.1666828349&_u=aGjACUADRAAAACAAM~&z=289998362

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 82ms
36ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1720264146&_u=aHjAiUADRAAAAGAAM~&z=1986775258

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 81ms
38ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1720264146&_u=aHjAiUADRAAAAGAAM~&z=1986775258

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_87671.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 23ms
22ms Script
application/javascript 23.36.1.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_87671.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNjBfMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.98 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 39ad649
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221025132324759A0B21982B12736C50
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-1-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012625a9b95c84fe4d793424db0c1361679600abfc82ce84a47107fe6c1c3402afb0a6d24dce3b803a426f05314ab9d9f35b23f8f14261bef63c23d83d2e70bc2a7baf86d6c5e34c2b86ca41aef94c67fc
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=3
content-length: 30914

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
541 B 48ms
48ms Ping
application/octet-stream 23.36.1.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNjBfMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.1.98 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-1-98.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-akamai-request-id: 39ad673
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 2022102623522847603643D4E5B448188C
x-cache: TCP_MISS from a23-36-1-94.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.36.1.94
x-tt-trace-host: 01e9de859ad2e33abbaf7df8cd5e2b0dec62768d7b52e10e2f0a1514febcf04b50c798dce873f5feea9612f91959221b35ac4c6ee0eaddcbdf9d3f6a315b9cec0a573cd745ab0a8ca48c18a04ae6790f3e
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=3, origin; dur=24
content-length: 0
expires: Wed, 26 Oct 2022 23:52:28 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
36ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1114069786&_u=aGDACUADRAAAACAAI~&z=1684867384

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 37ms
37ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-7&cid=1869228377.1666828349&jid=1114069786&_u=aGDACUADRAAAACAAI~&z=1684867384

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
36ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-16&cid=1869228377.1666828349&jid=2136549692&_u=aGjACUADRAAAACAAM~&z=1809536562

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 36ms
36ms Image
image/gif 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-36442360-16&cid=1869228377.1666828349&jid=2136549692&_u=aGjACUADRAAAACAAM~&z=1809536562

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 79ms
25ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 23:31:22 GMT
x-content-type-options: nosniff
age: 519667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 23:31:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 114ms
60ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 20:08:00 GMT
x-content-type-options: nosniff
age: 13469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9700
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 20:08:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 72ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 05:47:40 GMT
x-content-type-options: nosniff
age: 410689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 05:47:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 91ms
41ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:31:57 GMT
x-content-type-options: nosniff
age: 15632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:31:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 97ms
47ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:41:01 GMT
x-content-type-options: nosniff
age: 15088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:41:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 106ms
57ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:39:16 GMT
x-content-type-options: nosniff
age: 15193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:39:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 100ms
62ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 01:31:33 GMT
x-content-type-options: nosniff
age: 598856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 01:31:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 89ms
52ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:40:49 GMT
x-content-type-options: nosniff
age: 15100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:40:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 93ms
58ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:40:57 GMT
x-content-type-options: nosniff
age: 15092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:40:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 61ms
20ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&subset=cyrillic,cyrillic-ext,latin-ext&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ponominalu.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 19:33:19 GMT
x-content-type-options: nosniff
age: 15550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 19:33:19 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/2917771/
Redirect Chain

https://mc.yandex.ru/watch/2917771?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/2917771/1?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Al...

453 B
535 B

150ms
150ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2917771/1?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A651778461129%3Ahid%3A358255645%3Az%3A0%3Ai%3A20221026235229%3Aet%3A1666828349%3Ac%3A1%3Arn%3A889970930%3Arqn%3A1%3Au%3A16668283491024691002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C293%2C138%2C276%2C615%2C0%2C%2C317%2C0%2C%2C%2C%2C1973%3Acpf%3A1%3Ans%3A1666828346826%3Arqnl%3A1%3Ast%3A1666828349%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f63b54f0ab2eddc08d2591560dcdb91f4b6625a05b2c577c320828bd2f92f164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 26-Oct-2022 23:52:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ponominalu.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 453
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 23:52:29 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:29 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 26-Oct-2022 23:52:29 GMT
location: /watch/2917771/1?wmode=7&page-url=https%3A%2F%2Fponominalu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaydspl3nlyays9y07x84%3Afp%3A1592%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A651778461129%3Ahid%3A358255645%3Az%3A0%3Ai%3A20221026235229%3Aet%3A1666828349%3Ac%3A1%3Arn%3A889970930%3Arqn%3A1%3Au%3A16668283491024691002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C293%2C138%2C276%2C615%2C0%2C%2C317%2C0%2C%2C%2C%2C1973%3Acpf%3A1%3Ans%3A1666828346826%3Arqnl%3A1%3Ast%3A1666828349%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://ponominalu.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 26-Oct-2022 23:52:29 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 144ms
144ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Oct 2022 00:52:29 GMT

GET
H2 200 default.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/layouts/ 3 KB
1 KB 142ms
140ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/layouts/default.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

1cf9ff03fb16e95f0c0768c96be2cd0bc29f67b8adfb56ee147798a735ab0058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-4b3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1203
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

POST
H/1.1 401
Unauthorized track-visit Show response
api.mindbox.ru/v1.1/customer/ 105 B
731 B 152ms
151ms XHR
application/json 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.417&transport=XmlHttpRequest

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/app.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

Kestrel /

Resource Hash

33a5afb805065ed5d2c8506a37eb78bc474fcebb560cc2410c87d49760b645dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://ponominalu.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
date: Wed, 26 Oct 2022 23:52:28 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains; preload
content-length: 105
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: Kestrel
vary: Origin
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ponominalu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
feature-policy: vibrate 'self'
expires: -1

GET
H/1.1 322
status code 322 ponominaluwebsite.js
api.mindbox.ru/js/byendpoint/ 0
0 461ms
171ms Fetch
application/javascript 84.252.130.113
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mindbox.ru/js/byendpoint/ponominaluwebsite.js?_=463007

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/app.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

84.252.130.113 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=315360000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' 'unsafe-inline'
date: Wed, 26 Oct 2022 23:52:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-amz-request-id: bc3e27cd81cb2d43
content-length: 0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: nginx
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
location: https://web-bucket-api-static-production.website.yandexcloud.net/js/byendpoint/ponominaluwebsite.js
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method,Origin
feature-policy: vibrate 'self'
x-frame-options: DENY
access-control-allow-headers: *

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 76ms
21ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1539679842915884&ev=PageView&dl=https%3A%2F%2Fponominalu.ru%2F&rl=&if=false&ts=1666828349207&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666828349206.1063512950&it=1666828348656&coo=false&rqm=GET

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Oct 2022 23:52:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
960 B 137ms
137ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3137946;u=https%3A//ponominalu.ru/;st=1666828348465;title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4e0b5e5f4183585c;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.8//4g/0/0/;lvid=1666828349253%3A1666828349257%3A1%3A68f16eb2d778a7777667daa1c340fdca;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.04109591222015552

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 rtrg
vk.com/ 49 B
577 B 153ms
152ms Image
image/gif 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-63532-48mlU&metatag_url=https%3A%2F%2Fponominalu.ru%2F&metatag_title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112523

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-frontend: front225207
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112523
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 PnNavBarMobile.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 3 KB
2 KB 140ms
139ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/PnNavBarMobile.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

3f8589bbc0f230823d343058b730523851e082d05e9413da04efb56108e413cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-53c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1340
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 1.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 17 KB
5 KB 140ms
139ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/1.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

280f5e8a0c7053bfd462d9da751527ce7f4dd7649f6747f9210986aacc532f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-1207"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4615
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 27.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 7 KB
2 KB 141ms
140ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/27.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

c5086a00d6ad00e715cd653046d9538016f9b7316f14f194dce223894f2eb4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-76c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1900
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2

200

event Show response
widget.eu.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNP...
https://widget.eu.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNP...

9 KB
4 KB

337ms
116ms

Script
application/x-javascript

2a02:2638::22
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.eu.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNPM1RHMFlqckdwTkQ2JTJGS1ZWc0JMQWdUdnBZTnRucVpmNUdBVng2aFUlMkY4QjBkajBDQ2VYcjBUTUdqdkhsUTFzTFpDeFVvZ2FmWktXOG5odkd4MlE2TDhlM25DNHltc0lJWkpFVEF6ZzlRNEFpbUklMkZ4MVElM0QlM0Q&tld=ponominalu.ru&fu=https%253A%252F%252Fponominalu.ru%252F&dtycbr=36167

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Server

2a02:2638::22 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5f53a1baa2c183f722004d0af51c5fa849490a0b9af25ded0360dc4b2a190f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14522281
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://widget.eu.criteo.com/event?a=19445&v=5.12.1&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dce%26m%3D%255B%255D&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNPM1RHMFlqckdwTkQ2JTJGS1ZWc0JMQWdUdnBZTnRucVpmNUdBVng2aFUlMkY4QjBkajBDQ2VYcjBUTUdqdkhsUTFzTFpDeFVvZ2FmWktXOG5odkd4MlE2TDhlM25DNHltc0lJWkpFVEF6ZzlRNEFpbUklMkZ4MVElM0QlM0Q&tld=ponominalu.ru&fu=https%253A%252F%252Fponominalu.ru%252F&dtycbr=36167
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7345491
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 advcake.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 5 KB
2 KB 140ms
140ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/advcake.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

2f155ccf42827cca0258a8340c8414601e1447961453eeb162cbe72b45b3f228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-638"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1592
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 PnNavBarDesktop.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 3 KB
2 KB 155ms
154ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/PnNavBarDesktop.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

49d78c2787cc91e1453f8c67b7481dcc12e4a259f3c55b8c737b5d436ee53fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-53f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1343
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 34.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 6 KB
3 KB 151ms
150ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/34.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

215fe7288ded56b2ea03096aab7a55269acb79cec0af73aa097204b111c7e912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-922"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2338
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 PnSearch.e0e3dfc1e0ac4e9178be.js Show response
ponominalu.ru/_nuxt/ 3 KB
2 KB 143ms
142ms Script
application/javascript 213.108.128.54
MTS

General

Check archive.org

Show headers Download Go to

Full URL

https://ponominalu.ru/_nuxt/PnSearch.e0e3dfc1e0ac4e9178be.js?build=00003147

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/runtime.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.108.128.54 Moscow, Russian Federation, ASN8359 (MTS, RU),

Reverse DNS

Software

Resource Hash

275300e792ac8d808a203e9cf9c2ed8afc1356a9d371bee06e3bc45c816b001d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Sep 2022 07:26:30 GMT
etag: "63218226-4d2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1234
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 23:52:29 GMT

GET
H2 200 rtrg
vk.com/ 49 B
363 B 150ms
148ms Image
image/gif 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-324582-6XpCC&event=view_home&metatag_url=https%3A%2F%2Fponominalu.ru%2F&metatag_title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112523

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
content-encoding: gzip
x-frontend: front225207
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112523
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 137ms
135ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3137946;u=https%3A//ponominalu.ru/;st=1666828348465;title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4e0b5e5f4183585c;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.8//4g/0/0/;params=%7B%22product_id%22%3A%220%22%7D;lvid=1666828349253%3A1666828349368%3A2%3A68f16eb2d778a7777667daa1c340fdca;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.1855268176235143;e=RG%3A/vk_ecom_home

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK /
ad.mail.ru/retarget/ 43 B
384 B 541ms
135ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/retarget/?counter=3137946&list=1&productid=0&pagetype=home&totalvalue=0&_=0.15053347748719537
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:29 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
872 B 138ms
137ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3137946;u=https%3A//ponominalu.ru/;st=1666828348465;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4e0b5e5f4183585c;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.8//4g/0/0/;lvid=1666828349253%3A1666828349369%3A3%3A68f16eb2d778a7777667daa1c340fdca;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.16790594302453155;e=IV%3A0/1%3B0%3Bhome

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:29 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1

200
OK

merle.cgi Show response
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996&tuid=-5066177086

3 KB
4 KB

142ms
142ms

Script
application/x-javascript

195.209.108.37
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996&tuid=-5066177086
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: HTTP/1.1
Server: 195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 4dfd2313e5d5bf73499f36d2655f50fd4630f2aeb3b01e05da5ab175896a6740

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:29 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: application/x-javascript
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:29 GMT
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type: text/html
Location: /cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996&tuid=-5066177086
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12c32d287ea4c6070b6867865174c2fbef164c4153658aaadb26fe1be0419cb3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f050149d3d5983317bc09fa986557e752fafdf3b20fa4a253346ee6edb97a0f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
code.acstat.com/ 9 KB
9 KB 596ms
275ms Script
application/javascript 212.41.26.148
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://code.acstat.com/

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/_nuxt/advcake.e0e3dfc1e0ac4e9178be.js?build=00003147

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.41.26.148 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

573b410820cd03b82cf37f8618ad32cf79016caf3eb9964dacfd0c684c913189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:30 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9202

GET
H/1.1 200
OK /
server.adv-cake.ru/ponominalu/track_user_history/ 0
246 B 1467ms
134ms Image
text/html 46.254.20.215
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.adv-cake.ru/ponominalu/track_user_history/?id=602a77e3-e6ea-2bc0-1530-65910089299f&u_web=undefined&u_par=undefined&ref=(direct)&land=https%3A%2F%2Fponominalu.ru%2F

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.254.20.215 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

adv-cake.ru

Software

nginx/1.12.2 / PHP/5.6.32

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:30 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/5.6.32
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5ED1 0
18 B 49ms
19ms Document
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ponominalu.ru
Referer: https://ponominalu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ponominalu.ru
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 26 Oct 2022 23:52:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 AV.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ 25 KB
25 KB 137ms
136ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/AV.js
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
last-modified: Wed, 19 May 2021 13:40:38 GMT
server: nginx
etag: "60a51556-6216"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 25110
expires: Thu, 27 Oct 2022 00:52:30 GMT

GET
H2 200 script.js Show response
servers4.adriver.ru/images/0000399/0000399800/0/ 80 B
240 B 495ms
137ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://servers4.adriver.ru/images/0000399/0000399800/0/script.js?vadriver_banner_904842996
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0352bbc80c7eba05180d37f6686b4199e73d60e863f300fcbfc1d2194eaf9279

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 26 Oct 2022 23:52:30 GMT
cache-control: max-age=3600
last-modified: Mon, 03 Aug 2015 00:38:22 GMT
server: nginx
etag: "55beb7fe-1e"
expires: Thu, 27 Oct 2022 00:52:30 GMT

GET
H2 200 pixel.adriver.js Show response
servers4.adriver.ru/plugins/ 878 B
1 KB 494ms
136ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://servers4.adriver.ru/plugins/pixel.adriver.js
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 515672a1ff97f5f8cdf962e3679e99e183e19ea349d919de0530aebfe3de0be8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
last-modified: Tue, 18 Oct 2022 10:33:30 GMT
server: nginx
etag: "634e80fa-36e"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 878
expires: Thu, 27 Oct 2022 00:52:30 GMT

GET
H2 200 s.html Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame AA8C 2 KB
2 KB 270ms
269ms Document
text/html 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&5386463&0&0&278&149.56.153.186&merle&1
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=5386463&tail256=unknown&sid=220597&bn=3&bt=52&ph=adriver_banner_904842996
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: e0bb484dcb65beebef4e8d6068a833171c89c3ce775b733c44f3fcd3dc1bfb64

Request headers

Referer: https://ponominalu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 1556
content-type: text/html
date: Wed, 26 Oct 2022 23:52:30 GMT
etag: "62581738-614"
last-modified: Thu, 14 Apr 2022 12:44:40 GMT
server: nginx

GET
H2 200 landing.js Show response
www.gdeslon.ru/ 1 KB
2 KB 570ms
144ms Script
application/javascript 5.189.239.194
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdeslon.ru/landing.js?mid=83365mode=other
Requested by: Host: code.acstat.com
URL: https://code.acstat.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.239.194 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0cff12337fc4daa84981d8fae782b53f25b37cb2d6bf5c2fb3cfbb8f689ea079

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Wed, 26 Oct 2022 23:52:30 GMT
last-modified: Thu, 29 Oct 2020 11:34:56 GMT
server: nginx
etag: "5f9aa8e0-5fe"
content-type: application/javascript
cache-control: max-age=60, public
accept-ranges: bytes
content-length: 1534
expires: Wed, 26 Oct 2022 23:53:30 GMT

GET
H/1.1 200
OK /
hit.acstat.com/ponominalu/ 0
344 B 599ms
292ms Image
text/plain 212.41.26.148
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hit.acstat.com/ponominalu/?sid=602a77e3-e6ea-2bc0-1530-65910089299f&t_tid=&t_dp=&wid=&par=&ref=&t_t=&t_if=0&t_s=&ih=1200&iw=1600&if_p=&s_w=1600&s_h=1200&land=https%3A%2F%2Fponominalu.ru%2F

Requested by

Host: ponominalu.ru
URL: https://ponominalu.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.41.26.148 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 26 Oct 2022 23:52:30 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H/1.1 200
OK event.cgi
ad.adriver.ru/cgi-bin/ 42 B
667 B 142ms
141ms Image
image/gif 195.209.108.37
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/event.cgi?xpid=Dj037vfe2gEHdtFSG7bKxzlHsmjgAB5iqueHEsYArNK_aOiPiYuIM1BW9Y1MG_OePqfNsl-EA&bid=399800&type=0&custom=113=0;161=0;162=0;168=1;176=1;177=1;213=0;214=2;216=1600;217=1200;218=false;163=https%3A%2F%2Fponominalu.ru%2F
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.37 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:30 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 s.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame AA8C 13 KB
13 KB 137ms
136ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.js?rnd=381471
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&5386463&0&0&278&149.56.153.186&merle&1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: fdc219c419b103c97dd30b669a712cd3cd260096428050f5407ccb2bf4691c1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&5386463&0&0&278&149.56.153.186&merle&1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
last-modified: Fri, 16 Sep 2022 10:38:20 GMT
server: nginx
etag: "6324521c-33e6"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13286
expires: Thu, 27 Oct 2022 00:52:30 GMT

GET
H2 200 functions.adriver.js Show response
servers4.adriver.ru/plugins/ 4 KB
4 KB 137ms
136ms Script
application/x-javascript 23.111.96.44
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://servers4.adriver.ru/plugins/functions.adriver.js
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.44 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: d88510f7ba40e214c1e182e037211ef283c3ab56838e784eaceae04f65c67615

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
last-modified: Tue, 18 Oct 2022 10:33:30 GMT
server: nginx
etag: "634e80fa-e7b"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3707
expires: Thu, 27 Oct 2022 00:52:30 GMT

GET
H2 200 landing-backend.js Show response
www.gdeslon.ru/ 4 KB
2 KB 150ms
149ms Script
text/javascript 5.189.239.194
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gdeslon.ru/landing-backend.js?source=https%3A%2F%2Fponominalu.ru%2F&mid=83365mode=other
Requested by: Host: www.gdeslon.ru
URL: https://www.gdeslon.ru/landing.js?mid=83365mode=other
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.239.194 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: c3500fe78448407f508e17b95bc05a82e60b104139ce174d1c2fdb9a9b591221

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
content-encoding: gzip
x-upstream-addr: 31.184.219.58:9005
server: nginx
etag: W/"1041-cKwsf0yShMz9aWhLQSkjJmvMDJg"
x-upstream-response-time: -
content-type: text/javascript; charset=utf-8
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
x-request-time: 0.004

GET
H/1.1 200
OK rle.cgi
ad-tst.adriver.ru/cgi-bin/ 42 B
581 B 555ms
141ms Image
image/gif 195.209.108.36
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-tst.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=740695&bt=21&pid=3435998&bid=8097857&bn=8097857&rnd=139059315&tail256=unknown
Requested by: Host: ponominalu.ru
URL: https://ponominalu.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.36 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gsclick.js Show response
clicks.gdeslon.ru/ 6 B
113 B 174ms
159ms Script
application/javascript 5.189.239.194
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.gdeslon.ru/gsclick.js?_t=1666828350871&mid=83365mode%3Dother&mode=other&page_title=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8%21&url=https%3A%2F%2Fponominalu.ru%2F&screen_width=1600&screen_height=1200&user_id=e1941435-91f6-42b2-b7fe-6233b9c9a140
Requested by: Host: www.gdeslon.ru
URL: https://www.gdeslon.ru/landing-backend.js?source=https%3A%2F%2Fponominalu.ru%2F&mid=83365mode=other
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.189.239.194 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e18a390d278e08cbefab99a8b3b69f83f9c9bb370a9e44c2e7c6d061164a4173

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:30 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-length: 6
content-type: application/javascript

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
872 B 137ms
137ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3137946;u=https%3A//ponominalu.ru/;st=1666828348465;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4e0b5e5f4183585c;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1666828346826/////614/615/615/615/908/754/908/1046/1322/1049/1639/1972/1972/4499/4499/;ni=9.8//4g/0/0/;lvid=1666828349253%3A1666828351328%3A4%3A68f16eb2d778a7777667daa1c340fdca;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.34461756737134497;e=RT/load;et=1666828351326

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F5C1
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30

43 B
510 B

36ms
36ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Aeua33qnmTSkgbWL84uoUSRu8_50j3K_xt5o5g&expires=30
Date: Wed, 26 Oct 2022 23:52:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame F5C1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_cm&google_hm=ay1NMnJKMW5xbm1UU2tnYldMODR1b1VTUnU4Xzc0aTBFc...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_gid=CAESEKAzWpl-1Al0-ggvfMpwIOI&google_cver=1&google_ula=913071,0

43 B
370 B

25ms
22ms

Image
image/gif

2620:100:a001::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_gid=CAESEKAzWpl-1Al0-ggvfMpwIOI&google_cver=1&google_ula=913071,0

Protocol

Server

2620:100:a001::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1071072
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&google_gid=CAESEKAzWpl-1Al0-ggvfMpwIOI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame F5C1
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8727410531749484197

43 B
370 B

25ms
25ms

Image
image/gif

2620:100:a001::17
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8727410531749484197

Protocol

Server

2620:100:a001::17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1266340
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
AN-X-Request-Uuid: c68e3f3f-dc3a-415b-a36a-c28b188a2c30
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8727410531749484197
Connection: keep-alive
X-Proxy-Origin: 149.56.153.186; 149.56.153.186; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame F5C1 0
232 B 428ms
99ms Image
text/html 34.247.240.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-M2rJ1nqnmTSkgbWL84uoUSRu8_74i0Ep3klKxg&custom=&tag_format=img&tag_action=sync&custom=&cb=5f1543fd-b3a3-4e80-a8f9-7dea07aea180
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.240.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-240-231.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame F5C1
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw&C=1

43 B
764 B

19ms
19ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-St9oQ3qnmTSkgbWL84uoUSRu8_5J07eoGY_RBw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame F5C1
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA

43 B
446 B

69ms
68ms

Image
image/gif

52.3.184.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA
Protocol: H2
Server: 52.3.184.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-184-194.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Oct 2022 23:52:31 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-C6S-OHqnmTSkgbWL84uoUSRu8_6bf9On285HFA
date: Wed, 26 Oct 2022 23:52:31 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame F5C1 45 B
786 B 146ms
63ms Image
image/gif 23.195.108.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-u7VlsXqnmTSkgbWL84uoUSRu8_7lSfTo_9jmIw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.108.24 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-108-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 23:52:31 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Wed, 26 Oct 2022 23:52:31 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame F5C1 0
969 B 86ms
27ms Image
text/html 52.21.246.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-XlHRx3qnmTSkgbWL84uoUSRu8_6jl1PLqzTFnw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.246.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-246-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame F5C1 0
308 B 123ms
22ms Image
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-mX5W8XqnmTSkgbWL84uoUSRu8_6pDtzete4JlQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:31 GMT
Cache-Control: no-cache
X-TraceId: 3348d8d2bc762409dc294e3b7d15d2f1
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame F5C1 42 B
580 B 87ms
26ms Image
image/gif 104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-J7R1WHqnmTSkgbWL84uoUSRu8_6eyuaxJ4ELTA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame F5C1 42 B
787 B 105ms
27ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-mHRNZ3qnmTSkgbWL84uoUSRu8_6oUfEgCLz0GQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame F5C1 68 B
280 B 83ms
24ms Image
image/png 54.84.171.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-_ibbJHqnmTSkgbWL84uoUSRu8_7KbXdi1bjVrQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.171.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-171-38.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F5C1 43 B
688 B 165ms
49ms Image
image/gif 199.187.193.199
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-KhNViHqnmTSkgbWL84uoUSRu8_5Ukna4VI8-gA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.199 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame F5C1 0
232 B 100ms
27ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-30q6bHqnmTSkgbWL84uoUSRu8_7smYSJutmBCg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 18066

GET
H2 200 um
criteo-sync.teads.tv/ Frame F5C1 23 B
287 B 132ms
30ms Image
image/gif 23.197.21.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-UgI-e3qnmTSkgbWL84uoUSRu8_5SIcVyx8GUxw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.21.93 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-21-93.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 23:52:31 GMT
pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame F5C1
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

30ms
28ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-aoUPmXqnmTSkgbWL84uoUSRu8_4xJ0RrFRjp_g&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 26 Oct 2022 23:52:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame F5C1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA&verify=true

0
121 B

29ms
29ms

Image
text/plain

54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA&verify=true

Protocol

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-5tm2_nqnmTSkgbWL84uoUSRu8_5ztqRY7eCHVA&verify=true
date: Wed, 26 Oct 2022 23:52:31 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame F5C1 43 B
875 B 602ms
176ms Image
image/gif 202.241.208.57
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-wynRiXqnmTSkgbWL84uoUSRu8_5LqGGsQYgHPg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.57 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-SO-Cluster-ID: 29
Date: Wed, 26 Oct 2022 23:52:32 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-wynRiXqnmTSkgbWL84uoUSRu8_5LqGGsQYgHPg","cluster_id":29,"gdpr":false,"ipv4":"149.56.153.186","key":"Y1nIQMCo5s8AAMy5H-AAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40117"}
X-SO-Key: Y1nIQMCo5s8AAMy5H-AAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40117
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: a-ad40117.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 43
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-IP: 149.56.153.186

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame F5C1 49 B
386 B 276ms
93ms Image
image/gif 52.41.101.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-fXk7C3qnmTSkgbWL84uoUSRu8_4isAY-AoDK0g

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.101.164 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-101-164.us-west-2.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
via: kong/2.8.1
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 11
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame F5C1
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=FWImUESwaMOyeeUmLIwYfXtC-1_0RlLC

62 B
557 B

191ms
129ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=FWImUESwaMOyeeUmLIwYfXtC-1_0RlLC
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 26 Oct 2022 23:52:31 GMT
content-length: 62
bk-server: 7a4c
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=FWImUESwaMOyeeUmLIwYfXtC-1_0RlLC
date: Wed, 26 Oct 2022 23:52:30 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1566625
content-length: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame F5C1 43 B
661 B 286ms
19ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-746xInqnmTSkgbWL84uoUSRu8_4aXDOo9FfRnQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Oct 2022 23:52:31 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1666828351823005-146

GET
H2 200 sync
matching.ivitrack.com/ Frame F5C1 42 B
274 B 132ms
95ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-LYQlDnqnmTSkgbWL84uoUSRu8_6S2HJuOeC0tQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame F5C1
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ&_li_chk=true&previous_uuid=7448608275e9407288b0b50511340181
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ

43 B
436 B

81ms
24ms

Image
image/gif

2600:1f18:ed:550e:c4e3:3eb9:eebf:6813
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:c4e3:3eb9:eebf:6813 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:31 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-aaw3gXqnmTSkgbWL84uoUSRu8_5cVE4PvoDmfQ
Date: Wed, 26 Oct 2022 23:52:31 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 c.gif
c.bing.com/ Frame F5C1 42 B
668 B 74ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-W1MWanqnmTSkgbWL84uoUSRu8_54hp9PCRbflg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
last-modified: Thu, 13 Oct 2022 20:08:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F9DFA3E8D1D4918AEC1A298BB94684E Ref B: YTO01EDGE0812 Ref C: 2022-10-26T23:52:31Z
etag: "e47587a03fdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK pixel_sync
trends.revcontent.com/cm/ Frame F5C1 35 B
531 B 204ms
105ms Image
image/gif 44.206.182.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-ZM_MN3qnmTSkgbWL84uoUSRu8_6Y9OyzJguokQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.182.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-182-6.compute-1.amazonaws.com
Software: openresty / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 23:52:31 GMT
x-envoy-upstream-service-time: 75
Server: openresty
Connection: keep-alive
x-powered-by: Express
Content-Length: 35
Content-Type: image/gif

GET
H2

204

/
s.ad.smaato.net/c/ Frame F5C1
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ&cookieCheck=1

0
557 B

18ms
18ms

Image
text/plain

2600:9000:2209:d200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ&cookieCheck=1
Protocol: H2
Server: 2600:9000:2209:d200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 23:52:31 GMT
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: qKBLO5LWG08XL5ZB2033FKubEbitsSQ_5x5VMAvSX_d5wyvJ8SWwFg==

Redirect headers

date: Wed, 26 Oct 2022 23:52:31 GMT
via: 1.1 17da55c14108bb8cae904f764f67c0e0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-otQ_UXqnmTSkgbWL84uoUSRu8_6gmhAxjY_FrQ&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: f4VwojV7ZMC4UTvj6ZmLoQdLc2hGyJsRuG3wjiyRv3Kh9t-v9O27VQ==

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame F5C1 43 B
407 B 103ms
23ms Image
image/gif 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-mhG8K3qnmTSkgbWL84uoUSRu8_78WuCQXCwFpA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 26 Oct 2022 23:52:31 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame F5C1 68 B
280 B 401ms
222ms Image
image/jpeg 2600:141b:13::172f:91aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-Ht9dqHqnmTSkgbWL84uoUSRu8_6drVUV2pVFUQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::172f:91aa New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Wed, 26 Oct 2022 23:52:32 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-request-time: 0.001
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame F5C1 43 B
468 B 107ms
26ms Image
image/gif 100.24.185.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-RudF7HqnmTSkgbWL84uoUSRu8_4I5gv9fZp_ow&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.185.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-185-7.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 26 Oct 2022 23:52:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=415910025&t=timing&_s=2&dl=https%3A%2F%2Fponominalu.ru%2F&ul=en-us&de=UTF-8&dt=%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%9F%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BD%D0%B0%D0%BB%D1%83%20%E2%80%94%20%D0%BD%D0%B8%20%D1%81%D0%B1%D0%BE%D1%80%D0%BE%D0%B2%2C%20%D0%BD%D0%B8%20%D0%BD%D0%B0%D1%86%D0%B5%D0%BD%D0%BA%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4499&pdt=276&dns=0&rrt=614&srt=138&tcp=293&dit=1639&clt=1972&_gst=1609&_gbt=1731&_cst=1609&_cbt=1491&_u=aHjACUADRAAAAGAAM~&jid=&gjid=&cid=1869228377.1666828349&tid=UA-36442360-13&_gid=863533573.1666828349&cd1=1869228377.1666828349&z=664670375

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ponominalu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 21:23:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8934
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F5C1
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS

42 B
942 B

91ms
90ms

Image
image/gif

35.82.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS

Protocol

HTTP/1.1

Server

35.82.147.58 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-147-58.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v040-0e8201af8.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xRbXDUq8RgY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v040-05a8e9641.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: W0rpdOB2TXY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=QDmx9irrCA-0v7PN1bCBqt9e8wCfngqS
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 07:43:40	Name: _li_ss Value: MgkI_____wcQyRM
.ponominalu.ru/	1970-01-20 16:36:28	Name: _ga Value: GA1.2.1869228377.1666828349
.ponominalu.ru/	1970-01-20 07:01:54	Name: _gid Value: GA1.2.863533573.1666828349
ponominalu.ru/	1969-12-31 23:59:59	Name: _ga_cid Value: 1869228377.1666828349
.ponominalu.ru/	1970-01-20 07:00:28	Name: _gat Value: 1
.ponominalu.ru/	1970-01-20 07:00:28	Name: _gat_gtag_UA_36442360_15 Value: 1
.criteo.com/	1970-01-20 16:22:04	Name: uid Value: 407455a2-0d6d-45b3-91f0-c44485cfd88a
.ponominalu.ru/	1970-01-20 07:00:28	Name: _gat_gtag_UA_36442360_7 Value: 1
.ponominalu.ru/	1970-01-20 16:36:28	Name: _ga_e4d0cc5bcba0ef4d8c4f6196e0ddb74c Value: GA1.2.1869228377.1666828349
.ponominalu.ru/	1970-01-20 07:01:54	Name: _ga_e4d0cc5bcba0ef4d8c4f6196e0ddb74c_gid Value: GA1.2.95826612.1666828349
.ponominalu.ru/	1970-01-20 07:00:28	Name: _gat_UA-36442360-16 Value: 1
.ponominalu.ru/	1970-01-20 07:00:28	Name: _dc_gtm_UA-36442360-7 Value: 1
.ponominalu.ru/	1970-01-20 16:22:04	Name: _tt_enable_cookie Value: 1
.ponominalu.ru/	1970-01-20 16:22:04	Name: _ttp Value: 062b3a74-473a-49c9-a735-8f2b63a03c73
.ponominalu.ru/	1970-01-20 16:29:52	Name: cto_bundle Value: qyD72F96T21jNnlSR3R2enNNc0pzN1ZiNG55bXhtaEJ4d0Foa3FxSnNPM1RHMFlqckdwTkQ2JTJGS1ZWc0JMQWdUdnBZTnRucVpmNUdBVng2aFUlMkY4QjBkajBDQ2VYcjBUTUdqdkhsUTFzTFpDeFVvZ2FmWktXOG5odkd4MlE2TDhlM25DNHltc0lJWkpFVEF6ZzlRNEFpbUklMkZ4MVElM0QlM0Q
.mts.ru/	1970-01-20 16:36:28	Name: mts_id Value: f583af88-aec7-45d8-97ef-bf0fa4edfd36
.mts.ru/	1970-01-20 16:36:28	Name: mts_id_last_sync Value: 1666828348
.ponominalu.ru/	1970-01-20 15:46:04	Name: _ym_uid Value: 16668283491024691002
.ponominalu.ru/	1970-01-20 15:46:04	Name: _ym_d Value: 1666828349
ponominalu.ru/	1969-12-31 23:59:59	Name: user_session Value: pa-de360656-2f9a-4a1a-8ecb-f367a657a85d-202210262352
.ponominalu.ru/	1970-01-20 09:10:04	Name: _fbp Value: fb.1.1666828349206.1063512950
.yandex.ru/	1970-01-20 16:36:28	Name: yandexuid Value: 5798721001666828349
.yandex.ru/	1970-01-20 16:36:28	Name: yuidss Value: 5798721001666828349
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 789844651666828349
.yandex.ru/	1970-01-20 16:36:28	Name: i Value: jErag4+K8CJRMHKI0oS68sjIggoqKwYOw95OYLO5LBtotxKUWBdEL08egEuAaP0kfvhHKDI9tAsNAIRjz8lygOH7ywM=
.yandex.ru/	1970-01-20 15:46:04	Name: ymex Value: 1982188349.yrts.1666828349#1982188349.yrtsi.1666828349
.ponominalu.ru/	1970-01-20 14:59:59	Name: tmr_lvid Value: 68f16eb2d778a7777667daa1c340fdca
.ponominalu.ru/	1970-01-20 14:59:59	Name: tmr_lvidTS Value: 1666828349253
.ponominalu.ru/	1970-01-20 07:01:40	Name: _ym_isad Value: 2
.vk.com/	1970-01-20 15:46:03	Name: remixlang Value: 3
.vk.com/	1970-01-20 15:46:04	Name: remixstlid Value: 9104954448807916070_CRkJRqSzH79mZpRIX8EzEPe38aRXNt3UzWVqGgHTOoz
.ponominalu.ru/	1970-01-20 07:00:30	Name: _ym_visorc Value: w
.ponominalu.ru/	1970-01-20 07:22:04	Name: user_unic_ac_id Value: 602a77e3-e6ea-2bc0-1530-65910089299f
.ponominalu.ru/	1970-01-20 07:00:31	Name: advcake_session Value: 1
.adriver.ru/	1970-01-20 16:36:28	Name: cid Value: AHZqHTj8t7PQXDUenCB8j1w
.content.adriver.ru/	1969-12-31 23:59:59	Name: sd Value: 1
.content.adriver.ru/	1970-01-20 07:00:28	Name: rs Value: 1
.gdeslon.ru/	1970-01-20 11:19:40	Name: userId Value: s%3Ae1941435-91f6-42b2-b7fe-6233b9c9a140.0TwNHGW0vUcgfu7B6r3wMdH57LjVnZ0jm2gwWsDP%2BA0
.gdeslon.ru/	1970-01-20 11:19:40	Name: uidAge Value: s%3A1666828350795.96NOCvbEu8KXiWyuf5e8tagi5YFI6QxI8DAwQ72ssTc
.ponominalu.ru/	1970-01-20 11:19:40	Name: gdeslon.ru.__arc_domain Value: gdeslon.ru
.ponominalu.ru/	1970-01-20 11:19:40	Name: gdeslon.ru.user_id Value: e1941435-91f6-42b2-b7fe-6233b9c9a140
.ponominalu.ru/	1970-01-20 14:59:59	Name: tmr_reqNum Value: 4
.adnxs.com/	1970-01-20 09:10:04	Name: uuid2 Value: 8727410531749484197
.doubleclick.net/	1970-01-20 16:36:28	Name: IDE Value: AHWqTUnav1PYC3sa4lqvz-HVgBNZwv3fM-4NCmCHhaHo2iihuVm33qN5ZMgptPXmWOw
exchange.mediavine.com/	1970-01-20 07:20:37	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2241634a20-5589-11ed-933a-f9c848148a1b%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 07:20:37	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%2241634a20-5589-11ed-933a-f9c848148a1b%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 07:20:37	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2241634a20-5589-11ed-933a-f9c848148a1b%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 07:20:37	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%2241634a20-5589-11ed-933a-f9c848148a1b%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 07:20:37	Name: criteo Value: %7B%22id%22%3A%22k-XlHRx3qnmTSkgbWL84uoUSRu8_6jl1PLqzTFnw%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/	1970-01-20 07:43:40	Name: KRTBCOOKIE_97 Value: 3385-uid:k-J7R1WHqnmTSkgbWL84uoUSRu8_6eyuaxJ4ELTA&KRTB&23144-uid:k-J7R1WHqnmTSkgbWL84uoUSRu8_6eyuaxJ4ELTA&KRTB&23286-uid:k-J7R1WHqnmTSkgbWL84uoUSRu8_6eyuaxJ4ELTA&KRTB&23287-uid:k-J7R1WHqnmTSkgbWL84uoUSRu8_6eyuaxJ4ELTA
.pubmatic.com/	1970-01-20 07:43:40	Name: PugT Value: 1666828351
.bidswitch.net/	1970-01-20 15:46:04	Name: tuuid Value: dfba894d-9ea4-4a09-a828-73f5e272c5dd
.bidswitch.net/	1970-01-20 15:46:04	Name: c Value: 1666828351
.bidswitch.net/	1970-01-20 15:46:04	Name: tuuid_lu Value: 1666828351
.mail.ru/	1970-01-20 15:47:30	Name: VID Value: 3n4o7T2vhvID00000i1OL4YD:::0-0-0-87420fd:CAASEC5WXh7rXAasaC-a6NyVrZcaYFdNqZKHZtlnn_n_xo_0w5aN73RBNfZvcTpTEuIhkKCeBLHRU_na2z1Vufki9iMgGUNlK79F5bzhDti4cB_EznGgHw51OTvmsBWlemm1Qatl9TITefHjXTvd1CZin2az0g
.casalemedia.com/	1970-01-20 15:46:04	Name: CMID Value: Y1nIP1mVUEGPuK9Iy30tVQAA
.casalemedia.com/	1970-01-20 09:10:04	Name: CMPS Value: 032
.casalemedia.com/	1970-01-20 09:10:04	Name: CMPRO Value: 032
.outbrain.com/	1970-01-20 09:10:04	Name: obuid Value: 1861c43f-6e03-4891-8e64-9a2bb7943bf6
.360yield.com/	1970-01-20 09:10:04	Name: tuuid Value: 910f5098-c9da-4506-9b79-d4906b5984d5
.360yield.com/	1970-01-20 09:10:04	Name: tuuid_lu Value: 1666828351
.media.net/	1970-01-20 15:46:04	Name: visitor-id Value: 3098299511455447000V10
.media.net/	1970-01-20 07:43:40	Name: data-c-ts Value: 1666828351
.media.net/	1970-01-20 07:43:40	Name: data-c Value: k-u7VlsXqnmTSkgbWL84uoUSRu8_7lSfTo_9jmIw~~3
.sharethrough.com/	1970-01-20 07:43:40	Name: stx_user_id Value: 972456d9-fdf1-4e5e-a288-c562c88d277c
.rubiconproject.com/	1970-01-20 15:46:04	Name: khaos Value: L9QAKBAI-1W-4U3W
.rubiconproject.com/	1970-01-20 15:46:04	Name: audit Value: 1\|Lz6qTapzHiUHpcl1BdTfTU3yGhtQqK9/NZrTkwz8aQIeECEUBMheihJBPtGEUusqYNY3rAgGskswHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTQAnl93LEzxRuRej2cgNb1FsxrAOSqOrISk59K/vdNndnR5QxovRBYt16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.360yield.com/	1970-01-20 09:10:04	Name: um Value: !38,drMZOyLN1qbCjP-5-cwNQ-eyHlKELjP7FtH9gps9eiLip-fvbq9uKQeTrdH..-mOte04M0En,1674604351
.360yield.com/	1970-01-20 09:10:04	Name: umeh Value: !38,0,1729036351,-1
.taboola.com/	1970-01-20 15:46:04	Name: t_gid Value: 4933fa66-d17c-4612-870e-f38f86b446d8-tucta534dbf
.bluekai.com/	1970-01-20 11:19:40	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 11:19:40	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LUDn2XyB5x6rEdENg6hBezlNXu0wE/LGz5RNMez/0FahOQenFHRv
.bluekai.com/	1970-01-20 11:19:40	Name: bku Value: uUW99ed/VVBPzLTr
.3lift.com/	1970-01-20 09:10:04	Name: tluid Value: 3817452951189734707450
.yahoo.com/	1970-01-20 15:46:25	Name: A3 Value: d=AQABBD_IWWMCEF4jsiq3BbMrT86I2CZvoLIFEgEBAQEZW2NjYwAAAAAA_eMAAA&S=AQAAAsQr-C0scuMDK08YlXsK-Hg
.analytics.yahoo.com/	1970-01-20 15:46:04	Name: IDSYNC Value: 18zh~27xz
.teads.tv/	1970-01-20 15:44:37	Name: tt_viewer Value: b0d10eeb-0990-46f7-ab02-d368fb5f85bb
.smartadserver.com/	1970-01-20 16:30:42	Name: pid Value: 8993534485955983562
.smartadserver.com/	1970-01-20 16:30:42	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:46:04	Name: csync Value: 79:k-KhNViHqnmTSkgbWL84uoUSRu8_5Ukna4VI8-gA
.liadm.com/	1970-01-20 16:36:28	Name: lidid Value: 74486082-75e9-4072-88b0-b50511340181
.smaato.net/	1970-01-20 07:30:42	Name: SCM Value: 065140e9
ponominalu.ru/	1970-01-20 07:01:54	Name: tmr_detect Value: 0%7C1666828351677
.bing.com/	1970-01-20 16:22:04	Name: MUID Value: 3842A0FBD79D6FD22157B2B2D6B76EAD
.c.bing.com/	1970-01-20 07:10:33	Name: MR Value: 0
.smaato.net/	1970-01-20 07:15:35	Name: SCM1001851 Value: 065140e9
.tremorhub.com/	1970-01-20 15:46:25	Name: tvid Value: 9487065bc9574f86a51a5d1d7ec78dbf
.tremorhub.com/	1970-01-20 07:43:40	Name: tv_UICR Value: k-mhG8K3qnmTSkgbWL84uoUSRu8_78WuCQXCwFpA
.yieldmo.com/	1970-01-20 15:46:04	Name: yieldmo_id Value: gb0aa508abf90400a048%7C1666828351787%7C0%7C
.ads.yieldmo.com/	1970-01-20 15:46:04	Name: ptrcriteo Value: k-RudF7HqnmTSkgbWL84uoUSRu8_4I5gv9fZp_ow
.omnitagjs.com/	1970-01-20 07:43:40	Name: ayl_visitor Value: 332b3aabb59f4fb450bf9413e3ed34ab
.ads.stickyadstv.com/	1970-01-20 07:43:40	Name: UID Value: d565a2c48963a3c73fff9cfdeb8cc1
.ads.stickyadstv.com/	1970-01-20 07:43:40	Name: uid-bp-11554 Value: k-746xInqnmTSkgbWL84uoUSRu8_4aXDOo9FfRnQ
.demdex.net/	1970-01-20 11:19:40	Name: demdex Value: 87833750150260491372704708903870504111
.dpm.demdex.net/	1970-01-20 11:19:40	Name: dpm Value: 87833750150260491372704708903870504111
.socdm.com/	1970-01-20 16:36:28	Name: SOC Value: Y1nIQMCo5s8AAMy5H-AAAAAA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mindbox.ru/v1.1/customer/track-visit?version=1.0.417&transport=XmlHttpRequest Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-tst.adriver.ru
ad.360yield.com
ad.adriver.ru
ad.mail.ru
ade.clmbtech.com
ads.stickyadstv.com
analytics.tiktok.com
api.mindbox.ru
c.bing.com
clicks.gdeslon.ru
cm.g.doubleclick.net
code.acstat.com
connect.facebook.net
content.adriver.ru
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hit.acstat.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
match.sharethrough.com
matching.ivitrack.com
mc.yandex.ru
mug.criteo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
ponominalu.ru
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
server.adv-cake.ru
servers4.adriver.ru
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.bluekai.com
tech.rtb.mts.ru
tg.socdm.com
top-fwz1.mail.ru
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
vk.com
widget.eu.criteo.com
www.facebook.com
www.gdeslon.ru
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.ticketland.ru
x.bidswitch.net
100.24.185.7
104.36.115.109
141.226.224.48
142.251.40.98
173.223.57.84
192.40.39.223
195.209.108.36
195.209.108.37
199.187.193.199
202.241.208.57
212.41.26.148
213.108.128.54
213.87.44.187
23.111.96.44
23.195.108.24
23.197.21.93
23.36.1.98
2600:141b:13::172f:91aa
2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c
2600:1f18:ed:550e:c4e3:3eb9:eebf:6813
2600:9000:2209:d200:1b:5138:8a40:93a1
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2008
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2003
2620:100:a001::17
2620:100:a001::4
2620:100:a001::c
2620:1ec:c11::200
2a00:1148:db00::17
2a02:2638::22
2a02:6b8::1:119
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.230.222.9
34.117.157.22
34.247.240.231
35.211.178.172
35.71.139.29
35.82.147.58
44.206.182.6
46.254.20.215
5.189.239.194
52.21.246.162
52.3.184.194
52.41.101.164
54.175.87.114
54.84.171.38
63.251.28.233
68.67.160.132
70.42.32.191
74.119.119.139
77.238.96.5
8.43.72.97
84.252.130.113
87.240.132.78
95.163.52.67
02c2c6fc11267ecec77f5c6b8db011dcdfd5b555a27e0a595bb73e58eaf524a2
0352bbc80c7eba05180d37f6686b4199e73d60e863f300fcbfc1d2194eaf9279
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b4c44df3366635bacaca69debd70b263b472ad38239661feefc8940a0afd484
0cff12337fc4daa84981d8fae782b53f25b37cb2d6bf5c2fb3cfbb8f689ea079
12c32d287ea4c6070b6867865174c2fbef164c4153658aaadb26fe1be0419cb3
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
1b748b2a19ea102ecb1c5116d2dab223a338064511efe1b955a5d0b1c7863b0b
1cf9ff03fb16e95f0c0768c96be2cd0bc29f67b8adfb56ee147798a735ab0058
215e7c30ebbc2c3f0cec92da4ff648c855db5ca0cfad8c47e00520a524436c61
215fe7288ded56b2ea03096aab7a55269acb79cec0af73aa097204b111c7e912
21723a349f5e89d03ecd836af2588d5347cd41f983246b4a1d7200460bfca2ab
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
275300e792ac8d808a203e9cf9c2ed8afc1356a9d371bee06e3bc45c816b001d
280f5e8a0c7053bfd462d9da751527ce7f4dd7649f6747f9210986aacc532f94
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aee23e580e20a7eae628e3f758356a6974508d60e377a9203e3b523fde2b16c
2b5d214474b163179559d0d5ccc4f4486dd4095bd33d40f17311f4a0aed084ed
2f155ccf42827cca0258a8340c8414601e1447961453eeb162cbe72b45b3f228
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a5afb805065ed5d2c8506a37eb78bc474fcebb560cc2410c87d49760b645dc
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3f050149d3d5983317bc09fa986557e752fafdf3b20fa4a253346ee6edb97a0f
3f59df75b8e878b60686ee2ef9186a717e5bd4df180ada2ef7a17a44743e09d6
3f8589bbc0f230823d343058b730523851e082d05e9413da04efb56108e413cf
45252c16252eaa36b7ec9ae5354a6130e4a41185dec48a0d98832bbed221e559
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
49821e4d8511f26d5c180ba214c469286fc451f294997dd93a5e5b4643292827
49d78c2787cc91e1453f8c67b7481dcc12e4a259f3c55b8c737b5d436ee53fc4
4dfd2313e5d5bf73499f36d2655f50fd4630f2aeb3b01e05da5ab175896a6740
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
515672a1ff97f5f8cdf962e3679e99e183e19ea349d919de0530aebfe3de0be8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
573b410820cd03b82cf37f8618ad32cf79016caf3eb9964dacfd0c684c913189
59e196cbc31bfac7cb5ebda2906309a5349b7bafc25668f6f14ffc9ad7709023
5f53a1baa2c183f722004d0af51c5fa849490a0b9af25ded0360dc4b2a190f93
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d37aaff26dc50b46e555d58951244e3d7e309f57b423ad58c5a0a4e30bdb9ca
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
6fe5233b4ccd041305715d11fd354cb3a65abe22152fc698d6033124a2212fad
75569be3804e61d5612fa7731ff4edf9b17f17c6d1278cbe9f3719dd28542f7e
76b3bda7082d9d4d81bd203969c2d529c753951033cd8373dc7488107020f770
7beac6018d4928abb2e5d0d747752e921ec6217d0b9c0ab1bafdbd7d60fb6fc2
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85397c94af328df8f9d8ac32720b4df0ebc6a2038c316a2b1807565ad17c5e83
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
87834f1791047499d1e6ea306e3127c4728e2ce35655386ff70fe2a9404eb1f0
89a061aeab2a00ef4f61261f157044d27270a88a38f3448a82477d7b6a9b4b94
89b199cab9c3b3dc601d366faaa333a26eaaeb9b5a3a19038695fd8b01bf3786
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bf2ec255f7531825cc4506462c9cf58461d4a0abecd3b1fcab17bcdc081b695
93174d63a8acf2be2800eb32965154e583906b85ef7b329f977ae8e83a753914
95754decdece636527db8ad19d70324f7b2c64bf0762d35bedefe45933fe008a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d762ea467db66c02a25bfa9d5e4b0d0f7b5d48aebaf9cf739b0804134aa9044
9fdb12ceee3a402d3a54afe354552459dd3950e9c6dece06288e4cc0a7a7c060
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1cf62faca35612e6efc3f6c593cd5c8f99cae0a6405e9e6adb624cb6e874c59
a61f8b05d397288ebe718137c19db87e9262922930376c12696e2cef6b43a084
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf
c3500fe78448407f508e17b95bc05a82e60b104139ce174d1c2fdb9a9b591221
c5086a00d6ad00e715cd653046d9538016f9b7316f14f194dce223894f2eb4b5
c992775c4f98fa59a549cce6cee80ba961e8a076ba9653aa714421b5854a41dd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf690d2e62f771f4836e02cddd58667b4c8dca88d91fa6a47f474cb43ccf6a1b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2dca1e5f4d19fa689883bdf106954573a5c0d57b09d76375f48dae47ec55597
d3a5658442dc185ac523409a71942d994df1e015a7f15032c517c5e323879ece
d6d9eb1e6011d313af292617c2c06bab0dd1a125f662c12e457d1b9732af0ce6
d88510f7ba40e214c1e182e037211ef283c3ab56838e784eaceae04f65c67615
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0bb484dcb65beebef4e8d6068a833171c89c3ce775b733c44f3fcd3dc1bfb64
e18a390d278e08cbefab99a8b3b69f83f9c9bb370a9e44c2e7c6d061164a4173
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90ec6a7ae309538467bd0be975d59f7ffca8c89bb050fbb1e9ed6656be7b1a9
ebb0222e798766528c1fd854e98828e478e394ea0580ee1ef5d5e15354b4480e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63b54f0ab2eddc08d2591560dcdb91f4b6625a05b2c577c320828bd2f92f164
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f792526fa1a37eafb684e421d29bc210b606eb1dcdc853d17db83d2e98726d88
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fdc219c419b103c97dd30b669a712cd3cd260096428050f5407ccb2bf4691c1e

ponominalu.ru Open in urlscan Pro 213.108.128.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

89 %HTTPS

34 %IPv6

52 Domains

65 Subdomains

59 IPs

6 Countries

1500 kBTransfer

4517 kBSize

96 Cookies

2 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ponominalu.ru Open in urlscan Pro
213.108.128.54 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

89 %
HTTPS

34 %
IPv6

52
Domains

65
Subdomains

59
IPs

6
Countries

1500 kB
Transfer

4517 kB
Size

96
Cookies

140 HTTP transactions
7 data transactions