utro.ru Open in urlscan Pro
95.213.212.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://utro.ru/
Effective URL:
https://utro.ru/
Submission: On September 30 via api (September 30th 2022, 2:45:52 pm UTC) from US — Scanned from DE

Summary HTTP 515 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 73 IPs in 10 countries across 62 domains to perform 515 HTTP transactions. The main IP is 95.213.212.85, located in Russian Federation and belongs to SELECTEL, RU. The main domain is utro.ru. The Cisco Umbrella rank of the primary domain is 441279.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 18th 2021. Valid for: a year.

This is the only time utro.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	95.213.212.85 95.213.212.85	49505 (SELECTEL) (SELECTEL)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	217.69.139.14 217.69.139.14	47764 (VK-AS) (VK-AS)
31	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
1 21	95.163.37.253 95.163.37.253	47764 (VK-AS) (VK-AS)
16	92.223.99.99 92.223.99.99	199524 (GCORE) (GCORE)
44	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	92.53.64.248 92.53.64.248	49505 (SELECTEL) (SELECTEL)
3	2606:4700:10:... 2606:4700:10::6816:4f7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	23.35.236.143 23.35.236.143	16625 (AKAMAI-AS) (AKAMAI-AS)
6	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
11	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1 2	88.198.31.232 88.198.31.232	24940 (HETZNER-AS) (HETZNER-AS)
2	92.223.106.22 92.223.106.22	199524 (GCORE) (GCORE)
2	146.185.195.90 146.185.195.90	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
30	2a02:6b8::1be 2a02:6b8::1be	13238 (YANDEX) (YANDEX)
2	52.209.182.146 52.209.182.146	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	146.185.195.94 146.185.195.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1	185.26.97.53 185.26.97.53	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1	87.240.129.133 87.240.129.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	217.20.152.207 217.20.152.207	47764 (VK-AS) (VK-AS)
1	95.168.170.7 95.168.170.7	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	195.209.111.19 195.209.111.19	52007 (ADRIVER-AS) (ADRIVER-AS)
1	82.148.14.194 82.148.14.194	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 1	94.75.234.115 94.75.234.115	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	212.32.253.229 212.32.253.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	85.192.12.173 85.192.12.173	12695 (DINET-AS) (DINET-AS)
42	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	88.212.218.22 88.212.218.22	39134 (UNITEDNET) (UNITEDNET)
1	82.202.225.240 82.202.225.240	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2 19	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
4	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 20	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
3 7	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
29	2a00:1450:400... 2a00:1450:400d:80c::2006	15169 (GOOGLE) (GOOGLE)
4	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:214... 2600:9000:214f:f800:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
39	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	54.194.97.68 54.194.97.68	16509 (AMAZON-02) (AMAZON-02)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:205... 2600:9000:2057:e800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
2 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
515	73

24 95.213.212.85 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)
PTR: valerie60.produmail.com

utro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.69.139.14 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: likemore-go.imgsmail.ru

likemore-go.imgsmail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 95.163.37.253 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
relap.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 92.223.99.99 (Russian Federation)

ASN199524 (GCORE, LU)
PTR: ru.a.gcdn.co

pics.utro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.53.64.248 (Moscow, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

www.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4f7b (United States)

ASN13335 (CLOUDFLARENET, US)

code.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-143.deploy.static.akamaitechnologies.com

d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.31.232 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.106.22 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f62.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.185.195.90 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel24.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a02:6b8::1be (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.182.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-182-146.eu-west-1.compute.amazonaws.com

ingestion.contentinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.195.94 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel23.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.97.53 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde981.fornex.org

ia-dmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.95.102.105 (Russian Federation) 2 redirects

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.152.207 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip207.152.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.168.170.7 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

a.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.19 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.14.194 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel24.imcmdb.net

statmedia.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.75.234.115 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

code.directadvert.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.253.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.218.22 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: ads5-1.sser16.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:807::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.19.98 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.250 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:400d:80c::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:f800:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.97.68 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-97-68.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com	560 KB
75	criteo.net static.criteo.net — Cisco Umbrella Rank: 636 pix.eu.criteo.net — Cisco Umbrella Rank: 8597 csm.eu.criteo.net — Cisco Umbrella Rank: 8499	398 KB
61	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299	1 MB
40	utro.ru 1 redirects utro.ru — Cisco Umbrella Rank: 441279 pics.utro.ru	443 KB
30	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 9862	1 KB
29	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	287 KB
25	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	6 KB
20	relap.io relap.io — Cisco Umbrella Rank: 26896 s.relap.io — Cisco Umbrella Rank: 49618	227 KB
19	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1420 mc.yandex.ru — Cisco Umbrella Rank: 3687 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 24638 an.yandex.ru — Cisco Umbrella Rank: 2395 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 21839	342 KB
17	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 728 gum.criteo.com — Cisco Umbrella Rank: 402 mug.criteo.com — Cisco Umbrella Rank: 2810 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12829 ads.eu.criteo.com — Cisco Umbrella Rank: 8466 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10688	230 KB
14	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	495 KB
12	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9776	4 KB
11	google.de adservice.google.de — Cisco Umbrella Rank: 8962 www.google.de — Cisco Umbrella Rank: 6301	2 KB
11	yastatic.net yastatic.net — Cisco Umbrella Rank: 6465	257 KB
8	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 9682 ad.mail.ru — Cisco Umbrella Rank: 10157 relap.mail.ru — Cisco Umbrella Rank: 103376	19 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	6 KB
6	giraff.io 1 redirects www.giraff.io — Cisco Umbrella Rank: 803214 code.giraff.io — Cisco Umbrella Rank: 54198 data.giraff.io — Cisco Umbrella Rank: 124769 a.giraff.io — Cisco Umbrella Rank: 121124	30 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 294 region1.google-analytics.com — Cisco Umbrella Rank: 2852	18 KB
4	stat.media stat.media — Cisco Umbrella Rank: 27477	29 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 129	16 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1519	2 KB
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 103237 smi2.net — Cisco Umbrella Rank: 38953	2 KB
3	rambler.ru counter.rambler.ru — Cisco Umbrella Rank: 82529 kraken.rambler.ru — Cisco Umbrella Rank: 27155	100 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 282	805 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4521	647 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 746 r.turn.com — Cisco Umbrella Rank: 3326	869 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3547	789 B
2	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 573	382 B
2	uuidksinc.net s.uuidksinc.net — Cisco Umbrella Rank: 3712	483 B
2	gnezdo.ru 2 redirects fcgi4.gnezdo.ru — Cisco Umbrella Rank: 51674	633 B
2	contentinsights.com ingestion.contentinsights.com — Cisco Umbrella Rank: 28376	176 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9240	1 KB
2	moevideo.biz moevideo.biz — Cisco Umbrella Rank: 44747	52 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18250	1 KB
2	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2084	1 KB
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7786	30 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 712	443 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1470	351 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 441	864 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1039	172 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	460 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 13202	552 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1523	583 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 815	713 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	5 KB
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 39561	866 B
1	dmpprof.com dmpprof.com — Cisco Umbrella Rank: 17013	736 B
1	adtarget.me z.cdn.adtarget.me — Cisco Umbrella Rank: 60924	41 B
1	directadvert.ru 1 redirects code.directadvert.ru — Cisco Umbrella Rank: 51523	343 B
1	statmedia.ru statmedia.ru — Cisco Umbrella Rank: 65721	265 B
1	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 22535	201 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 25290	2 KB
1	vk.com vk.com — Cisco Umbrella Rank: 5950	571 B
1	ia-dmp.com ia-dmp.com — Cisco Umbrella Rank: 67866	238 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 57549	523 B
1	rackcdn.com d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 45120	6 KB
1	imgsmail.ru likemore-go.imgsmail.ru — Cisco Umbrella Rank: 44165	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	74 KB
0	creativecdn.com Failed adfox-c2s-ams.creativecdn.com Failed
515	62

	Domain	Requested by
44	pagead2.googlesyndication.com	utro.ru securepubads.g.doubleclick.net a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com www.googletagservices.com ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com s0.2mdn.net
42	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com utro.ru ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com s0.2mdn.net
39	pix.eu.criteo.net	ads.eu.criteo.com
31	static.criteo.net	utro.ru ads.eu.criteo.com
30	ads.adfox.ru	yandex.ru utro.ru
29	s0.2mdn.net	utro.ru s0.2mdn.net
26	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net utro.ru 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
24	utro.ru	1 redirects utro.ru
20	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com utro.ru
19	www.google.com	2 redirects tpc.googlesyndication.com a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com utro.ru
19	relap.io	utro.ru relap.io
16	pics.utro.ru	utro.ru
14	www.googletagservices.com	yastatic.net a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com securepubads.g.doubleclick.net utro.ru
12	mc.yandex.com	2 redirects utro.ru mc.yandex.ru
12	yandex.ru	utro.ru yandex.ru yastatic.net
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com utro.ru www.googleadservices.com
11	yastatic.net	yandex.ru utro.ru yastatic.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	www.google.de
6	adservice.google.com	securepubads.g.doubleclick.net
6	top-fwz1.mail.ru	utro.ru
5	csm.eu.criteo.net	ads.eu.criteo.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	utro.ru
4	cat.nl.eu.criteo.com	ads.eu.criteo.com
4	ads.eu.criteo.com	3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
4	rtb.nl.eu.criteo.com	utro.ru 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
4	stat.media	target.smi2.net stat.media
3	www.googleadservices.com	2 redirects yastatic.net
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	mc.yandex.ru	1 redirects utro.ru yastatic.net
3	ssl.google-analytics.com	utro.ru
3	code.giraff.io	utro.ru
2	ups.analytics.yahoo.com	2 redirects
2	d5p.de17a.com	2 redirects
2	match.360yield.com	2 redirects
2	pixel-sync.sitescout.com	657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
2	ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	s.uuidksinc.net	utro.ru
2	305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fcgi4.gnezdo.ru	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	kraken.rambler.ru	utro.ru
2	ingestion.contentinsights.com	utro.ru
2	counter.yadro.ru	1 redirects utro.ru
2	target.smi2.net	utro.ru
2	moevideo.biz	utro.ru moevideo.biz
2	exchange.buzzoola.com	1 redirects utro.ru
2	ads.betweendigital.com	1 redirects yandex.ru
2	bidder.criteo.com	static.criteo.net
2	matchid.adfox.yandex.ru	yandex.ru
2	region1.google-analytics.com	www.googletagmanager.com
1	ysa-static.passport.yandex.ru	utro.ru
1	avatars.mds.yandex.net	utro.ru
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	r.turn.com	utro.ru
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	sync.teads.tv	657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	um.simpli.fi	1 redirects
1	an.yandex.ru	yandex.ru
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	smi2.net	utro.ru
1	smi2.ru	utro.ru
1	dmpprof.com	utro.ru
1	z.cdn.adtarget.me	utro.ru
1	code.directadvert.ru	1 redirects
1	statmedia.ru	utro.ru
1	ssp.adriver.ru	utro.ru
1	a.giraff.io	www.giraff.io
1	connect.ok.ru	www.giraff.io
1	vk.com	www.giraff.io
1	relap.mail.ru	1 redirects
1	ia-dmp.com	utro.ru
1	cm.p.altergeo.ru	1 redirects
1	s.relap.io	relap.io
1	data.giraff.io	www.giraff.io
1	mug.criteo.com	utro.ru
1	ad.mail.ru	yandex.ru
1	d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com	utro.ru
1	counter.rambler.ru	utro.ru
1	www.giraff.io	1 redirects
1	likemore-go.imgsmail.ru	utro.ru
1	www.googletagmanager.com	utro.ru
0	adfox-c2s-ams.creativecdn.com Failed	yandex.ru
515	97

This site contains links to these domains. Also see Links.

Domain
20idei.ru
smi2.ru
vk.com
ok.ru
twitter.com
zen.yandex.ru
top100.rambler.ru

Subject Issuer	Validity	Valid
utro.ru Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.imgsmail.ru GeoTrust RSA CA 2018	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
*.relap.io GlobalSign RSA OV SSL CA 2018	`2022-08-24` - `2023-09-25`	a year	crt.sh
pics.utro.ru Sectigo RSA Domain Validation Secure Server CA	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.ssl.cf1.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-09` - `2023-05-10`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-18` - `2023-01-10`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2022-03-31` - `2023-05-02`	a year	crt.sh
smi2.net R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
ingestion.smartocto.com Amazon	`2021-12-10` - `2023-01-08`	a year	crt.sh
stat.media R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-23` - `2023-03-23`	a year	crt.sh
data.giraff.io R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
ia-dmp.com R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
a.giraff.io R3	`2022-08-22` - `2022-11-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
uuidksinc.net R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
statmedia.ru R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
adtarget.me R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
dmpprof.com R3	`2022-09-20` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
smi2.ru R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 54 frames:

Primary Page: https://utro.ru/
Frame ID: 23C0831168EA113BC649CD238F78E564
Requests: 158 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 350FEEC827E9F478904F889B7FEC0643
Requests: 1 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: 3EAFCEE9002DE57B99BBF3DB2C06EE8A
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=utro.ru
Frame ID: 0EAC96859896451830AA6968E0CE5FA7
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E3E28753F2DD6EC1E8EA91A0B3894EDB
Requests: 7 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B9AE6E55445B12095D7DF6541AB35CD6
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 987C16DC9D168C436A5C4AA135BB222A
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8B0756D8979231D99BA9B89574AE2FE8
Requests: 9 HTTP requests in this frame

Frame: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: ADFF79FC671C0EBBD91212EFE80BFDF8
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F7966DBEDB1217C933C7F1C15581998B
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 190E0029441A26141799D5AB9B232784
Requests: 9 HTTP requests in this frame

Frame: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 40CA14D3B73D5E881F888FF335BC00E8
Requests: 1 HTTP requests in this frame

Frame: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 638B097FC2FCD0F924215A9701A16CB1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 55A2E1A01C23586F162F91C1BF00A776
Requests: 8 HTTP requests in this frame

Frame: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3AEC66BC71EC18768BDD3A04D3289904
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EE1A0964139AD13E1D480C4F60ECDB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93D2169E32E2E55A1554A867D4F1B27B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0217205F1FF16A9F337B4EFA870C51E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8901739BC330FAA039E77F7A3A36953
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D643D3BDE990EF83FD7ADF56E205F229
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14F26B4AE26D5EC468B4AE496D07070A
Requests: 2 HTTP requests in this frame

Frame: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4F8AE24447D91AE4FD795FC0DB9A2D5C
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B7C914B7AFE858D285C215CE6602051
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AAB0C4E7255919F64D9592287A3B3F3
Requests: 2 HTTP requests in this frame

Frame: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A89AC3924C87875CE8745EB20DE1A2D7
Requests: 1 HTTP requests in this frame

Frame: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 631BB46B9BD37D02F94C9D2F33D345DD
Requests: 1 HTTP requests in this frame

Frame: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CF8394CC9C52EACB5B0D64506B2C56A6
Requests: 9 HTTP requests in this frame

Frame: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7C7AA2277BA1E1DAF5733690274052D4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYyeGn1AEwAQ&v=APEucNV6MkjcEyp4SUqf6JayR6SQBuQzHwSeXb8CYkccKLa2BqhT3oupFk2YIGDxJfwTtYKMS5nkbMkM4LZT-OOx8dRciivDA9foZmtQGCg_W1vob8vYjSACwvF6mvLOIsx-0eCyyeUVS-FUv8u6l91BSlLn9TuhVHZTrOv8dvgc7rD_ShP_qmA
Frame ID: EAE56E49E78A9B64A67CC469DDC0ABE9
Requests: 5 HTTP requests in this frame

Frame: https://b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 91D262AF3C1AFA31DA7222B2059E6E8A
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGokEKd7sIAAM0pDaeOLT-czWcSn5vZA&u=%7ClaXLEDWAoCkSIMiw4qTHLUnndtZZDw%2BlJ74pXm0tTUA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbHGW0Fvz7D0eKh2C8prNv9_7_J7xIwkw3fAzqN_dCEBTBuoITTQStoeSfsGzwwLnZcfBQu5RkPMclrm_CrGNZdRlD2Lmzmz9_GSNm7awyoIiMKwtUu5I2WKIIyT4-sVlcw9MF8fj3LMJs2lFPaBoHmRsvI0lNLw-svnzQvVNLOiRij3bQkeZsCV6N8ZyowtQHWGCYzPbFrNiOMruthrxDn6NtGKthEV00ezLvjHNONPcymYUJvDF7OJQwLhNC6IFXKh6gCd_yQionEOy9fmTaqe-D6HYv4Y7Zb-qiQVxwxUji8xSZjy9PAudvpatXiKGuwSDr-ybJNZvd1D14CNu83eI2LWKxnmrOQBjDwirVzua4YzzjWl4igmTqZlHvU-vR6eaWt0J2Srdl1Y9pnSRzEwZTlp5KLGAxe6YzoICJ9B3ltFcO8aDOFyNocJ0qCHbiyCsOG8JJV_74RpHgnDvbW1EgF06-WNOraBpJTxjsOHePVRAd-LHnbHAFvzT7PqONzbBsMWBGcUgH4FxMDDJ_EK7P6G8tzPMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtzYlGAE3Y8HEGoj23gOk6YyoDsme0rFczYbj1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEsQJP0NKQf_Fr3op8qVO7_9f0Yn1suYkSHHrv8aYiL1aJ2lSKNEEE29nNVqxOmFmrxshXdibAsXQjwvIoXV9WpDoS2iN7S78DZg4U0rtItoG4f8H42cHtCV-5MQtcxZpyYJmf4PQnwPEVHi1ShFnnTTy0i0k5xtjJYpOqeKitZovQw1Z6_fHF7lM2tXRD4ZOJ-ntD8Vlm_KTqqiEb6mSz-rVTGSI8P4M-fWP7HUnYeq-jNETu-e3hOvnQeqf87zhefwOFP-uc3GfRMgzb1HkJHtw7tUwcKWzxqtbLfVrhUtK1ksereys--CeSpwPQnZtUBVGb9YR4u-Kh3Eo7ZK3YRaFoRU2dj4RdkSWgqf0JohQwYaatjRQJS2WM4uxd2vPte_zvK2_ubbssm09dvx346ytqLOAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33oLhQSGe7i_GQU3J8kB77G9T91w%26client%3Dca-pub-2861464200338808%26adurl%3D
Frame ID: 8D426722F092DF6EDBB2CA38B6AEF23F
Requests: 23 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAFRKQHg4j9AAYi5dKXnesb7QVwubQPRg&u=%7ClaXLEDWAoClfI2DbA8TVV0pC3wyNC5M5jvnbVQIKZ18%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIuRypMidWM1e4UzvK675BiXOGW4noSDWkPUm7ewNuNFMJfeE_y9G1flJ8YmfaziaHKUpwTOOaWfNSkKlAAlRue2MypJAii1y6Y_iBvVWr0Gx2MnubO_UsfXdpoTQA7P3VmKGmvPy_XrJJtROpKd6Ymbrhq69QR1apUH6VCmdn0yeVdz4QRfVo7wFRn_4XzFyMhMzYUeGojhBPHD5yWjqnCQbve8kYNbMQHyqGqz3wWWqY7TOa1LsKAfs8QdpbIfJ66S7aQUv3WyUoorihMFuwya3bQ0-lqv2HzGJAmOEkOOhN_7kifAS5yRvA7JtVwSOw1kKQQWXxwzDa-99Tqxu6kzs4xFw-msBvMsWRL7k7QChKDf1WDaBIFzd-l8xGja_j7NwBpqMSxL6lFmqQmFlhGlBfT_x1lLZ5_J03G6QjtPge1ZruKG8K5ZUJDzmrQHdRDHgW0eU8GFtdqPMv013eiPEU-Y-Hkyerjeou73F2w4XsU-QTPEhNsF9qGHVykmnXr63qh0sfUikz6u_AezPueKy5PJFJWm-0w-v8mpQyTkQqQF6CvSCBgv2APXe7anbB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-jRYGAE3Y6SJFf2RjuwP5cWYiA_JntKxXNWdkfdwwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoErQJP0Kn4A89nuUYg4aVlUcgXTeQ3yd3todvm7VURgzQQdZ3FHIr_YnQDvE4feQ2mv2Eaa9Fgdqjjr9ZwoUTjNZ55Z_sE-IWLCqapgK_No_CV_7flwSr77fsxduB7xssN4zDUzhU73PILCcvXpVM4sXvJZJrvLHEPzuiQe4JJqevUr9DVuKrzkqlLMCTnZdG4hk1CYgKM1diw_dm93zclzLOaKu5dpAa54kOSGv0bUNpb0aw8MGKDPx5rNApT37thElvT27XJ1RPApBqOnx5cs884poDScMS0hUgcEYD2KOEBTeseh20hDATJ2P2F_x2rR01q98NH4HDK-Uy5lJRIDFBV49f7kEUF74vgVRVmpteXtA3RsHyQJpmuFbxU0Nz_PPQW8ch-hlXzZvzKJ2Uz4AQBgAabztbYl8fLrVegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y46PI1hE5FiHt7ridyMub-b_oiw%26client%3Dca-pub-2861464200338808%26adurl%3D
Frame ID: 2EBC44233D163CF64922D9B8F1069442
Requests: 24 HTTP requests in this frame

Frame: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 63B7EE3496B162C785A69CCD237AFF48
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGAm4Kd4XKAARV7hEHXF54f4V2MajWHw&u=%7ClaXLEDWAoClYalyVDqEKmnDiCrWLBipNsE%2BTSlUZl7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WvNmdxDN44eLi0PpJ3dzc63l-Gcnzkaq2xEBIM6_yDqSjYxB_Pvxne8VU0KOz2chVyGJjF3A6buRxfwI_fImnV1f_BHK_FpWdaQumvbzo0cBiPO2fqO5BKfvFBB_Ctn4S2s9NRPE3OvFH96dRwkXmhMYceJdhkZTQJi-Dt2GJmRZU1wWXiLo3NWAtDHcjKZNsgMOa2pHMmocYQCbaMuUUg9k-5fB8PhmDWKzY68ftkOpxn79e05Gdaev4PG7jhIf73H0MmlcNLvMo9tj1rDYsy1TCCmcCFvJETx81KM6HQ9iMZCGhgzFdRFqVlkuyouv9dAYe3zjGFYoV_ngaYeQdnB4xDPtFdCFJWT5l57nRua7g8fomgnyNuKbuNgjsIxcDEh76Jqm9OCyAAovZvJZvQLvbXUICFqTUmQf2WAudCezoHQ1nQCHF5iT7k86Av1vblzdco-AWJ1usm4A9OlsQN3-bwgbuGZvPH5AFjAgXF-a38l2Yygdh_45d18nLZQ9gsYDjoRZjxyMb6OG7ZnBihngv9sQ358qozXtWmyr1wLA23CjyikNTRiHmTepvaEAUUOt7Iq3uUYRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT5MwGAE3Y-6EGMqL3gPuq5HIC8me0rFc1Z2R93DAjbcBEAEgAGCV-ouCmAeCARdjYS1wdWItMjg2MTQ2NDIwMDMzODgwOKAB1bbS6gPIAQmpAkHEJNzLf7A-4AIAqAMBqgSuAk_QAQl3way3xOFQv2YXIBRB4A6kgdWBs-6hU1hvBzAVh8qnzi_Eeo7MyQ46uDJmeI7I3A-Qv3UkYRfybapBA5uX7-btiG_50C0JffjK8H676WuWDihI8Mr1ASTYaNKYfTISBV1YqrxrseTkacrY2GeIPmUwt3fd2mHbQJIf7MmNrAhppbVEISTY7dmQPJ50BMhX1YdlRycYOGuYcQa_suILqHUWa6srPvAplbWLxwqkDePHU7qy20Rrfm8o1lSLbUdoF2-KJw60iirUTjy4XHQa9pQ0yfr-BwiK2di7JYzbzTR1LRtuwgOiPnIa_iKMmBulRYg2DCsS6pFC217SdCrjLUyR0u3YIcc8MkhSq4k_-oirhFLcny9BOy_564U_IUKu0u3MMViv6HojBS4b4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2t7hCfTiYhG7Oz0MvozEaDs57beA%26client%3Dca-pub-2861464200338808%26adurl%3D
Frame ID: 07FE79F324954D3B7A7BC59D655BA263
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C9DC52423B5EF518B3637BFC5CE8A33A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01B11B7801EA74B9A51CD137E80B279C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A4216AC8745D89440032B834287FB6F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BE056E67B828345C432713A1E654FBE
Requests: 2 HTTP requests in this frame

Frame: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 418A23F93A05E0D11066665B9805C3E8
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4D78F393FAAD897D9DC7C8A1BAC4EA6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 51739B1C7DB9C7821D968CFDF2C94E55
Requests: 2 HTTP requests in this frame

Frame: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3E23455EC4E0A5693FF1C20A655908C8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP28zcFxc4jgM3MK5Bzc6KVabuAOv_sx-zCcVIR7cFDGiBv0BP5p3BewzHnadrf-lbMKn9PoIOGPHsfbNtLFz1tQmThggIU5Y5LKX2ZyVW_xlkCET0UntC966_W7jjd3IeAk6qKYb2BC_pSfVWD8ROWDixtRRrvE4GniI9AAkFVMKdp83qnoThCJobV13xJ7cfJe1WpfoNSkJOYVe4G2Zzhngxdo3UVdkl8eSmKrzNrpLGcOycyFsH0-coNeNqmJWGTy-M8eMteflfrMQAUKhysl4CUWrksjzxbzOv5xVcAwdpbx9SjSr33PqycqqEm5DoL2Nw2niLFbRQPAbxWKMs2YHRlOj5_2cC3DP36PG2bB5uh-c0Kr20Xn6CKAdYXLKiEhE&sai=AMfl-YTGRZVmSR_IoNSs6eaV5AzDwgZzIpC0EEfBcNg60rXAze-dO7fMVU6H9rCuCEaWUCyKAAtSHLhTAAMlQX9-Gi0QsBgrfwK02WPZxx4VtLTnbTZJW0ClRP9-0hIaWePj&sig=Cg0ArKJSzIXBnJloVxt9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EE93C6197B71A32A0DF59EF782E33D9D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGL6Z7sEBMAE&v=APEucNXt_Yq19i1mhORdW5Js976h75libQzOA7QKDhCtZjFcGyommw-KzFb-JkozstKFZ883B7syaRwmUwGCicLOOqJE9cd8lylKotWzMuUrKX0dqNvWTn40Gz7ERWBg5S7ntHHLNP2ik4ZNzchQKDGADSIHLJtgaV0AMIqpuUE82izl3vDfnq8
Frame ID: 931EF0DC49F5C55C9CC801B184D56129
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG7jddOmmvGBherJzZr3fK89jZmVDS7xOUsH4PzcB26rFc4UyTQ_bZ_O0xddUnPF1VVemnEOfpuPbBqOn2m1D3bDQ08Q&cry=1&dbm_d=AKAmf-B1y59PqiJXwqrySOqU9Scjocfhq9F1A5-kJi45vZHRTUIhQZiAR53LWUeAqNpoQxl6b4-8rWSgDrrrLbZ9PNv3_6WHgPxyP-Z5dSVTYGDfsWwRDxJxJ9NnfM7PWiaPxxNG37r9XLXb2dB7VIsKmjPSSwaNeIuR-Oy9Cp1DQEu0cpjadDkxKo3H8pL7bFFI-0wwhzQJ3GG-n08Nv9zRZvQJGxC4D3mTAsUk1Bp-zlCyYWN0u3cLNrZrEPb6PkODGRCCAEK-oujKkFESD9on2_ICOrAUHetFOje7xEZdtEAj95n0g0u5u8yMs7E9VE1ZTiIXqfoixaYEUS0HCpdDXjgWCqldxI1qJKkAZwT8cvNpXaNPMJDIBILM4NwK18ZiLNkD8iGXlVD1trsVawQAGxFSWnvCwOMR63QBKHIyI8G2IWIOw96_6ah9dvKKJ6eqbIbqjarBjnKvPvHM7X6BkMlpWQvLhHGJIQ237PAdYpHRpHizNhfucJztd7zeSm5X16q3TUzH1TWGKZM49fHuQ8lbHuhe0I2vVRxm94k5GkhNHoIR0heNAiXiA8ImPHI2qTQfLyDzgkXmrUtfLdyCu1SKF8yiSswelwCzMLpPeNWWQAuKMUM7dJdiXjPZs88XyMMe6CuB6iiFT4WMY9lBjbCnnSxG-JTEtprk7q21MAT2H0_dVQ5JBBUx_hAu9vbcjJq6Jk75VfcswvJVGP0DYgi7oD3VJqwGLIqZjEeeYUx4o6eMSIPipCUhDNse3XWIijSMwNBIsW3RjRQI5iu7_jv1C3D66OxHcB5Fy0P3cuxKtHGhkeMEWqwlCRcIiPwVgPtixaD5HupxZoCw5WpeSTLz9JvPPl8b8XBM30jWj_VQH15cAGFEB-DACy0CLVe1R3nWEOWYUvTfMuHxe21Ly1_XRZEfxJlrgSry94_5GVEye9wDvRkuQrWzzeA5iRn3En2uaivWk0UP5Ici1ZQ0bh0GwH_6GYTdnblgYGe4Wta1HVdnVPrDflJmfdGMhn9yW-7caNEQYPaZLAzFGiv2kJjU7o84rV1u1SXI9GMYPByJKK6-NUoPybLWJE6kuvOgpnO0-FFNFC6y9ZIT83H6pUVaBLjwUhul1uu5yOFI3T88l0nTzbMY9CD8jixuV_nDlGfHhZDWDUHINm4SW79lzjF6zwGfo0r9Qigjc0x_LUyCo8td7XebJCFkJkleDMFikPFm2wTtfbbO5mbTo-VYPx1kzRgztrPFRHRt3mKuzxfFaEGrpHQ414C48LiBqn-SYMVQYgMzRU0EmvJeJ_1_gNpxbmAuIbCcG0ZD7Q-kg8YBNdSnyv8AMqML4f3jsa-iFFWLBnmL4BebuhueChbiIVf6YfRdqVrtIbWzHq0F_txZoRAKkT_CR4DbYuxR0MCUGHEJUN_a6-c-UUBVDc34Zl-JZ_lreO5ZFiOhL9Iv4jd2pj8Fm9YhnAkkn6-FVkFhYxEq4Ob0K0sqXiFAM4u0-XsZTD8UXVKh588NEEIvJfMlsw8CTCEFxmuxG5cgEGtND3Y6MDdsSKzamtm14ICxrcg4wY09mSONNMI498ptgVT6CuVyeMzkkFYAvH1aEEGbcYvjmlUHGwbgmrSPkSCPZ5yfIP0vzGRzeaHcP1CanL4pOFsdnyUTGnNkzj_r81xALLoRLqDPO4EjTXXC5VwlYoUA-bAUYSWi65o6oBpZSmpJjLmLrwG3P7H47W1f0fUoKe7CMW5irRZQh92eyJzPlMQAx-2PLAHZWKuCGkLfKy6wtKXNeQGgpDt8ljIFdhV7jCqqpmJU8xtL9mAsOfn1h0m2hDywhk13S9qmYELqgRmOB_fPZUhW6C4yxZXkeDmD2kb75-6PINKEdN8cq5v1w2ePnJmjHMhoC07tLO1ivxH6SH0SVM16rCEzpx5RVnhXfjgRuHLKIwEu2yCbS5KgoApWuA4pkhGSGlc9R0PSXQ2Ji6dDMxHZJDLHGVtdpAeUg115uEo5rHluiIMd_-WEQf9eeH7s9wsxtPd3Kg1jnpwI12TKNcXpDyhjpZBdjyYWQCenSNtBEtIsakmy2_C-_yIaOPUMGHtfFp9gon249GUpHJyfVcLDzrMyTm_v68X2HhmGygYJdPzEnU1iks_mmqA_ZTUaiME2Aipko5wpibZmIHXvKRCCpx1vNyCEAhiY8jwt2LT7LOylMXjcQ9K6wsla8pd1_tKvUOh-KJnm4PT-MlhlOGkUwYQtp2HUOXCirhRzGTAML0GWU-eivfbVub8bxxtvgL32fRtT8SIFs3hH1m7yeQKvTmbPZNO96iSDXnXLKYGX57hnSDV3hnVdYrki1Bn_8p-NsbAgWMN8ZveCO0fDbWo29ESaXQeDSyROai5S1Qi1k6HNoo0HQCytM7y3xJUUvhNJNZkuNZZpnF2XGmAfjVwH7VM_NSdw4BIj5DT-xVigigK0eseZIBDFlG5mb84F_hdEDyHO6JLDrJbdLxDnJEYsyFHxPhm8FUS4JbH4dfDHSWCre8E9t5OMNNCLv7IgV5NdrAgEYxig6yoANsJTy7-niSvrD3pJGLiFsr5BgdBzb6OUysGAQfNYUvoLnmBO1m5tYBzbPL5VspMNbgmbnl_tR36X6uHalb9DcmgZYrwOY_hZrcvx19zXHej2vRB5kpumcK0-62b3lObjGWWK9CILxHH3OqaebZRLQ-8-FOCrBFloFei3Pyia5nuixxhItUGsNOT3VjfGgmmwYT7D-knEl3Zuhn9zg74nh1EdYj48djP9eblsvs_F-sHsV02BK_AR8slMJ6C5qY-Q81Lu2Ov2c_FFFfirZquZhRq5cg9wcmYdh-zQQqpj0VigjYQUgq-sPcjovPibxhtZTKGf4QLj8MXA7gwQiRrppWKK5AkA0m9kuutcLXGFIohAu7vx1-MsrHuZleB_zAd7WotYskYHMvQH4IcG6WktZ6NEecXklgBt31i0sE-T6oCKEDY9YEwh2k_O3BVdZjHpUQIH_CIlkLxF_lFotJbTlyG1YTvI79SQoqDVeFQdQAysaRnrQIkApNmTjhPQ7SUh3PVPSTVaCbWlBCPbQo9XNkiQFb4YOdhnmHAOtT0kLcwANZGWIVVPUxgZsPnHawevYxs6vzZHPfFYw2cWW57ZsnT0aqn4FKmc3ODjiNW1bYfUKUxuWsZydVrMRlJ-5sFhbZTXKre1Rc9M2xQ04XVY6w0CDKaZSjwMTwX4WM8G0M5HpHi_2QCzS19DxI-PjONobih3g4fF1apf2RXbBgj36dThc5jMUofVcGiHgzuAEgMQ-nF7LmadaJ_lVT2wfGYskSvsuJ06NUUYRjHY8SHe1dsuLQLwryJXHuYDf_Enb-1n4ojGUlfqkbIatV_CDzz_0jRSQy-OkGjIQ2FRFonDwqSxnAfb70WMMDBEm5KnjQZcXDjesDM87NsyH7MacIKWJM4vfXUpBahbxeEF2eJPA44yVAMrWnCIW5IwxCfT1zdPghiGvg&cid=CAASJeRoM-DXfF7yN7dN2Pj61obuMBjKUi06FzlUOg8tChDnwqs4ms0&rfl=3%2Chttps%253A%252F%252Futro.ru%242%2Chttps%253A%252F%252Futro.ru%252F%240
Frame ID: 02E121E541098B49C17D9A383061C829
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
Frame ID: CA574A96CD6677DA879EF31BE19C51BA
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 75EA191FD985F433BB622371F6767E70
Requests: 3 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAJxIYKd7mGAACBotO-d5u-zCf0zGdj9Q&u=%7ClaXLEDWAoCmirct%2Be9PFY%2FGQki9tF9D2p1vJqwAssz4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbimbwZ6CV9S0AkeKyEFgVOKsJd6ilxGpPRbnRrUXaynsF1RrMfpTQl5RkhFSGrZSEUJuslQfUL_02OZFjs-F487P01gCNxDcS04l_jQndnP9VOG27sIdV-K0SK2fBa9GMdGYtd8sVzlnII7lHsGL3SL-JaumCoJgEPjFH858HhK7UJqH-_jCc3mgEy6Zis-IOvX0KoZbfIJ7PAVqSa2sFeJxY1VKh0OF6o1U89fU1IduUWEzwIswVQTenyOFebcaOXFsLSSckGTswEuaj1IC5t-K8iX2fVj9efYHf1IixMeJr_9g1tKmP0-SwGqUG7ps74lULRqDl7359VuHI3EYfbk0Atou8I4ejg20NK7dSxPahhSy4ZMFJycAtk6G-0qdqRPPHHG-FZ8wTr4pxevH50GRLyGUXBXYI1OQ0nQcZdZQeduOqncgakHAhnQt16l5eOe92OlbxPyogsZ8ab_470NmOsSEbFlxVydOlUH5pJkv5i3X_GZiM6dfJ7sKMIPROxBsyiceRCYv9YOoR6h081uFiXwsq9UCw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVXpCGAE3Y4aJJ4bz3gOig4LQCcme0rFc1fbi1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEuQJP0D4rRTNOzgDCrad3uAG5nzfgPF80OjP_CZZflf5ElP7mSsXHJlR-xiHTgSmqt4DxApP_HUcsDJsUKjCtSeS-Qleuq5NZnlnoZnlcg3Cyqjv18Qik6O18E1XN_KKXvHsTEsi0ZhLlfywD3b5U_ijftNxTwnICzoFVpX39ND5YvU6tG_9f6TIHY6bCbdEwmvGLbW_GJtRnVSOyhQ4fpJbQb__63E4hpofrZGYUJfBhelGrmTk1pwHcQhyV5qnazkB-8ttt9KfFegg4pjTiDw8_Y9CMS4xaFsPaheSEwUYA6qRoIRe3-sMA6qdds41BQmEMRiJZ5vTtsOQ-a_WxSF4C9f_LjzK8vacxQnBfCN0yJZnaJ5faAeKGKkbW8kIky4hfJpkusEC9xh3fySYSv6R4FKS1zv6pomDJ4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATNNDvYJy8zPnBJrDCs1BFm9MBw%26client%3Dca-pub-2861464200338808%26adurl%3D
Frame ID: E91DE25F0CA530651BDBBFE0503D999E
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8553E5DCB9E263FBEBCC438DA7193B55
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 330294FDC9DE545FF8F2759B14B879AD
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html
Frame ID: 74A7B526AFEA733D00C2005AF2A9A345
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7FDB270B0007A4E3D016081C6B6B1D0A
Requests: 3 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: DE5415F85C370F3E89DC6B6328C1199D
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
Frame ID: 0B8866C6662D3DA2A22D913CC8555DDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости России и мира – Утро.ру – последние новости на сегодня

Page URL History Show full URLs

http://utro.ru/ HTTP 301
https://utro.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

515
Requests

94 %
HTTPS

40 %
IPv6

62
Domains

97
Subdomains

73
IPs

10
Countries

4748 kB
Transfer

12519 kB
Size

99
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://20idei.ru/?utm_source=utro.ru&utm_medium=btnd

Search URL Search Domain Scan URL

URL: http://smi2.ru/
Title: Новости smi2.ru

Search URL Search Domain Scan URL

URL: https://vk.com/na_utro_ru
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://ok.ru/utroru
Title: Одноклассниках

Search URL Search Domain Scan URL

URL: https://twitter.com/YTPO__Ru
Title: Twitter

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/ytro.ru
Title: Дзен

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=85047

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://utro.ru/ HTTP 301
https://utro.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.giraff.io/data/widget-utroru.js HTTP 301
https://code.giraff.io/data/widget-utroru.js

Request Chain 54

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 60

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.17734672963187537 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.17734672963187537

Request Chain 102

https://gum.criteo.com/sid/json?origin=publishertag&domain=utro.ru&sn=ChromeSyncframe&so=0&topUrl=utro.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=b4Phr3x6V1RTMy9tUzFwZEk0S3JWZWFVWDlFRkdkbXRsTWVFS0lxYi9WWWJZMkt3cXBKRVVHUm5HcDNyVmliU3hEYi9xanNHY0VGajVlNFBPVG5YYkRIdU54Z3pxWEVNaXZVeXBoMW5mODdYV0pBeUdodnpRYlNTTndQY28yNmswUElKWGwxUENjRytFbEdaWlIrMVBwWEd5UEdlYTdpSWFnTWdEYUlIaTRwYkxIelZJSkEzMm01OTZrdC9rU1dlQ0NVWjBEaTR3WkZyZXoyWVlab1BzNmtaZmhnYmhHU2pVOVhwYzM2UDZFc0VnMnlEVUNsL1djcXNWa3owamdBS1Z3WGxuc3BzV01rcFBXWEtrUGRHdDZVU0dtZz09fA&cppv=2

Request Chain 106

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9777.Cnwka8dwRpYqh9FyEFFWPvXlHOb5neSW4wl2dELh8FKqsBrL84oeqa8URFXdA6us.6yHr_KZ06jK9IxpLwYpTdWU4Pkw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9777.-uEt26kjile9HaJSe5TuTODT1hR4XfKstbduJ7naBnrjWlk0xRHbcvFTNvHuwmxZ-yhrb420rZWFzsqPK3Ev2C-bK5wY3LQiYhoHwBR8k1I%2C.nQglhrLoMibe4OU-sD11UoyKYIY%2C

Request Chain 131

https://cm.p.altergeo.ru/relap?aid=QYEw4t16&nc=BrGKjYuc&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMAA4_cv_6SqySyG9_tYHANQ==

Request Chain 133

https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/QYEw4t16 HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/QYEw4t16/?redirect=1 HTTP 302
https://relap.mail.ru/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag== HTTP 302
https://relap.io/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag%3D%3D

Request Chain 140

https://mc.yandex.com/watch/42382979?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A684173840740%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144543%3Aet%3A1664549144%3Ac%3A1%3Arn%3A823333375%3Arqn%3A1%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C62%2C68%2C196%2C0%2C%2C606%2C22%2C%2C%2C%2C1061%3Acpf%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549144%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/42382979/1?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A684173840740%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144543%3Aet%3A1664549144%3Ac%3A1%3Arn%3A823333375%3Arqn%3A1%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C62%2C68%2C196%2C0%2C%2C606%2C22%2C%2C%2C%2C1061%3Acpf%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549144%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 165

https://ads.betweendigital.com/match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D HTTP 302
https://code.directadvert.ru/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f HTTP 302
https://code.giraff.io/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcDjO9NFlSv2UF5kKZdkhY&google_cver=1

Request Chain 237

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzcBGM6U0yihWtXkIrlWbAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1P2Qo1NVyFzPvWZn-Rvmg&google_cver=1

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOiG_3GLRImnDMBQtgYcr_g&google_cver=1

Request Chain 239

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

Request Chain 332

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1

Request Chain 333

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzcBGM6U0yihWtXkIrlWbAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1

Request Chain 334

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHANEiU4Gw2KHKCJeKll4so&google_cver=1

Request Chain 335

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

Request Chain 397

https://um.simpli.fi/gp_match?google_gid=CAESEBarSrrzOFmzWwgfpGY86gI&google_cver=1&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR9FbHvKBipVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE40E468A434473CAECAF18744D3EB90&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR9FbHvKBipVg

Request Chain 399

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG_ruDKeOO-9Ih_WFM305LM&google_cver=1&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CDswmkU1j44PFIQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTE4NDE0MDM4ODUzMDMxNQ%3D%3D&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CDswmkU1j44PFIQ

Request Chain 400

https://ads.travelaudience.com/google_pixel?google_gid=CAESECi4ctk1VQEYWQZ1BD3kUV0&google_cver=1&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZPUUjRysJBhs HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hf2_e8suRe22V2DcvlwKDQ2&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZPUUjRysJBhs

Request Chain 401

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJddDWJS99w7-vIhNAThODU&google_cver=1&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKBXMvNmKUbB9UMJ5ALYcG21wY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhPTEwxMTktMU4tMzdDUA==&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKBXMvNmKUbB9UMJ5ALYcG21wY4

Request Chain 402

https://match.360yield.com/match/ebda?google_gid=CAESEIeQWtuJfpFMTDPH6518-L8&google_cver=1&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZbOIz4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIeQWtuJfpFMTDPH6518-L8&google_cver=1&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZbOIz4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=2ejKIuIhRAWPLZBktfXj4w&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZbOIz4

Request Chain 437

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJPMDo0gSSfb806NdbtW10U&google_cver=1&google_push=AZmPxg8Bg5DLUioUt5KzUPqJjDgDJoL69rQdFWWsV9qhshWuE4LJqjJrR5w6U6b78rBiQW0xFzfyIw7DZLyN9tz4onnUraHbiwm9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMzMDAyOTA1NDkwMjE1Mzg0Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC5Ew2_FRgQclwsGfzdTGkM&google_cver=1

Request Chain 438

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK7htVsc6ZG5GqdSU_3ESc4&google_cver=1&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682AaqTvMFiAccKYXq2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682AaqTvMFiAccKYXq2g

Request Chain 440

https://d5p.de17a.com/cookies/google?google_gid=CAESEOYX_jRExVpr0BFVZ9AL9Ow&google_cver=1&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOYX_jRExVpr0BFVZ9AL9Ow&google_cver=1&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja

Request Chain 442

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJgBBIBEI3fgl90eJJLc-JA&google_cver=1&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2aVd0b7IO4NNhMrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2aVd0b7IO4NNhMrg

Request Chain 443

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKhyfKuJJZVgKpfyxlTFNQE&google_cver=1&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS6XWrxrXKaC2ASkkiIzlC4pwaq7VUQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKhyfKuJJZVgKpfyxlTFNQE&google_cver=1&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS6XWrxrXKaC2ASkkiIzlC4pwaq7VUQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kRDZoZjF4RTJ1RnNZbUZ4VUpoeVFVNjlYOU9XdDRFSX5B&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS6XWrxrXKaC2ASkkiIzlC4pwaq7VUQ

Request Chain 502

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HAE3Y-TvGLj0xgKh4oMw&random=114555398&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=3543072035 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=3543072035&ipr=y

Request Chain 503

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HAE3Y-LxGIKX1wa_vYD4CQ&random=2023979350&sscte=1&crd=CJqqsQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=3426077701 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=3426077701&ipr=y

515 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utro.ru/
Redirect Chain

http://utro.ru/
https://utro.ru/

93 KB
17 KB

191ms
62ms

Document
text/html

95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d44b594adcd71f3f00af4cc3f68541288520539383cfe25423b57d08c511f275

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 30 Sep 2022 14:41:20 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 194
Content-Type: text/html
Date: Fri, 30 Sep 2022 14:44:59 GMT
Location: https://utro.ru/
Server: nginx/1.10.3 (Ubuntu)

GET
H2 200 jquery.min.js Show response
utro.ru/static/js/ 90 KB
32 KB 128ms
125ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/jquery.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-169d6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 jquery.cookie.js Show response
utro.ru/static/js/ 4 KB
2 KB 132ms
130ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/jquery.cookie.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-1097"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 font.css
utro.ru/static/css/font/ 30 KB
23 KB 65ms
63ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/font/font.css
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 508d6278c96f3db92e59e738df47c13bbf9dec8c7291397c21df350fe02846f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-77fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 fontello.css
utro.ru/static/css/font/ 2 KB
1 KB 66ms
64ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/font/fontello.css?v2
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9884796361f3f2c3bcf41bf72263bb081266876937d249a7b4164e1ef87665c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Fri, 21 Aug 2020 05:23:01 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5f3f5a35-953"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 normalize.css
utro.ru/static/css/ 8 KB
3 KB 67ms
65ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/normalize.css
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-1e1c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 newmain.css
utro.ru/static/css/ 94 KB
24 KB 126ms
124ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/newmain.css?v13
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 712032c539b05bdf589a064f3e851e67aebd52bbaf2680245fc687caa2946812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 15:48:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"630f82b5-176b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 fix.css
utro.ru/static/css/ 2 KB
790 B 132ms
130ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/fix.css
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aa2fd0f7b2e3e7cf40af23d2e2426274cee9facac073b5c6058f560da3260784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-74a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 drop-navi.css
utro.ru/static/css/ 1 KB
712 B 132ms
130ms Stylesheet
text/css 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/css/drop-navi.css?v2
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f9730e9e1e0e3499b8cfec56e8c3df1aa855e0a3969b1d9aed006841adea178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 10:25:58 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5ee89e36-545"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 modernizr-2.8.3.min.js Show response
utro.ru/static/js/vendor/ 15 KB
6 KB 132ms
131ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/vendor/modernizr-2.8.3.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-3c9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 45ms
16ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FB1GYCCPFP

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

272c8c229749a60d3f58078c46857df83f77f1b258495d699a7deb52cd7e8455

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75064
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H/1.1 200
OK widget.js Show response
likemore-go.imgsmail.ru/ 33 KB
11 KB 171ms
53ms Script
application/javascript 217.69.139.14
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://likemore-go.imgsmail.ru/widget.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.69.139.14 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: likemore-go.imgsmail.ru
Software: nginx /
Resource Hash: d59371e3f0a6e74cfb0198ad2da8f09b154eecd86d134870e534f5266bc8e51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Nov 2021 11:00:04 GMT
Server: nginx
ETag: "61a60434-2be2"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 11234
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 60ms
19ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-1e2be"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 Oct 2022 14:45:43 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 116 KB
32 KB 179ms
61ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4d15f8288f97ca5ab9615106e2fb9655e268e2bb1584fd0db4ae5468f6e1fc24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143308568-14402443797458531037-sas3-0775-509-sas-l7-balancer-8080-BAL-4261
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 30 Sep 2022 15:45:43 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ 38 KB
13 KB 210ms
48ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

3a9d0a0301ac6e05a965a4704a05b83e9de4944d009730f2381961ff118335d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-33d0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 13264
expires: Fri, 30 Sep 2022 14:46:43 GMT

GET
H2 200 push.js Show response
utro.ru/static/js/ 3 KB
1 KB 70ms
60ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/push.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b434efe81061c42188488b1b06ec0a2c44e47037649aa53602c76025fdfa56c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:14:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6203da70-d35"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 adfox.custom.min.js Show response
utro.ru/static/js/ 12 KB
4 KB 70ms
60ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/adfox.custom.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5d81781ab85b52a308ead17cd12c06f6b7967c012cf81a7f6d8ad4f997e4321e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-303b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 ScrollMagic.min.js Show response
utro.ru/static/js/ 17 KB
6 KB 71ms
61ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/ScrollMagic.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-438e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 logo.png
utro.ru/static/img/ 3 KB
3 KB 71ms
61ms Image
image/png 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/img/logo.png
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7663d50ec16cabda9c9694d8cafcf9fdc9d61fc2d17fc516fbb2cbd6ead556a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5c99eaa2-a24"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2596
expires: Sat, 01 Oct 2022 14:44:59 GMT

GET
H2 200 1_logo.png
utro.ru/static/img/ 19 KB
19 KB 72ms
62ms Image
image/png 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/img/1_logo.png
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1a4d3b7a46538b2b7c0cf06add2173a15f2133a118b9ac2674cdb9f82957c2ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
last-modified: Wed, 31 Aug 2022 15:48:05 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "630f82b5-4c09"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 19465
expires: Sat, 01 Oct 2022 14:44:59 GMT

GET
H2 200 1517649.jpg
pics.utro.ru/utro_photos/2022/09/30/ 26 KB
26 KB 190ms
46ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517649.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: cf8cba3407cfd61e32909519485540d77f17f23274852c9acb404f3f9f564e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 14:02:19 GMT
server: nginx
etag: "6336f6eb-681a"
x-cached-since: 2022-09-30T14:05:23+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 26650
expires: Sat, 01 Oct 2022 14:05:23 GMT

GET
H2 200 1517627norm.jpg
pics.utro.ru/utro_photos/2022/09/30/ 5 KB
5 KB 197ms
53ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517627norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 97885cbc3d80d69e9bc1ba84164e159e8d04e1295e9120169dfc0dd10a9abb4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 09:08:48 GMT
server: nginx
etag: "6336b220-1321"
x-cached-since: 2022-09-30T11:51:22+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4897
expires: Sat, 01 Oct 2022 11:51:22 GMT

GET
H2 200 1517631norm.jpg
pics.utro.ru/utro_photos/2022/09/30/ 6 KB
6 KB 196ms
52ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517631norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 48d69244ec95ec482df0f4b9ef44ee9a983e1d19c49b660d3b19966cf0b0615f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 10:05:53 GMT
server: nginx
etag: "6336bf81-170f"
x-cached-since: 2022-09-30T10:31:51+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 5903
expires: Sat, 01 Oct 2022 10:31:51 GMT

GET
H2 200 1517625norm.jpg
pics.utro.ru/utro_photos/2022/09/30/ 5 KB
5 KB 193ms
49ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517625norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 1d3cbf52ac7ca71ab8e167e79e101914061dee9ac497d540e7c7e192dff1a3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 08:24:13 GMT
server: nginx
etag: "6336a7ad-13d9"
x-cached-since: 2022-09-30T08:44:43+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 5081
expires: Sat, 01 Oct 2022 08:44:43 GMT

GET
H2 200 1517619norm.jpg
pics.utro.ru/utro_photos/2022/09/30/ 7 KB
7 KB 195ms
51ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517619norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 39586c33e0bfa9e64d4f23e85774bd379650f516c53fde520694d3f76a283124

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 06:22:45 GMT
server: nginx
etag: "63368b35-1c16"
x-cached-since: 2022-09-30T06:40:34+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 7190
expires: Sat, 01 Oct 2022 06:40:34 GMT

GET
H2 200 1517576norm.jpg
pics.utro.ru/utro_photos/2022/09/29/ 4 KB
4 KB 199ms
56ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/29/1517576norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 11b41a5191e2d4752ae807a610fc04b6413616224f09f44406b7ddfe0ca09282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 29 Sep 2022 12:39:14 GMT
server: nginx
etag: "633591f2-1102"
x-cached-since: 2022-09-29T18:26:56+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4354
expires: Fri, 30 Sep 2022 18:26:56 GMT

GET
H2 200 1517552norm.jpg
pics.utro.ru/utro_photos/2022/09/29/ 5 KB
5 KB 73ms
71ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/29/1517552norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 99c6fbf64438f41cb5eb3bee9c1ade01622af8815adca9e3d7eac3727998432c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 29 Sep 2022 05:27:20 GMT
server: nginx
etag: "63352cb8-13ed"
x-cached-since: 2022-09-30T05:53:11+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 5101
expires: Fri, 30 Sep 2022 05:48:41 GMT

GET
H2 200 1517357norm.jpg
pics.utro.ru/utro_photos/2022/09/23/ 3 KB
3 KB 50ms
48ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/23/1517357norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: a0fb157aba4b8f06aa680e50d3fe02951b3cff186a96bd99c76b02072ff10f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 23 Sep 2022 18:55:26 GMT
server: nginx
etag: "632e011e-d23"
x-cached-since: 2022-09-30T07:34:46+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3363
expires: Sun, 25 Sep 2022 07:20:20 GMT

GET
H2 200 1509654big.jpg
pics.utro.ru/utro_photos/2022/04/07/ 22 KB
22 KB 117ms
116ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/04/07/1509654big.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 06c907d04bd419016aef9d4a3a1b5b80f7c15a6a23aedc5035055eca6cc839c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 07 Apr 2022 08:04:57 GMT
server: nginx
etag: "624e9b29-5745"
x-cached-since: 2022-09-30T08:54:16+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 22341
expires: Fri, 08 Apr 2022 16:53:44 GMT

GET
H2 200 1517614norm.jpg
pics.utro.ru/utro_photos/2022/09/30/ 5 KB
5 KB 118ms
116ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517614norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 68f808985f9c9e52072d7175c0a6745c508ac752b610f24812c215732d2b9ff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 05:06:15 GMT
server: nginx
etag: "63367947-145f"
x-cached-since: 2022-09-30T11:11:14+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 5215
expires: Sat, 01 Oct 2022 11:11:14 GMT

GET
H2 200 1517553norm.jpg
pics.utro.ru/utro_photos/2022/09/29/ 4 KB
4 KB 117ms
116ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/29/1517553norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 2cd18a996bbe88977783eaf37d40c9b531344b2dd21a304f84dffd60ca227114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 29 Sep 2022 05:59:45 GMT
server: nginx
etag: "63353451-103e"
x-cached-since: 2022-09-30T12:52:30+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 4158
expires: Fri, 30 Sep 2022 12:48:58 GMT

GET
H2 200 1517570norm.jpg
pics.utro.ru/utro_photos/2022/09/29/ 6 KB
6 KB 117ms
115ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/29/1517570norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 8acd0b07d9be489aa245f546749d9bb7a0372e44cdb62f18bd0aca41e713058d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 29 Sep 2022 10:49:50 GMT
server: nginx
etag: "6335784e-16ac"
x-cached-since: 2022-09-29T15:14:38+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 5804
expires: Fri, 30 Sep 2022 15:14:38 GMT

GET
H2 200 1517575norm.jpg
pics.utro.ru/utro_photos/2022/09/29/ 4 KB
4 KB 112ms
111ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/29/1517575norm.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 3d33f2a9e0c589b5aa9d9c2691dfa2c5f224008b5ad45722514fa4307195f04d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Thu, 29 Sep 2022 12:09:47 GMT
server: nginx
etag: "63358b0b-eb4"
x-cached-since: 2022-09-30T12:23:15+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 3764
expires: Fri, 30 Sep 2022 12:22:11 GMT

GET
H2 200 1517640big.jpg
pics.utro.ru/utro_photos/2022/09/30/ 44 KB
44 KB 86ms
84ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517640big.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: bfc1ac4af72e74cf770d41007e61f892e25cb5efdc67b349f5253087ce61520a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 11:32:46 GMT
server: nginx
etag: "6336d3de-af64"
x-cached-since: 2022-09-30T14:12:02+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 44900
expires: Sat, 01 Oct 2022 14:12:02 GMT

GET
H2 200 1517621big.jpg
pics.utro.ru/utro_photos/2022/09/30/ 29 KB
29 KB 116ms
115ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517621big.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: e298122711026c8ff05294ac8879e5ece5f6a23a112a451cdbe6f891485b53f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 07:09:51 GMT
server: nginx
etag: "6336963f-72f9"
x-cached-since: 2022-09-30T09:30:09+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 29433
expires: Sat, 01 Oct 2022 09:30:09 GMT

GET
H2 200 1517633big.jpg
pics.utro.ru/utro_photos/2022/09/30/ 14 KB
14 KB 116ms
115ms Image
image/jpeg 92.223.99.99
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pics.utro.ru/utro_photos/2022/09/30/1517633big.jpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.99.99 , Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: ru.a.gcdn.co
Software: nginx /
Resource Hash: 73a0637ecd46853ea81690f9c4dde8e4744fe6caa3d50e4f43cbf95b9b148f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-id: m9p-up-gc16
date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Fri, 30 Sep 2022 10:44:46 GMT
server: nginx
etag: "6336c89e-392a"
x-cached-since: 2022-09-30T11:33:17+00:00
content-type: image/jpeg
cache-control: max-age=86400, public
cache: HIT
accept-ranges: bytes
content-length: 14634
expires: Sat, 01 Oct 2022 11:33:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
54 KB 75ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25fc06689ea59b051bc19a50b5a1eb5cef9793b301f5a55ec76b892d232c3452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54344
x-xss-protection: 0
server: cafe
etag: 13973511084704475427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 jquery-1.12.0.min.js Show response
utro.ru/static/js/vendor/ 95 KB
33 KB 67ms
66ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/vendor/jquery-1.12.0.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5c99eaa2-17c52"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 plugins.js Show response
utro.ru/static/js/ 167 KB
42 KB 69ms
64ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/plugins.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 165bfa5cef957cafcef9ff654e0f07a81196c10434659beb0c7d2d0915891675

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 15:49:23 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5f034803-29d73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 newmain.js Show response
utro.ru/static/js/ 11 KB
3 KB 71ms
59ms Script
application/javascript 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/js/newmain.js?v3
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7cf3f301af4dd7f8b4df8746214bcd79257a9684152046c796cb79cf8d25b614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
content-encoding: gzip
last-modified: Sun, 20 Dec 2020 15:14:28 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"5fdf6a54-2d58"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
expires: Fri, 30 Sep 2022 15:44:59 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 360 KB
99 KB 84ms
76ms Script
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9f0e47ed50335948cb6124f257dd75caa6b01fa9d2f0a5176c4de5f6392c2e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143363486-3692884354875347003-sas3-0775-509-sas-l7-balancer-8080-BAL-8037
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 30 Sep 2022 15:45:43 GMT

GET
H2

200

widget-utroru.js Show response
code.giraff.io/data/
Redirect Chain

https://www.giraff.io/data/widget-utroru.js
https://code.giraff.io/data/widget-utroru.js

86 KB
28 KB

58ms
20ms

Script
application/javascript

2606:4700:10::6816:4f7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.giraff.io/data/widget-utroru.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Server: 2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab63a95f954b06fab67ea2fafd99e696cb97b69c12270a80b72dca3ac0a66740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Sep 2022 12:45:15 GMT
server: cloudflare
age: 19
etag: W/"631f29db-1594d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
cf-ray: 752dbe754dad5c02-FRA
expires: Fri, 30 Sep 2022 14:46:24 GMT

Redirect headers

location: https://code.giraff.io/data/widget-utroru.js
date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 top100.jcn Show response
counter.rambler.ru/ 98 KB
98 KB 275ms
109ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?85047
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: a023320ddad7be72780c15f370154d4e532dc7459dba529c30c899ad8ea3f5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: application/octet-stream, application/javascript
date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Sep 2022 13:51:04 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 30 Sep 2022 15:51:04 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 206 KB
71 KB 323ms
124ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-11a8a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72330
expires: Fri, 30 Sep 2022 15:45:43 GMT

GET
H/1.1 200
OK stf.js Show response
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/ 15 KB
6 KB 103ms
15ms Script
text/javascript 23.35.236.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com/stf.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-143.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 01 Dec 2020 11:17:59 GMT
ETag: 9938b8ddbd1e9cb76af2bc7b25514c8e
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1606821478.00915
Cache-Control: public, max-age=149375
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx3ef916ade7ce430fbb804-0062c46d0fdfw1
Content-Length: 5238
Expires: Sun, 02 Oct 2022 08:15:18 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 32 KB
14 KB 175ms
53ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6320beaf-7ecc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 30 Sep 2022 15:45:43 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 43ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB1GYCCPFP&gtm=2oe9s0&_p=1062934480&cid=1210275934.1664549143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664549143&sct=1&seg=0&dl=https%3A%2F%2Futro.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB1GYCCPFP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utro.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 288ms
51ms Preflight 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utro.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://utro.ru
content-length: 0
date: Fri, 30 Sep 2022 14:45:43 GMT
timing-allow-origin: *
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 240 B
421 B 158ms
54ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6aaaacf9bc9388d16370fcdabc364fc7b7bfb370d22f3e8f47d76c8e5047b09a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://utro.ru
date: Fri, 30 Sep 2022 14:45:43 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
timing-allow-origin: *
content-length: 240
content-type: application/json

GET
H2 200 fb833dfb52f4ff576b40.js Show response
yastatic.net/partner-code-bundles/659485/ 40 KB
11 KB 113ms
38ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/659485/fb833dfb52f4ff576b40.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d8f20a61f8c55d681ad93cc4066ea562302ee8cbeeb75f1b61ac212b0313b7c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10985
last-modified: Thu, 29 Sep 2022 18:57:32 GMT
server: nginx/1.17.9
etag: "aa382dc7df4521b89cfbfdb7d7bfd303"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:17:35 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
209 B 196ms
21ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=130&profileId=184&cb=76791352111

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Sep 2022 14:45:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://utro.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
912 B 165ms
28ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://utro.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
330 B 202ms
84ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://utro.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
0

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
499 B

29ms
29ms

XHR
text/plain

88.198.31.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Server: 88.198.31.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.198.31.232.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://utro.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx
etag: W/"c34f8ed1da7699ed5b3e9d55d0cd196afdc8aa6dcd1cde4c0d2f8a50f0006deb"
serverid: TODO
access-control-allow-origin: https://utro.ru
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 176 KB
52 KB 253ms
123ms Script
application/javascript 92.223.106.22
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.106.22 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f62.moevideo.net
Software: nginx /
Resource Hash: abb678fe36372859f49939d9699c8be35f1da360cbe98d0e08d2600f050778ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 10:11:42 GMT
Server: nginx
X-My-Name: s153
ETag: W/"63356f5e-2c0aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-My-Reqtime: 0.027

GET
H2 200 logo-1.svg
utro.ru/static/img/ 4 KB
4 KB 62ms
61ms Image
image/svg+xml 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/img/logo-1.svg
Requested by: Host: utro.ru
URL: https://utro.ru/static/css/newmain.css?v13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d8edaf27ebc9b9ebef5d2708d22b30bf2509517b2ffe3fc6bdc51c85e1f2b1f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/static/css/newmain.css?v13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5c99eaa2-e84"
content-type: image/svg+xml
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 3716
expires: Sat, 01 Oct 2022 14:44:59 GMT

GET
DATA 200
OK truncated
/ 957 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0baca6809327a741c1f7b8b3d61e6beaf22ef62308edc8f9d355edefc9778b54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07dfe967094683a20ef877b702ef747c628b5cc9aed74971a1741bd51672e5e7

Request headers

Referer
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 234ms
61ms Script
application/x-javascript 146.185.195.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 12:15:43 GMT
Server: nginx
ETag: W/"5c54386f-af9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Connection: keep-alive
Expires: Mon, 03 Oct 2022 14:45:43 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%2...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430...

43 B
528 B

40ms
40ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.17734672963187537

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:43 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 29 Sep 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:43 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//utro.ru/;i%u0416%u0436%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0420%u043E%u0441%u0441%u0438%u0438%20%u0438%20%u043C%u0438%u0440%u0430%20%u2013%20%u0423%u0442%u0440%u043E.%u0440%u0443%20%u2013%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F;0.17734672963187537
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 29 Sep 2021 21:00:00 GMT

GET
H2 200 shadow-article.png
utro.ru/static/img/ 16 KB
17 KB 62ms
61ms Image
image/png 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/img/shadow-article.png
Requested by: Host: utro.ru
URL: https://utro.ru/static/css/newmain.css?v13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f58ac8310c580f38177c71c590d8dcdcfbdebf980badf4fa533c75845bb1c11b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/static/css/newmain.css?v13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5c99eaa2-41cf"
content-type: image/png
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 16847
expires: Sat, 01 Oct 2022 14:44:59 GMT

GET
DATA 200
OK truncated
/ 615 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9d965c892b782e66a44c9bf9a2d5922f1cdbcceada7e90002e753a86bc15130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 724 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfe4f6fd49b85b9d410cd2e1482f17dbbb8cee4fb8173396555b7244d82a9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 626 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 689dfd5efa19909a15e4917dde1ff6886526839abae8ac081c2a77c055116fd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 zen.svg
utro.ru/static/img/ 859 B
1 KB 66ms
63ms Image
image/svg+xml 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/img/zen.svg
Requested by: Host: utro.ru
URL: https://utro.ru/static/css/font/fontello.css?v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d03057abcffb7f2a02c1c29808334101074c103fa5c49c15069e13add2df4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/static/css/font/fontello.css?v2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:44:59 GMT
last-modified: Fri, 21 Aug 2020 05:23:01 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5f3f5a35-35b"
content-type: image/svg+xml
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 859
expires: Sat, 01 Oct 2022 14:44:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 350F 10 KB
5 KB 43ms
13ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 18:25:46 GMT
etag: 9671129459699598864
expires: Thu, 13 Oct 2022 18:25:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 b75858ec99fadc4b14bf.js Show response
yastatic.net/partner-code-bundles/659462/ 13 KB
5 KB 61ms
60ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/659462/b75858ec99fadc4b14bf.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ec4a0b8473e771b632edf4c515bec167f974fe6461b43ec02e52995f4dc89c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4463
last-modified: Thu, 29 Sep 2022 17:35:58 GMT
server: nginx/1.17.9
etag: "65131f32734a2948df2a8a534b05bac6"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:17:17 GMT

GET
H2 200 182109b17d885ab3048d.js Show response
yastatic.net/partner-code-bundles/659462/ 88 KB
19 KB 76ms
75ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

84267cb03358986b6d450eb1b76fa8abea21b67d212869a8ceb1deb35fbe3399

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18575
last-modified: Thu, 29 Sep 2022 17:35:57 GMT
server: nginx/1.17.9
etag: "30aa9f22ec2b7a78d28e9519b59b24cf"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:18:48 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 91ms
91ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:20:42 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 209 B
606 B 89ms
86ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.576%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=202718911&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A83%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=1600&yaru=true&pp=g&ps=cxhg&p2=gazz&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9f1c9fa1ee74b9fa5faff99944dabe170499b29feed819483a7e4fdffcff8087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143635749-15199397038388425401-sas3-0775-509-sas-l7-balancer-8080-BAL-6880
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 210 B
351 B 123ms
123ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.629%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=1673566831&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A6124%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=1600&yaru=true&pp=g&ps=cxhg&p2=gati&slotNumber=9&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

18155f97f6c738c2a37009c895f85f7691d8f84bdd6e376009505c2393832c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143686736-18213910908695910690-sas3-0775-509-sas-l7-balancer-8080-BAL-9312
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 04ce7d20e1e265b7689e.js Show response
yastatic.net/partner-code-bundles/659462/ 461 KB
93 KB 43ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/659462/04ce7d20e1e265b7689e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e4f6b20923b98ec202a723449876a7df142acad7cc91337477a897a3d68d8ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 94264
last-modified: Thu, 29 Sep 2022 17:35:57 GMT
server: nginx/1.17.9
etag: "d786474a716bc780cf9933753a4aa6ef"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:18:48 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 368 B
555 B 251ms
64ms XHR
application/json 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

937ac91fbf47c81ac15a1810edd83c253e8aec980dbe158d74258f2b023b6a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://utro.ru
content-type: application/json
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
208 B 23ms
22ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://utro.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 23ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Sep 2023 14:45:43 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 20ms
20ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 25 Sep 2023 14:45:43 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 14 KB
8 KB 235ms
235ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.677%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=611810559&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A268%2C%22h%22%3A0%2C%22width%22%3A268%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1178%2C%22top%22%3A3924%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=268&yaru=true&pp=h&ps=cxhg&p2=gatm&slotNumber=6&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyOTAxODAifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI1MzQ3ODUifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0NjYyOSJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiaGNaa09OVkxvdGdqa0JKbkdteUgifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxODA5OTA2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3ODMyIn1d&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

20a4a9f316a0481ab3565f4d53c0e88576678635285c3448182595984615f94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143692629-4041059503594324615-sas3-0775-509-sas-l7-balancer-8080-BAL-2575
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 14 KB
8 KB 261ms
259ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.680%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=2649244144&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A380%2C%22h%22%3A0%2C%22width%22%3A380%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1065%2C%22top%22%3A3537%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=380&yaru=true&pp=h&ps=cxhg&p2=gato&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MTQ5OTgifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM4NzEzODYifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijc3NDkwNiJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiTVBiR05ZbW1HV3BGQjh4dFNvdGoifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxODA5OTA2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3ODMxIn1d&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

045e1917bb843590df1389b1c264246e749f307b1be84cef6e5213545cafa2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143696506-13626692283936216217-sas3-0775-509-sas-l7-balancer-8080-BAL-6781
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 14 KB
8 KB 345ms
344ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.683%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=3969280170&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1350%2C%22h%22%3A0%2C%22width%22%3A1350%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A125%2C%22top%22%3A5688%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=1350&yaru=true&pp=i&ps=cxhg&p2=gatq&slotNumber=8&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MTQ5OTYifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM4NzEzODQifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijc3NDkwMiJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiV242dDVnQ1ltZk1wZU1HY2hUZ3EifV0%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f919a723162a8ce8c6180d41b1b938e952c65a5f06c7711c567b12f57655b8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143698828-1126589721838093551-sas3-0775-509-sas-l7-balancer-8080-BAL-2079
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 14 KB
8 KB 319ms
319ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.686%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=3138608021&pr=334542566&prr=&pv=14&pw=5&extid_loader=&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A480%2C%22top%22%3A833%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=659462&available-width=240&available-height=400&yaru=true&pp=g&ps=cxhg&p2=gatl&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyOTc5OTMifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0Njk0OSJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiQUZkdjNyakZSaE9BQkE1emZkQUgifV0%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5c28a7d7efdbda85f786679ed2191d4053bfb355077344b70bb76c7b8eebc2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143743094-12626778047411933207-sas3-0775-509-sas-l7-balancer-8080-BAL-3723
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ Frame 3EAF 38 KB
13 KB 50ms
48ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

3a9d0a0301ac6e05a965a4704a05b83e9de4944d009730f2381961ff118335d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-33d0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 13264
expires: Fri, 30 Sep 2022 14:46:43 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
122 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1699986090&utmhn=utro.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&utmhid=1062934480&utmr=-&utmp=%2F&utmht=1664549143717&utmac=UA-22073661-1&utmcc=__utma%3D143070705.1210275934.1664549143.1664549144.1664549144.1%3B%2B__utmz%3D143070705.1664549144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1840319555&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
194 B 9ms
8ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1944295455&utmhn=utro.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&utmhid=1062934480&utmr=-&utmp=%2F&utmht=1664549143720&utmac=UA-8487723-7&utmcc=__utma%3D186704107.1504142906.1664549144.1664549144.1664549144.1%3B%2B__utmz%3D186704107.1664549144.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=qhAgAAAAAAAAAAAAAAABAAgE~

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 07:15:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content p
ingestion.contentinsights.com/ 0
88 B 124ms
29ms Image
text/plain 52.209.182.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/p?a=&b=&c=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&d=https%3A%2F%2Futro.ru%2F&e=&f=1401&g=&h=&i=&j=&k=&l=&m=&u=1664549143723.661190500.6419448&ul=1664549143723.489414596.840269&x=0.11723623147345696&t=0&err=&ver=19
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.182.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-182-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 30 Sep 2022 14:45:43 GMT

GET
H2 200 7a3e713affeb8e63107b.js Show response
yastatic.net/partner-code-bundles/659462/ 40 KB
11 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/659462/7a3e713affeb8e63107b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1125e2a750a1f63ea7f7d224e66e0f28d0be925bd35036f32c91b0c6e3fb5ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10993
last-modified: Thu, 29 Sep 2022 17:35:57 GMT
server: nginx/1.17.9
etag: "e93438a1ba5e64a25634009692dcaa06"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 21:18:45 GMT

GET
H2 200 manifest.json
utro.ru/static/ 377 B
468 B 185ms
61ms Manifest
application/json 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://utro.ru/static/manifest.json
Requested by: Host: utro.ru
URL: https://utro.ru/static/js/push.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bc7b3b96a0dac7fc8afd9d05460c61c9984a93e47c4fc264e39baa9e8ca80b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:00 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 16:29:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6203ec03-179"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=86400, public
expires: Sat, 01 Oct 2022 14:45:00 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 595 B
991 B 62ms
56ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=85047&request_id=1664549143.743-1477007183&event_id=189291437481127&meta=%7B%22browser_size%22%3A%221600x1200%22%2C%22title%22%3A%22%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%22%2C%22screen_size%22%3A%7B%22cr%22%3A1600%2C%22hr%22%3A1200%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Futro.ru%2F&session_id=179925272_1664549143745&session_number=1&session_event_number=1&tid=t1.-1.2088518707.1664549143743&adtech_uid=508818d4-76c5-4eb7-9c44-8ca26c81877f&adtech_uid_scope=utro.ru&fingerprint=pA8AAENKs1euOVk4AelTrQA%3D&fingerprint_ip=undefined&version=3.10.9i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1142994834
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0001.ad.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
991 B 63ms
57ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.10.9i&pid=85047&tid=t1.-1.2088518707.1664549143743&rid=1664549143.743-1477007183&fid=pA8AAENKs1euOVk4AelTrQA%3D&aduid=508818d4-76c5-4eb7-9c44-8ca26c81877f&aduidsc=utro.ru&stid=179925272_1664549143745&sn=1&sen=0&en=UTF-8&ce=1&bs=1600x1200&rf&pt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=0&ct=web&url=https%3A%2F%2Futro.ru%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=1579922948&eid=433391437475664
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0001.ad.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 595

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 53ms
53ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3195882;u=https%3A//utro.ru/;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=5c146e2fde3d91c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.9//4g/0/0/;lvid=1664549143765%3A1664549143778%3A1%3A06feab92b64e0bc251865416e8b24e1a;opts=dl%2Cjst-gtag;visible=true;_=0.47362085077991045

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0EAC 15 KB
6 KB 65ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=utro.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 851225
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 bx_loader.gif
utro.ru/static/css/images/ 8 KB
9 KB 64ms
64ms Image
image/gif 95.213.212.85
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utro.ru/static/css/images/bx_loader.gif
Requested by: Host: utro.ru
URL: https://utro.ru/static/css/newmain.css?v13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.212.85 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: valerie60.produmail.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/static/css/newmain.css?v13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:00 GMT
last-modified: Tue, 26 Mar 2019 09:02:26 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5c99eaa2-2185"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 8581
expires: Fri, 30 Sep 2022 15:45:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d3094584b53b793f7423681a7fec10e7b1bd61ae300f194796d5898b4ac4c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 54ms
53ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2731601;u=https%3A//utro.ru/;st=1664549143781;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=5c146e2fde3d91c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.9//4g/0/0/;lvid=1664549143765%3A1664549143802%3A2%3A06feab92b64e0bc251865416e8b24e1a;opts=sec%2Cdl%2Cjst-gtag;visible=true;_=0.5925470702176336

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 308ms
128ms Script
application/x-javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 67ms
66ms Image
image/png 146.185.195.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=9759&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Futro.ru%2F&rnd=236034442232
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel24.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Target-Version: 2
Date: Fri, 30 Sep 2022 14:45:43 GMT
X-Target-Final: 20220930174543-0
Server: nginx
X-Target-Host: target2-1.ssel24
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00046
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Fri, 30 Sep 2022 14:45:42 GMT

GET
H2 200 app_index.cfa79fadb4e1b91a370f.js Show response
relap.io/v7/ Frame 3EAF 73 KB
23 KB 49ms
48ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app_index.cfa79fadb4e1b91a370f.js
Requested by: Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 23978cfea44102f0b0169ca0012b5e3f94bb6cc1f373607f27906b4865a43a4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-5a47"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 23111
expires: Sun, 30 Oct 2022 14:45:43 GMT

GET
H2 200 init Show response
relap.io/api/v7/ Frame 3EAF 98 B
1 KB 66ms
65ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Futro.ru%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

8f76b934568d510d4abdfcd81dddeb822ecd4249218af1b2885850e61cdfbb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-length: 98
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://utro.ru
access-control-expose-headers: X-Relap-Cookie
x-relap-cookie: rlprp=p2XfIg:CPFb8g
x-server: back24
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

GET
H2 200 ext_cfgs Show response
relap.io/api/v7/ Frame 3EAF 480 B
1 KB 79ms
79ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Futro.ru%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b5df375fbe267d104e57cc2bc652259afbf5b9abf4ee2747f83f0b05dfbd5ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://utro.ru
access-control-max-age: 1728000
x-server: back22
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length: 480
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

OPTIONS
H2 200 init
relap.io/api/v7/ Frame 0
0 213ms
54ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Futro.ru%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://utro.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://utro.ru
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back04
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

OPTIONS
H2 200 ext_cfgs
relap.io/api/v7/ Frame 0
0 213ms
55ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=oNigYORgE2yRYJGU&url=https%3A%2F%2Futro.ru%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://utro.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://utro.ru
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 30 Sep 2022 14:45:43 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: web06
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 44 B
218 B 66ms
66ms Script
application/javascript 92.223.106.22
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1664549143835_1073
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.106.22 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f62.moevideo.net
Software: nginx /
Resource Hash: 53e556420cd73a5d8582331da712466c21c5fe9b46931736691f7560730a83a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 44
X-My-Reqtime: 0.023
Content-Type: application/javascript

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0EAC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=utro.ru&sn=ChromeSyncframe&so=0&topUrl=utro.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=b4Phr3x6V1RTMy9tUzFwZEk0S3JWZWFVWDlFRkdkbXRsTWVFS0lxYi9WWWJZMkt3cXBKRVVHUm5HcDNyVmliU3hEYi9xanNHY0VGajVlNFBPVG5YYkRIdU54Z3pxWEVNaXZVeXBoMW5mODdYV0pBeUdodnpRYlNTTndQY2...

452 B
666 B

86ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=b4Phr3x6V1RTMy9tUzFwZEk0S3JWZWFVWDlFRkdkbXRsTWVFS0lxYi9WWWJZMkt3cXBKRVVHUm5HcDNyVmliU3hEYi9xanNHY0VGajVlNFBPVG5YYkRIdU54Z3pxWEVNaXZVeXBoMW5mODdYV0pBeUdodnpRYlNTTndQY28yNmswUElKWGwxUENjRytFbEdaWlIrMVBwWEd5UEdlYTdpSWFnTWdEYUlIaTRwYkxIelZJSkEzMm01OTZrdC9rU1dlQ0NVWjBEaTR3WkZyZXoyWVlab1BzNmtaZmhnYmhHU2pVOVhwYzM2UDZFc0VnMnlEVUNsL1djcXNWa3owamdBS1Z3WGxuc3BzV01rcFBXWEtrUGRHdDZVU0dtZz09fA&cppv=2

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cecc74d5fbe492316a508b646f4a0eba83d717cc0a65c92be7a138849d5c7ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2965222
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=b4Phr3x6V1RTMy9tUzFwZEk0S3JWZWFVWDlFRkdkbXRsTWVFS0lxYi9WWWJZMkt3cXBKRVVHUm5HcDNyVmliU3hEYi9xanNHY0VGajVlNFBPVG5YYkRIdU54Z3pxWEVNaXZVeXBoMW5mODdYV0pBeUdodnpRYlNTTndQY28yNmswUElKWGwxUENjRytFbEdaWlIrMVBwWEd5UEdlYTdpSWFnTWdEYUlIaTRwYkxIelZJSkEzMm01OTZrdC9rU1dlQ0NVWjBEaTR3WkZyZXoyWVlab1BzNmtaZmhnYmhHU2pVOVhwYzM2UDZFc0VnMnlEVUNsL1djcXNWa3owamdBS1Z3WGxuc3BzV01rcFBXWEtrUGRHdDZVU0dtZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 494083
content-length: 0
expires: 0

GET
H2 200 vendor.98c174215dfd7e8c9df9.js Show response
relap.io/v7/ Frame 3EAF 364 KB
96 KB 49ms
48ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/vendor.98c174215dfd7e8c9df9.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.cfa79fadb4e1b91a370f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 0dd315e0ffa8a3acccc6a21e70dccb56bfbf6e436883a7004c35891613ada105

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-17e7d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 97917
expires: Sun, 30 Oct 2022 14:45:43 GMT

GET
H2 200 common_core.ce471864bc283cdbd3da.js Show response
relap.io/v7/ Frame 3EAF 316 KB
67 KB 97ms
97ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/common_core.ce471864bc283cdbd3da.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.cfa79fadb4e1b91a370f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: a509a2d527bd8c22a21a1bd4ee460d72e9ed3c70b55948a6e547d91b5bcaf6d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-10b5f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 68447
expires: Sun, 30 Oct 2022 14:45:43 GMT

GET
H2 200 app.42b9016d9823d7cc65f3.js Show response
relap.io/v7/ Frame 3EAF 50 KB
6 KB 98ms
97ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app.42b9016d9823d7cc65f3.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.cfa79fadb4e1b91a370f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 1bb217e28c3c2d32e06778d6fe75781bc42ccc40ab03f9ca462d38bb7539ef47

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
content-encoding: br
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-15eb"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 5611
expires: Sun, 30 Oct 2022 14:45:43 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9777.Cnwka8dwRpYqh9FyEFFWPvXlHOb5neSW4wl2dELh8FKqsBrL84oeqa8URFXdA6us.6yHr_KZ06jK9IxpLwYpTdWU4Pkw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9777.-uEt26kjile9HaJSe5TuTODT1hR4XfKstbduJ7naBnrjWlk0xRHbcvFTNvHuwmxZ-yhrb420rZWFzsqPK3Ev2C-bK5wY3LQiYhoHwBR8k1I%2C.nQglhrLoMibe4OU-sD11UoyKYIY%2C

43 B
333 B

69ms
69ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9777.-uEt26kjile9HaJSe5TuTODT1hR4XfKstbduJ7naBnrjWlk0xRHbcvFTNvHuwmxZ-yhrb420rZWFzsqPK3Ev2C-bK5wY3LQiYhoHwBR8k1I%2C.nQglhrLoMibe4OU-sD11UoyKYIY%2C

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9777.-uEt26kjile9HaJSe5TuTODT1hR4XfKstbduJ7naBnrjWlk0xRHbcvFTNvHuwmxZ-yhrb420rZWFzsqPK3Ev2C-bK5wY3LQiYhoHwBR8k1I%2C.nQglhrLoMibe4OU-sD11UoyKYIY%2C
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 71ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Sep 2022 15:45:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E3E2 80 KB
27 KB 147ms
63ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dfbb2a9ac43046fc615e83658069ae902f7e9db822aaf0b1d7015164bd13f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
server: sffe
etag: "1349 / 400 of 1000 / last-modified: 1664536082"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
54 B 76ms
76ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=eef146fe02a96767&pm=bmo&pxo=MiFJ58uFDbpPGJL3upMweUyDYWKUi3FFslscXSHHXRGGIauUP8lP5P_uicGixGbpYrMWlxvyId9OPZqkUz5C-t8v7DZMlwhww-3OwuXwCGPwVPYjOnZwAYAO4aR5D3FLe440ldG5CoYQKwP8mgk8E35mM_xm_iKIhT5YHiZSTME4Fg%3D%3D&p5=gfgmc&rand=nlxqevm&sj=f89rIATjkiQfJAO1daK2Muf78K7pOFV5WyLrBRs6LF7VeBMvbLO-QSCEdhx0SA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjic&rqs=FymN4zJv5WAXATdj743_dPXU5IXeG3_B&rtb-si=b&p2=gatm

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 14 KB
8 KB 296ms
296ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.932%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=2505986393&pr=334542566&prr=&pv=14&pw=5&extid_loader=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1360%2C%22h%22%3A0%2C%22width%22%3A1360%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A120%2C%22top%22%3A83%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A6%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=659462&available-width=1360&yaru=true&pp=g&ps=cxhg&p2=gatj&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyOTAxODYifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI1MzQ3ODMifSx7ImJpZGRlck5hbWUiOiJhZGZveF9yb2Rlbi1tZWRpYSIsImNhbXBhaWduX2lkIjoxODIyODUyLCJyZXNwb25zZV90aW1lIjo0NzMsImVycm9yIjp7ImNvZGUiOjF9fV0%3D&utf8=%E2%9C%93&duid=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f0c22505ea8920792ec430dcf70d668fd80f7bda29b21974a5e310150c6b9d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143947113-16542002232437840863-sas3-0775-509-sas-l7-balancer-8080-BAL-684
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 15 KB
8 KB 395ms
394ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.934%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=329121954&pr=334542566&prr=&pv=14&pw=5&extid_loader=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1140%2C%22top%22%3A1410%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A7%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=659462&available-width=300&yaru=true&pp=g&ps=cxhg&p2=gatn&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MTQ5OTcifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM4NzEzODUifSx7ImJpZGRlck5hbWUiOiJhZGZveF9yb2Rlbi1tZWRpYSIsImNhbXBhaWduX2lkIjoxODIyODUyLCJyZXNwb25zZV90aW1lIjo0NzMsImVycm9yIjp7ImNvZGUiOjF9fSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijc3NDkwNCJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoibkFCVTdHNlJwcHh3aWg1MmtOZnoifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxODA5OTA2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTYzIn1d&utf8=%E2%9C%93&duid=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bc34b600d52143b16b8684d087a67c44910ddfa98d028f524312adb4e89366d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143949552-7102125239853514535-sas3-0775-509-sas-l7-balancer-8080-BAL-3779
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/275069/getBulk/ 15 KB
8 KB 315ms
314ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/275069/getBulk/v2?dl=https%3A%2F%2Futro.ru%2F&date=2022-09-30T14%3A45%3A43.937%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=3450925207&pr=334542566&prr=&pv=14&pw=5&extid_loader=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&extid_tag_loader=utro.ru&ylv=0.659462&ybv=0.659462&ytt=3300146675717&is-turbo=0&skip-token=&ad-session-id=2972861664549143580&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1350%2C%22h%22%3A0%2C%22width%22%3A1350%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A125%2C%22top%22%3A3715%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A8%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=659462&available-width=1350&yaru=true&pp=h&ps=cxhg&p2=gatp&slotNumber=7&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyOTAxNzkifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI1MzQ3ODQifSx7ImJpZGRlck5hbWUiOiJhZGZveF9yb2Rlbi1tZWRpYSIsImNhbXBhaWduX2lkIjoxODIyODUyLCJyZXNwb25zZV90aW1lIjo0NzMsImVycm9yIjp7ImNvZGUiOjF9fSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI0NjkxOSJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiWHhHUEdLb3ZET1YwWkc1S0FPcEMifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxODA5OTA2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3ODMzIn1d&utf8=%E2%9C%93&duid=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&use-server-side-rendering=1&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

65a3f19b8acd7b8969e8f9bdc648f50573eeeb1d5261faea8b513ec24f7e92fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664549143952571-14060877952632108954-sas3-0775-509-sas-l7-balancer-8080-BAL-4596
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 advert.gif
code.giraff.io/data/ 34 B
247 B 18ms
18ms Image
image/webp 2606:4700:10::6816:4f7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.giraff.io/data/advert.gif
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
cf-cache-status: HIT
age: 0
cf-polished: origFmt=gif, origSize=43
content-disposition: inline; filename="advert.webp"
content-length: 34
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Jul 2022 14:10:01 GMT
server: cloudflare
etag: "62c051b9-2b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 752dbe759e8c5c02-FRA
expires: Fri, 30 Sep 2022 14:46:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B9AE 80 KB
28 KB 112ms
57ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc0a06f8e0f8385f13d5e96e94b3f9fdee6e06b40144a17a79e628e297e9de34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
server: sffe
etag: "1349 / 590 of 1000 / last-modified: 1664536082"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 81ms
81ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=fd4bea7be642d076&pm=bmo&pxo=c387wGdKFDgBYU1F5fLFga-UR2kcWT-OWmfBZheucPiSdKF0rDIs8Y0oW_XX9UCzbrlD8ieqg2zLmOHJifVYVSmwEX31R70ure56W1V7A91Envod4KVWKGONKdq_AomziLgyxMKcvNIzFP4HKpGD-ebhfPrmvEeQ285JHmHCFGM9ZQ%3D%3D&p5=gfgme&rand=cuoqcfw&sj=zqJ_0LGyFxNx5FrQnEeUUkcU1Igt5Y2vGNsd0TtV6eVhpmPPZ45gYGKWGQ83-A%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjif&rqs=F9VT1eKpIHwXATdjPjBgyd3UeMf5ryYO&rtb-si=b&p2=gato

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:43 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 utroru.js Show response
data.giraff.io/track/ 49 B
324 B 203ms
54ms Script
application/javascript 92.53.64.248
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://data.giraff.io/track/utroru.js?r=&u=https%3A%2F%2Futro.ru%2F&rand=0.546332658562017&v=202209121240&vis=1&callback=cbGeo826835292&sp=b
Requested by: Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 92.53.64.248 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: a94a11067e3a537402ffa959797dcc7b0f9d5c45e7aa0c8be08d38bc7f605003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: application/javascript; charset=utf-8
date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 987C 80 KB
27 KB 90ms
90ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d327306dae0975c815213df7587d5159825185a749b7ca91d992857688486e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27702
x-xss-protection: 0
server: sffe
etag: "1349 / 48 of 1000 / last-modified: 1664536014"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 72ms
72ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=1aa26010dbeb5f0b&pm=bmo&pxo=1A2kyxBnhhKIZae8FCynMJ5NEAIhqtVc257i8j4CKXnYrT19tMkzBHPn7VoDhRyctOkaPQ5zGko7ldowKzSuKGDw02gjQXPxThmycMnfm3GirQCtWW0ja9whgIfn5W6nddfyPvuXRHwveliaPmiyp-btlRT08xk8fD4nk_z-G_Ei0mQ%3D&p5=gfgmb&rand=fplouru&sj=uQHqlcu9K-N_LlVNyb-G9VNXkdaabxym6Pa7ZsOuZKiAVFvW9c_TSDlIwsm_rA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjid&rqs=F5k30HHhBH8XATdjCNIDRXadIQsO2WYW&rtb-si=b&p2=gatl

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8B07 80 KB
27 KB 75ms
75ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dfbb2a9ac43046fc615e83658069ae902f7e9db822aaf0b1d7015164bd13f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27708
x-xss-protection: 0
server: sffe
etag: "1349 / 302 of 1000 / last-modified: 1664536082"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 74ms
74ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=f5f0a79926e5c77f&pm=bmo&pxo=M4o7pHXr4_8EGL-iUXpqEQrC-MncfUPfzY0DuxTaPo3YnlKjv9QPd6zLMf7DoqpLn5hsxyHDMZBZuEo5SMemb-xa1RbOCFRLc8i8MFY6hpIhmTl3eJ7ZyHuHoFzYDeN7bQZHq36OXE_YqbdsEw76BuFqM9cgY1lSCJBPg79YhXcpVA%3D%3D&p5=gfgma&rand=gdlxgob&sj=HFebaII-_MfrIjFnRJlmjgGlhEr5SFU-cDzEnhiOaisyuYpFuyJi_RfKiqFj&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjii&rqs=FxW3Z7xqMQoXATdjNi7gH--nw7RLJeYz&rtb-si=b&p2=gatq

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

OPTIONS
H2 200 metrics
relap.io/api/v7/ Frame 0
0 55ms
55ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://utro.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://utro.ru
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 30 Sep 2022 14:45:44 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back08
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

POST
H2 200 / Show response
s.relap.io/api/8/envelope/ Frame 3EAF 2 B
171 B 157ms
59ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.relap.io/api/8/envelope/?sentry_key=de87b3f4168749e8889e7f7049c29c5d&sentry_version=7
Requested by: Host: relap.io
URL: https://relap.io/v7/vendor.98c174215dfd7e8c9df9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://utro.ru
date: Fri, 30 Sep 2022 14:45:44 GMT
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
server: nginx
content-length: 2
vary: Origin
content-type: application/json

POST
H2 200 metrics Show response
relap.io/api/v7/ Frame 3EAF 2 B
1 KB 62ms
58ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.98c174215dfd7e8c9df9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-max-age: 1728000
access-control-allow-origin: https://utro.ru
cache-control: max-age=1, no-cache
access-control-allow-credentials: true
x-server: back23
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

GET
H2 200 core.f806723b72a5511ae50c.js Show response
relap.io/v7/ Frame 3EAF 6 KB
2 KB 50ms
50ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/core.f806723b72a5511ae50c.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.cfa79fadb4e1b91a370f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 0ea50a18b3de7d6f22ed1ec6d01279d11a222f439240b0f0163d6f4816b798ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
last-modified: Fri, 30 Sep 2022 09:06:34 GMT
server: nginx
etag: "6336b19a-7f7"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 2039
expires: Sun, 30 Oct 2022 14:45:44 GMT

GET
H2 200 pubads_impl_2022092701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9AE 378 KB
129 KB 54ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 12:21:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131011
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 12:21:02 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame B9AE 285 B
785 B 65ms
20ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E3E2 379 KB
129 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 09:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 09:32:43 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame E3E2 285 B
309 B 50ms
29ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 abp.gif
relap.io/ Frame 3EAF 43 B
208 B 49ms
48ms Image
image/gif 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=1&rn=5.7447110947348285

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Wed, 21 Apr 2021 14:05:09 GMT
server: nginx
etag: "60803115-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 abp.gif
relap.io/ Frame 3EAF 43 B
208 B 49ms
49ms Image
image/gif 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=2&rn=5.7447110947348285

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Wed, 21 Apr 2021 14:05:09 GMT
server: nginx
etag: "60803115-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2

200

altergeocs
relap.io/partners/ Frame 3EAF
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=QYEw4t16&nc=BrGKjYuc&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMAA4_cv_6SqySyG9_tYHANQ==

43 B
619 B

55ms
54ms

Image
image/gif

95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMAA4_cv_6SqySyG9_tYHANQ==

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back14
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:44 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMAA4_cv_6SqySyG9_tYHANQ==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content QYEw4t16
ia-dmp.com/cm/3/ Frame 3EAF 0
238 B 111ms
19ms Image
text/plain 185.26.97.53
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ia-dmp.com/cm/3/QYEw4t16?redirect_url=https%3A%2F%2Frelap.io%2Fpartners%2Frusnewcs%3Fuid%3D%24%7BUSER_ID%7D

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.97.53 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

dsde981.fornex.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:44 GMT
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2

200

gnezdocs
relap.io/partners/ Frame 3EAF
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/QYEw4t16
https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/QYEw4t16/?redirect=1
https://relap.mail.ru/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag==
https://relap.io/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag%3D%3D

43 B
533 B

53ms
53ms

Image
image/gif

95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag%3D%3D

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web06
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

location: https://relap.io/partners/gnezdocs?uid=XV9maWM3ARg6ZoY2ejK8Ag%3D%3D
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
server: nginx
content-length: 0

GET
H2 200 counter
top-fwz1.mail.ru/ Frame 3EAF 43 B
873 B 55ms
54ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3136989

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 987C 379 KB
128 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 13:49:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 987C 285 B
173 B 44ms
26ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 66ms
66ms Script
application/javascript 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CJ9M&cb=_callbacks____0l8olkznj
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: 6e9bd47586317a1b3ebcadd69906e456421cf9551f694b1483a29c60770ef6e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:44 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8B07 379 KB
128 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 09:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 09:32:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 8B07 285 B
173 B 22ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/42382979/
Redirect Chain

https://mc.yandex.com/watch/42382979?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/42382979/1?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

439 B
846 B

75ms
75ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42382979/1?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A684173840740%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144543%3Aet%3A1664549144%3Ac%3A1%3Arn%3A823333375%3Arqn%3A1%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C62%2C68%2C196%2C0%2C%2C606%2C22%2C%2C%2C%2C1061%3Acpf%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549144%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

19a5e22991a4443ea1f845fd0a93ec0d1dba0ac9d2b8578d6fbcd790f245cd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 30-Sep-2022 14:45:44 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 14:45:44 GMT
location: /watch/42382979/1?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A684173840740%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144543%3Aet%3A1664549144%3Ac%3A1%3Arn%3A823333375%3Arqn%3A1%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C62%2C68%2C196%2C0%2C%2C606%2C22%2C%2C%2C%2C1061%3Acpf%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549144%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:44 GMT

GET
H2 200 share.php Show response
vk.com/ 23 B
571 B 148ms
51ms Script
text/html 87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https%3A%2F%2Futro.ru%2F&index=0

Requested by

Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv133-129-240-87.vk.com

Software

kittenx / KPHP/7.4.112318

Resource Hash

347fff02aac4f7feec3b2b50561d77d1cc58ddd3e6bdae8796cd33c99b93d127

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-frontend: front609304
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112318
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 43

GET
H2 200 dk Show response
connect.ok.ru/ 27 B
2 KB 219ms
55ms Script
application/javascript 217.20.152.207
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Futro.ru%2F

Requested by

Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.152.207 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip207.152.odnoklassniki.ru

Software

apache /

Resource Hash

2c5f0109b2b7851cc6a9f7c2ef41c9e31be6e8ec4cf2fb64b1d78143f606d78b

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-encoding: br
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks: WidgetExtLike
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 list Show response
a.giraff.io/rtb/match/ 539 B
789 B 71ms
13ms XHR
text/plain 95.168.170.7
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.giraff.io/rtb/match/list
Requested by: Host: www.giraff.io
URL: https://www.giraff.io/data/widget-utroru.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 95.168.170.7 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 209960f229774ce962a5d507297686ce7632f821e1444d35438e3a04d045820d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://utro.ru
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B9AE 107 B
792 B 72ms
21ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B9AE 107 B
549 B 55ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B9AE 15 KB
8 KB 259ms
259ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=855455490258528&correlator=556831991232339&eid=31070023%2C44768258%2C31067825&output=ldjh&gdfp_req=1&vrg=2022092701&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_300x250_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&adks=2200098131&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_03&sc=1&cookie_enabled=1&abxe=1&dt=1664549144250&lmt=1664549144&dlt=1664549143951&idt=275&adxs=1105&adys=2500&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=hs82qj2qmjzq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=300x250&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=451691076&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821987f424fcec84bc5d367e181844a883b9b0cbff93b16ca4e486a15c111c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8371
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9AE 14 KB
11 KB 41ms
24ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63677d2d9ee5ab7fefbb5929b570237eb6cad5c74d9b4dd1ed6ad8b73cfa3de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11104
x-xss-protection: 0

GET
H2 200 container.html Show response
a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ADFF 6 KB
4 KB 54ms
17ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F796 80 KB
27 KB 133ms
85ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7558d470b00a5a187435d8bd2c5383856ccc8ec315792ef9b09cd8e46090aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27707
x-xss-protection: 0
server: sffe
etag: "1349 / 203 of 1000 / last-modified: 1664536014"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 81ms
81ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmo&hash=4ac294b7ac523d51&duid=1664549144290028393&pxo=dxQr6PvF5m8nlXikJ8LlGtk3gS7Kdb88J69DaCQxKZSQs1CKWHXE6H-YZxXnCqHpQC7tRcMv3az6UqyDes3z8xubMlANNgik27Ghmiq_ofZjJkYrIx4e8lTcQaxC8v8Vnwhppn-gJTfGumA8UOLKNEVgExoCHAfZNDtCve4Iv24iFOs%3D&p5=gfgly&rand=joqlgva&sj=eX7xj4Bwznur_5OvHy7zjXWVM2IJByPzqO1jkHxGoqcrADQ-imHFGG1YUHrGTg%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjig&rqs=FymN4zJv5WAXATdjcRhZPYNjguh1OGZH&rtb-si=b&p2=gatj

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 190E 80 KB
27 KB 94ms
59ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

543a8b02938856a455b3643dba07de557cb9a5f036748ef8b179097fadc9149b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27701
x-xss-protection: 0
server: sffe
etag: "1349 / 43 of 1000 / last-modified: 1664536014"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 77ms
76ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmo&hash=31f8a576d44f9adb&duid=1664549144290028393&pxo=wGv6s1RenjSII4nbx3DPhPBRar4aERCl82T6WaiGQX1BRh9zLn-91JG5fPw6BCQhGUimZnbnaqZUcUGXJxzMeZsgod4XFQAvihMA6ICbBUwEGMNlxzkSfefxWYtULlx3yjtzdF5vC5d61nb0WQSnZUBwNM3Kr1ai0yRhGzWRx-N0Zg%3D%3D&p5=gfglz&rand=jrsirrq&sj=K2UWbGvrwF7NB0AMPTVVAsDSpcxfMVM8TUsSd_nnRyso1RWR1MjzO0LD_9ZPhQ%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjih&rqs=FymN4zJv5WAXATdjwRRYiYi-fYqtCFCQ&rtb-si=b&p2=gatp

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E3E2 23 KB
10 KB 305ms
302ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1353651628256477&correlator=690150072644703&eid=31060438%2C31069837%2C31069994&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_300x600_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&adks=878873782&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_03&sc=1&cookie_enabled=1&abxe=1&dt=1664549144307&lmt=1664549144&dlt=1664549143921&idt=366&adxs=1145&adys=3007&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=4f4v61fgl486&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=1617277009&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9abd82303f2efad2568049da7b78d113fd4a2ee90fd927697428a5cb6e1ec700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10169
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E3E2 14 KB
11 KB 26ms
25ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35280fed87ea7d6b0d895639b5bcc42063ea5b1c5cb4e91ab0c077854ab6b784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11032
x-xss-protection: 0

GET
H2 200 container.html Show response
295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 40CA 6 KB
3 KB 99ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 987C 107 B
122 B 37ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 987C 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 987C 23 KB
10 KB 405ms
404ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4366274836163851&correlator=2698757773511157&eid=31068457%2C31069634&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_240x400_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=240x400&ifi=1&adks=2020866948&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_12&sc=1&cookie_enabled=1&abxe=1&dt=1664549144353&lmt=1664549144&dlt=1664549144011&idt=319&adxs=480&adys=953&biw=1600&bih=1200&isw=240&ish=400&scr_x=0&scr_y=0&btvi=0&ucis=gl0wo8bso70e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=1060756414&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3693dee0d553cf0326ac360cea598bb69bf17c900aa87338c3bcca9a783a0948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 987C 14 KB
11 KB 25ms
25ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d618e8165698ad5a2887ae3b1515569db70082794db9c913c5ea536041792895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11059
x-xss-protection: 0

GET
H2 200 container.html Show response
305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 638B 6 KB
3 KB 80ms
16ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
s.uuidksinc.net/match/246/ 74 B
242 B 59ms
14ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/246/?remote_uid=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 268ms
64ms Image
image/gif 195.209.111.19
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=77&external_id=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.19 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.gif
statmedia.ru/counter/ 43 B
265 B 248ms
67ms Image
image/gif 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statmedia.ru/counter/sync.gif?system=directadvert&ext_uid=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:44 GMT
Server: nginx
Content-Type: image/gif
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: 0

GET
H2 200 /
s.uuidksinc.net/match/618/ 74 B
241 B 59ms
14ms Image
image/png 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/618/?remote_uid=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

GET
H2

200

/
code.giraff.io/sync/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=44433&callback_url=https%3A%2F%2Fcode.directadvert.ru%2Fsync%2F%3Fdsp%3D165%26id%3D%24%7BUSER_ID%7D
https://code.directadvert.ru/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f
https://code.giraff.io/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f

43 B
230 B

76ms
75ms

Image
image/gif

2606:4700:10::6816:4f7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.giraff.io/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Server: 2606:4700:10::6816:4f7b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
content-type: image/gif
cache-control: private
cf-ray: 752dbe790ccd5c02-FRA
content-length: 43

Redirect headers

location: https://code.giraff.io/sync/?dsp=165&id=6b4a84eb-d275-5211-a70d-2d08c43a2c1f
date: Fri, 30 Sep 2022 14:45:44 GMT
content-type: text/html
server: nginx
content-length: 138
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2 204 smc
z.cdn.adtarget.me/ 0
41 B 50ms
13ms Image
text/plain 212.32.253.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.me/smc?s=83&u=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 212.32.253.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:42:12 GMT
server: nginx

GET
H2 200 pixel.gif
dmpprof.com/matching/external/ 43 B
736 B 398ms
129ms Image
image/gif 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmpprof.com/matching/external/pixel.gif?sid=17&uid=984535489
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: image/gif
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 43
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9AE 17 KB
7 KB 55ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 55A2 80 KB
27 KB 54ms
54ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/659462/182109b17d885ab3048d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

589733b054fe0761d3496b61c896e53714e4b8b73791b9208d0d0bbc4f051feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27702
x-xss-protection: 0
server: sffe
etag: "1349 / 28 of 1000 / last-modified: 1664536014"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 97ms
97ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmo&hash=f971854a316ae4a4&duid=1664549144290028393&pxo=z5QevhPVgDUxB8O6hrsuJrBHdZTBRkAy5JqOMZKZn9lj8eUlzeZwq84RcVPc4WsZyjMLKU1o7Kmo1Mq7rrWO-TZs5pAlgXyKEepuGaIWcvKowj7UBMrJr_9tvuneVXiI2rv5HyTjuVVynyWgM_VxW3VDISA9dfu9YqdFmhnAzSxshw%3D%3D&p5=gfgmd&rand=icxpcig&sj=mdzG3i4uGsdq2X1PXi_IZdgi_uvVfVIzHullOqT3netZzUtkdfYKaFFAaXfgog%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjie&rqs=FymN4zJv5WAXATdjftGZxcIlS1g4JWAl&rtb-si=b&p2=gatn

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8B07 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8B07 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8B07 23 KB
10 KB 196ms
195ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2885599302262370&correlator=763370476019272&eid=31069923%2C31069994%2C31068356%2C31068528%2C44773130&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_1000x250-3_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1000x250&ifi=1&adks=476774204&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_03&sc=1&cookie_enabled=1&abxe=1&dt=1664549144406&lmt=1664549144&dlt=1664549144033&idt=363&adxs=300&adys=5045&biw=1600&bih=1200&isw=1000&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=a6qlxn8fxdkz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=1000x250&msz=1000x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=422941093&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49424dfe4de89501495887c5a5d6fb991a2fde53fb48433f853859b98465f7c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10186
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8B07 14 KB
11 KB 24ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f13df0b1c8d0b6fdd59d71e7d86c77150c0a6b8436baa295220b54029a2c8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0

GET
H2 200 container.html
3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AEC 6 KB
0 131ms
16ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
866 B 180ms
41ms Image
image/gif 88.212.218.22
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDM4ODZjM2NmLTZkYTItNGI2NC1hMDZjLTdiNDE3N2M3MWJlZhoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjY0NTQ5MTQ0MjE0Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDEwODVjY2RjLWJjMGYtNDBlZS04MmJjLWVlOWNlN2IyZDEzMBoILnNtaTIucnUiAS8oiA4%3D&rnd=1664549144412
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.218.22 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: ads5-1.sser16.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Fri, 30 Sep 2022 14:45:44 GMT
Last-Modified: Friday, 30-Sep-2022 14:45:44 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 242ms
62ms Image
image/gif 82.202.225.240
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDM4ODZjM2NmLTZkYTItNGI2NC1hMDZjLTdiNDE3N2M3MWJlZhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY2NDU0OTE0NDIxNBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkMTA4NWNjZGMtYmMwZi00MGVlLTgyYmMtZWU5Y2U3YjJkMTMwGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1664549144412
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 186ms
63ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 30 Sep 2022 14:45:44 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E3E2 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 987C 17 KB
6 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42382979/ 43 B
85 B 69ms
69ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42382979/1?page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&hittoken=1664549144_3012c651f1692c61b90f3ffae76eba0b62633efb64f7b3bcffc2b7e8c1aaca0a&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A1%3Als%3A684173840740%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144544%3Aet%3A1664549144%3Ac%3A1%3Arn%3A401634749%3Arqn%3A2%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549144&t=gdpr(14)mc(p-1)clc(0-0-0)lt(7800)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 14:45:44 GMT
content-type: image/gif
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8B07 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 190E 379 KB
128 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 13:49:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 190E 285 B
173 B 18ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F796 379 KB
128 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 13:49:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame F796 285 B
173 B 18ms
17ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EE1 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 93D2 783 B
1 KB 122ms
50ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8850112af1c3a02f2b6ff69c80d1e6e1b9e1dd71b18b52630df247d62da879df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gjynMOzPK4GzirgpUVZXeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-gjynMOzPK4GzirgpUVZXeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0217 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D890 783 B
737 B 118ms
52ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e57db729289a801356711dba36f8e32f1a36758337cd1c797e3f6641f2e4e50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QoZohAn7kl6xax_1Ie2O_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-QoZohAn7kl6xax_1Ie2O_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D643 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 14F2 783 B
737 B 108ms
52ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98e2c8c733b1d56cf71b8af61ae88da73c4c781e243a89e51e10b1a490652909

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ONXZAib_T5wJJ01_mmBOsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ONXZAib_T5wJJ01_mmBOsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl_2022092601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 55A2 379 KB
128 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 13:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131426
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 08:39:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 30 Sep 2023 13:49:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 55A2 285 B
173 B 19ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=utro.ru

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 container.html Show response
a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F8A 6 KB
3 KB 28ms
11ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js?cb=31070023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 78ms
77ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=67b859febdd14a99&pm=bmu&pxo=c387wGdKFDgBYU1F5fLFga-UR2kcWT-OWmfBZheucPiSdKF0rDIs8Y0oW_XX9UCzbrlD8ieqg2zLmOHJifVYVSmwEX31R70ure56W1V7A91Envod4KVWKGONKdq_AomziLgyxMKcvNIzFP4HKpGD-ebhfPrmvEeQ285JHmHCFGM9ZQ%3D%3D&p5=gfgme&rand=hifkpfp&sj=zqJ_0LGyFxNx5FrQnEeUUkcU1Igt5Y2vGNsd0TtV6eVhpmPPZ45gYGKWGQ83-A%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjif&rqs=F9VT1eKpIHwXATdjPjBgyd3UeMf5ryYO&rtb-si=b&p2=gato&resp-time=600

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B7C 13 KB
5 KB 13ms
10ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7AAB 783 B
740 B 54ms
51ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ab5af1eced8600677497aea39fe6549565546768887337642b4d565a590f320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ntAkt0URsZFqN8Dzg8NEig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ntAkt0URsZFqN8Dzg8NEig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 190E 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 190E 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 190E 26 KB
12 KB 289ms
289ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=698392689564855&correlator=1624999662663961&eid=31068367%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_1000x250-2_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1000x250&ifi=1&adks=2535004495&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_03&sc=1&cookie=ID%3De378ce1f5ee6a2bf-222d3b9237ce00e2%3AT%3D1664549144%3AS%3DALNI_Mbl-wENUIBtQd7YDqlGIjFQR9hGBg&abxe=1&dt=1664549144605&lmt=1664549144&dlt=1664549144274&idt=318&adxs=300&adys=3835&biw=1600&bih=1200&isw=1000&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=iae6ubb73y17&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=1000x250&msz=1000x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=212916776&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3591c592a8ecd0eca6d0e02920e260e025a7fda6e0d595293dcb5456c47ae9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11784
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 190E 14 KB
11 KB 27ms
27ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

032f0d3cd6963f2d3d5c26e8decd6bb97185cdb8264cb19446e8e49250edeb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11023
x-xss-protection: 0

GET
H2 200 container.html Show response
657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A89A 6 KB
3 KB 111ms
17ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame F796 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F796 21 KB
10 KB 322ms
322ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1743681486487374&correlator=3715194107347343&eid=31060439%2C44742768%2C31068921&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_1000x120-1_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1000x120&ifi=1&adks=4047511872&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_18&sc=1&cookie=ID%3De378ce1f5ee6a2bf-222d3b9237ce00e2%3AT%3D1664549144%3AS%3DALNI_Mbl-wENUIBtQd7YDqlGIjFQR9hGBg&abxe=1&dt=1664549144623&lmt=1664549144&dlt=1664549144262&idt=349&adxs=300&adys=83&biw=1600&bih=1200&isw=1000&ish=120&scr_x=0&scr_y=0&btvi=0&ucis=3d498jrpf5ap&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=1000x120&msz=1000x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=1877015010&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

140c5efdf2be3d7bc8e640c2feab36114e381c304867df45bc7dd5d32e51a1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10065
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F796 14 KB
11 KB 25ms
25ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0189f0e694682454695fe1b182c0bc26425760bb03e14969e34cb424686a6dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11212
x-xss-protection: 0

GET
H2 200 container.html Show response
ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 631B 6 KB
3 KB 94ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CF83 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 95ms
95ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=b852f056e8b42b91&pm=bmu&pxo=M4o7pHXr4_8EGL-iUXpqEQrC-MncfUPfzY0DuxTaPo3YnlKjv9QPd6zLMf7DoqpLn5hsxyHDMZBZuEo5SMemb-xa1RbOCFRLc8i8MFY6hpIhmTl3eJ7ZyHuHoFzYDeN7bQZHq36OXE_YqbdsEw76BuFqM9cgY1lSCJBPg79YhXcpVA%3D%3D&p5=gfgma&rand=jabwknr&sj=HFebaII-_MfrIjFnRJlmjgGlhEr5SFU-cDzEnhiOaisyuYpFuyJi_RfKiqFj&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjii&rqs=FxW3Z7xqMQoXATdjNi7gH--nw7RLJeYz&rtb-si=b&p2=gatq&resp-time=638

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 container.html Show response
295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C7A 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js?cb=31069994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 78ms
78ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=e364ee4fed6eca39&pm=bmu&pxo=MiFJ58uFDbpPGJL3upMweUyDYWKUi3FFslscXSHHXRGGIauUP8lP5P_uicGixGbpYrMWlxvyId9OPZqkUz5C-t8v7DZMlwhww-3OwuXwCGPwVPYjOnZwAYAO4aR5D3FLe440ldG5CoYQKwP8mgk8E35mM_xm_iKIhT5YHiZSTME4Fg%3D%3D&p5=gfgmc&rand=jdrwwbr&sj=f89rIATjkiQfJAO1daK2Muf78K7pOFV5WyLrBRs6LF7VeBMvbLO-QSCEdhx0SA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjic&rqs=FymN4zJv5WAXATdj743_dPXU5IXeG3_B&rtb-si=b&p2=gatm&resp-time=759

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EAE5 624 B
300 B 39ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYyeGn1AEwAQ&v=APEucNV6MkjcEyp4SUqf6JayR6SQBuQzHwSeXb8CYkccKLa2BqhT3oupFk2YIGDxJfwTtYKMS5nkbMkM4LZT-OOx8dRciivDA9foZmtQGCg_W1vob8vYjSACwvF6mvLOIsx-0eCyyeUVS-FUv8u6l91BSlLn9TuhVHZTrOv8dvgc7rD_ShP_qmA

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4F8A 89 KB
34 KB 69ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUQGEO_M1NbwlrUGglMwsmhIeQ7U5pYgCyKsk-pne9VvTZUNMhOqAu2-i4HQ-K62exxN-szqLV8losYppKahp8AOQCll87K4D8OE5vevrE7HQ-C8fXiOjmEyV78HX-Pj_6kEwDF38r0z7lWWoRxh-Mfen5IguZn5EiUiMy9R0ms3KAFtg&dbm_d=AKAmf-BeGMeKfSXCSgfzyJrAVxSUveZG-mRbLya6kVYC5FFi0PGh347fNbz9_6-MyABBJ09baSSOo2w9EpvbVUrChU12OTGWv7JPBOrGmbcY2C8rtuaJyzJaFhlgl3PxsfJ_v7Fd6Hq6OrrPz79MVKMZP65_0yfWV8HXrDRo_ItgsvvM7gpA_E86gRKHafTsnnYHx3iLP0bn9rf5OVm80-rdinES98X3kvbODKUKhfIFuCS_D2HWzrXO95G-KZlCMVnyANUS_W7ksC6NBoB06WH68Qh4CgkpK31AZ_M19_w2gtqYLa7B8FgfFbNotQGugjAmZvgtF3cleHtoxGONAnC6WPB86RyLoDtpdxN5MSObvEnCQIboH4D9OaCeeoac_mIM03waXlFYMiDdXvebt5pDoIdV4AXWA1nNWdX2XOxybBv8ClegIt0RofputMvwOpz8Nh-b6YJoVe_tIfhd-cnJ0v0Bezk6uv_nmyXUAcZRoVX8GSp-t6eoc4POdYBHkvBTOQhphAdREwBwzBaqO2KNW6EYjHWp_gmGjWWaRwmTBTsh7ka7dy3qpeyJqUGMBsoiXpj-fp7g3CMgr0VMX_JS7rp9OdtQQT-ao0VNzx2hOG8_tNZUGjWpyIDRa4hMh6WGx7ANcu399qw0-555SPiVi1mCNvSCgzKmCvSkcP0mnrv32Ee2oyxQfHZ3Cld97pbtvYVILIv4mVsO2R8blEexBmZWngsF00Y6Y-f21O6Blznq-NIyv5rrNL3bPMckviKjoCIX5laJWCGnFMvExiDG2xsmT6tQRxVFSsI7tVm-nQgXcHmQDMcdlvZYZxQYt9zM2thp-Ssyg1xrkIQ8vgPoZCjKDn0b2y7pTSkSxgfqiePa2pDk-s3H-tK7Sma1P5UT-mTvFoznCSe-GKB-dUcyh_wNKtXNbg4cBnAZsqkiW8rxV9u-0EI7hGu64WG7U_sFPGjmxnxc3g308sFSqcGTvz24-vLZrXVLYU2ZPRyQ-UEuZr0izDagFWavnU1LBDUZPpDRtbgkbXBTBJdwdZNPdDw5p3VwUEIsbR2odz7wM1zJ2JPC8PoLIPmuvuX_jZH3WC5gw36cPcf0Hh7bRqSLEnqxYTt8vyOqCLn6lMch51lThhyt2K6R_aMqjxVYaP-sHGaWCiKXNJnRa8fw0-OQrTRF44KjY7_1EPUWX7pON4h5ihKbfFcf2SPzQfc8o9Gu194WuKeHbI8Q49viBD4mi9g6Z8LzzJb6pwnOupYbag3a9hLSfxKKJrNU0xn-m3aoCBzzi7KnMhH2pm9wDNzI9Y7qLryHMn2XAd7SpylBs_7tD7pFR-_Z5FY4HwMgG-E8fPVO8nIb_YiBYbtQL_rMR2llFFB7S_Qlh7_tleLDkSrNcUn4807yv2cnW7ZqbSBb6jENr7XZN_B4vFlWS3VMvtftwgsp98jd3azUs3AiP2GBEILftw5E20a1I8B_Vf50AdY0-BncsPlg7z7j-zAoM3mgDj56r8jr3ngzSAeoyLESUYoKz_Ns1g_-sPCmSoJy1vLmAH5Zxspt5zFqDcXAfl_KbbxmCofxONOXSjbuAoDIePGtTF4xjzDzfCpeA5blmItbj8qC_IIBFuS7hxhlOLpFnV77eTtgcP1PJ8flGBD_eyibV-hBIS5xpwLKqpR_6fWqU1GFyshpT434-3enm5tlxONT0RWVq5i85JMw81BOzA5w4Kzov6akJltLQSNTWnofabsWTfLeEeyVRW7iF9EXgL-V1m5JUMmvhxfyRR8BS2EqVYmaBXv3374g8PdT0f-3mKeQtD-IgIXm04j1tOovwoWNal0rUeAgNkO1SC-my7WfeRR8dZQYapGjVPDzpKURr7qWl0d651I2Mb-G7TnDsdL6IlptfYUVBlVmLmUvXe380fEvh5RbWKeqd_rp6IixTPST5rvGdC8PG3c0ROF4ygRqlXRV8m--K9sGCsjfy-Iv4Bu_oU6CUxPN4TqY7DuK_vCUJ_fGY36Kfdz99n6_G-Q2fjGQ5pzGR6OJnA-j68htREXpQWg9fc1vVxI7uOghf6oe1NN991kRo5OjOWNVyw2gBLvLpoE4DgqgcGSphmtuJcFHFdcWZrtkrXTG20vtlgiMuyCcygGj6AWiwXVhu4nWHgz2Ua_oW4wyH-emK33VfBR3bKOyJmKOmEzZul32_pNyVAOOtQmtTDfm_y9Zu1KdHS2lGtXn0HeTHqrMKW7kYaYgQukoLWAHnduuS4xuLw-Dcx0l38e_ULXVq7wn2r24dKnU7NrWwWCnALPICf85_Mum2JnjfBCXg4s2aEW0x5OPPEeG2ppVqmIfdqraTeDrG9Mp-LKOn9eauM7BP_263L8alvkr8HG9RvrMWtgUHY-CAr4rl_v_q-4j7HOH044Rysx3SXdk3eE4fWLszc-Dnhn0Q2BZegRYs6Ybf2sckS9aiBZ_BvzX4_6gXN6az9rMB3SJ1DXFVf3biSEudxdoNnS0u3Qa3VkNRnfGKX8AztYG_SOZacKshU-Xc9Ar-Sh1l4ByUDMrG4i_vkAo5bCeBDiVkE0qRNdo_lSK8bmHIpwL4fwldIYGWP_GaggJAUUA_eOXAldGLDcCgIn_kM95k_czCmHAd_Nb2EMrX7JvxlZ04yhdRtQM0ESYkzhK9D4jXod3PDTWDMqbDqtuc8wniSjyEMO57GFs85FBPCzyyto7WTCEt2M3OS-_cNJi-PGM83vk0UcGI4QdC4qgO5REb54kIz5w8xHQ-wBFWyN4Ou1Y69IlSDnUIFZuOg7wE_t8LIRu9mNe7cAAB5BIFVFJflORHKDat0ttFt3j38JsvB4QSaJvwCEiNr2SXBjqizLg3RPLvscSTvtQqjQDrUrpBHsOpWzCT_LMyUqSVg5af6sbCbieSmyuE-hxSqh2h7GN2d-6-mMgx9sqMDZ2UXdIGSSU0M1aGi41G-1UbTpZ7PJyyUZ8A2l-Y6HWVRwHuyY_c89x7OwMsXC6qFSKAhCEeMx6Eat-CjI1x-4O_meboWsx4ocuE--v9-4JPSxEndCsJ1eU0BRbIDvmnJpZ226ku3OCcKFFhV4xPgeree3m6d_B04v3vc8RKCcPp4VrzsESrp2ocn4MQJc5PNoiJn2RzTt57QIATFvpLw6QZUOnVdB0O7YY6kBkWNNbyOkPr6WIDhQhKVYFkQgu7t_zDh-7TzxM3b9eEFdiQdOHe3jJYrZB4RHc9aW-6DVSY2kLoKpd4KlxvB5_29ElCf_EmZlDgVtnHf1TSi6yXi6Y25jYe8CEZ1i6zbyYOy2UwFdAthXcs48akXTbATq1guPTUXjIqLezffyJOdZnIBnivWtuo923hmtDqzNsPfgdHYXj_uShoN6mpAgUJxzikVsnKzD9-5hQoVerVPqSKAEYA0UYvp6n50tkdIn1O4VeGauskK0DPM3zM9nzKCIw_fRwyqu6WTm7bG_EOth1oHDpwinraewitUlbVwZC0SfsRlAbzq-TrG6sG3K4VjZek94ONp2zTprr_v9WXEWyRjR2BNe-DvP-E2NcJG9C92ho_IoHIwAaeSvISr69sS7P0G0ApW3tgveTrub3DDRRNBjQvTaXRnnWbXcjQuXAK546ws0zcANTJvxt9lU9ixB78wfP5WcgQU83qxpZ1tNj8nS8XJQshoKJ&cid=CAASKORorykIZTZKGdhGkpM9ZYvmENBuzMVsjQp7s3dutNkvdCeclflzdKg&rfl=2%2Chttps%253A%252F%252Futro.ru%242%2Chttps%253A%252F%252Futro.ru%252F%240

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e74b9be0700c64b6d8ab9e584803370ae0f2685e79ae4404bd3c5c3a7fccb613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34865
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F8A 42 B
63 B 60ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4b2a3hZlYt5QCsPjB-pN0g48y3UYSeIPpb2fvYWFMiK10ZG2Nf0JbWnIToysZ1UK22GG8gQgTT4o_67VzWi9IBuu3WWyumRRpFBN-mVGrR1ehV7g

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 4F8A 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 4F8A 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4F8A 0
0 97ms
48ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvTcOp6hzyZoCRhIiU--a32AYvztTWfC_2JlaMSXyxlRsd2xL8cCoJsOARAtpPt0xVyXui8-lsJCBDIY2z9FqcQ32T2w
Requested by: Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F8A 140 KB
44 KB 119ms
118ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 55A2 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 55A2 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utro.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 55A2 20 KB
9 KB 337ms
336ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4018142668032661&correlator=232827130186124&eid=31068457%2C31069837%2C31069683&output=ldjh&gdfp_req=1&vrg=2022092601&ptt=17&impl=fifs&iu_parts=176990977%2CUniform_rules_sites_2022%2CYtro_news_dt_2022%2CYtro_news_dt_300x400_dm2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x400&ifi=1&adks=1553764888&sfv=1-0-38&fsapi=false&cust_params=rate_eur%3Drate_eur_0_09&sc=1&cookie=ID%3D0c6d4ee9d3f6c9a5-2281a4be37ce0039%3AT%3D1664549144%3AS%3DALNI_MYrEjK0sR117Qo4xeuDhvTemjiAWQ&abxe=1&dt=1664549144731&lmt=1664549144&dlt=1664549144386&idt=335&adxs=1140&adys=1530&biw=1600&bih=1200&isw=300&ish=400&scr_x=0&scr_y=0&btvi=1&ucis=1votyvmuk7dj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Futro.ru%2F&ref=https%3A%2F%2Futro.ru%2F&top=https%3A%2F%2Futro.ru%2F&frm=23&vis=1&psz=300x400&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1210275934.1664549143&ga_sid=1664549144&ga_hid=1854603926&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8337cb3957638890d01c49832f1256a4ce45f61a79a41fbacaa31bd274ff7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9463
x-xss-protection: 0
google-lineitem-id: 5883484290
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378263566
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://utro.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55A2 14 KB
11 KB 22ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176bde02f666f3f8bb9281f1ff2e92f86f95af0b71986426b27ab9ab65251d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11137
x-xss-protection: 0

GET
H2 200 container.html Show response
b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91D2 6 KB
3 KB 94ms
15ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 stat Show response
relap.io/api/v7/ Frame 3EAF 2 B
745 B 63ms
60ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.98c174215dfd7e8c9df9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie: rlprp=p2XfIg:CPFb8g
Referer
X-Relap-UUID: 72cb5aef-168f-434d-878b-48da5d71eabe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-max-age: 1728000
access-control-allow-origin: https://utro.ru
access-control-expose-headers: X-Relap-Cookie
x-relap-cookie: rlprp=p2XfIg:CPFb8g
x-server: back26
access-control-allow-credentials: true
cache-control: max-age=1, no-cache
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

OPTIONS
H2 200 stat
relap.io/api/v7/ Frame 0
0 60ms
60ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-uuid
Access-Control-Request-Method: POST
Origin: https://utro.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: https://utro.ru
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 30 Sep 2022 14:45:44 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back15
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 190E 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F796 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CF83 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLjKLGAE3Y8HEGoj23gOk6YyoDsme0rFczYbj1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoErgJP0NKQf_Fr3op8qVO7_9f0Yn1suYkSHHrv8aYiL1aJ2lSKNEEE29nNVqxOmFmrxshXdibAsXQjwvIoXV9WpDoS2iN7S78DZg4U0rtItoG4f8H42cHtCV-5MQtcxZpyYJmf4PQnwPEVHi1ShFnnTTy0i0k5xtjJYpOqeKitZovQw1Z6_fHF7lM2tXRD4ZOJ-ntD8Vlm_KTqqiEb6mSz-rVTGSI8P4M-fWP7HUnYeq-jNETu-e3hOvnQeqf87zhefwOFP-uc3GfRMgzb1HkJHtw7tUwcKWzxqtbLfVrhUtK1ksereys--CeSpwPQnZtUBVGb9YR4u-Kh3Eo7ZK3YRaFoRU2dj4RdkSXiq9ybJZuschkxmbfZdsN06_hXbPnDY35b41JInwQyt1fYFZnrVOAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI4NjE0NjQyMDAzMzg4MDgY2cgc&sigh=DDoWAS4u0UM&uach_m=[UACH]&cid=CAQSPgCsnQUxGUCi2KvwVDP7dPnOgSop2qjMYwI-oyFWXm56H83_hRTE1snaMkX_LF2jytvhDXMSgnsWTXE1Z4fSGAEgEw
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CF83 0
0 58ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5ROgH-gGdg2ICAgAAAJGZqDDQq1_qIK7xB96NXYsQFwE3Yy8jk_QN9jmYCuFeABIAAA&wp=YzcBGAAGokEKd7sIAAM0pDaeOLT-czWcSn5vZA

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 271283
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 8D42 179 KB
55 KB 234ms
157ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGokEKd7sIAAM0pDaeOLT-czWcSn5vZA&u=%7ClaXLEDWAoCkSIMiw4qTHLUnndtZZDw%2BlJ74pXm0tTUA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbHGW0Fvz7D0eKh2C8prNv9_7_J7xIwkw3fAzqN_dCEBTBuoITTQStoeSfsGzwwLnZcfBQu5RkPMclrm_CrGNZdRlD2Lmzmz9_GSNm7awyoIiMKwtUu5I2WKIIyT4-sVlcw9MF8fj3LMJs2lFPaBoHmRsvI0lNLw-svnzQvVNLOiRij3bQkeZsCV6N8ZyowtQHWGCYzPbFrNiOMruthrxDn6NtGKthEV00ezLvjHNONPcymYUJvDF7OJQwLhNC6IFXKh6gCd_yQionEOy9fmTaqe-D6HYv4Y7Zb-qiQVxwxUji8xSZjy9PAudvpatXiKGuwSDr-ybJNZvd1D14CNu83eI2LWKxnmrOQBjDwirVzua4YzzjWl4igmTqZlHvU-vR6eaWt0J2Srdl1Y9pnSRzEwZTlp5KLGAxe6YzoICJ9B3ltFcO8aDOFyNocJ0qCHbiyCsOG8JJV_74RpHgnDvbW1EgF06-WNOraBpJTxjsOHePVRAd-LHnbHAFvzT7PqONzbBsMWBGcUgH4FxMDDJ_EK7P6G8tzPMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtzYlGAE3Y8HEGoj23gOk6YyoDsme0rFczYbj1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEsQJP0NKQf_Fr3op8qVO7_9f0Yn1suYkSHHrv8aYiL1aJ2lSKNEEE29nNVqxOmFmrxshXdibAsXQjwvIoXV9WpDoS2iN7S78DZg4U0rtItoG4f8H42cHtCV-5MQtcxZpyYJmf4PQnwPEVHi1ShFnnTTy0i0k5xtjJYpOqeKitZovQw1Z6_fHF7lM2tXRD4ZOJ-ntD8Vlm_KTqqiEb6mSz-rVTGSI8P4M-fWP7HUnYeq-jNETu-e3hOvnQeqf87zhefwOFP-uc3GfRMgzb1HkJHtw7tUwcKWzxqtbLfVrhUtK1ksereys--CeSpwPQnZtUBVGb9YR4u-Kh3Eo7ZK3YRaFoRU2dj4RdkSWgqf0JohQwYaatjRQJS2WM4uxd2vPte_zvK2_ubbssm09dvx346ytqLOAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33oLhQSGe7i_GQU3J8kB77G9T91w%26client%3Dca-pub-2861464200338808%26adurl%3D

Requested by

Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f1bc15effb89761955df18dcdd13d0e00a8d1686944a5ca47473e16c81ab189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=L1aXbVPKgDnxJZCBwAm4jqSBu88oyqpv6HX9Zb5jMIzQQV48yDkPob1ccATprINC-hCUsQXYXxX1c2mXFOxeu9DyI57jR1W8YY-HemLXfjVBNqrp9UGY5imkdgrL8lakZNpPQ5vo4rus3vQ3fbSFoTAKncXBt30sAD7lbj16Ekhe9YwC3p_sSuqRy5aFGb7rrHHDiDdpm2k5deVPJKKwYFi1FR9F4oEH9_NJz39tZhHijWBvOkfr_J_fCh0"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 116500653
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CF83 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame CF83 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CF83 0
0 49ms
48ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQyrcyxUUE8obIVyhynyFKVJ4yJDk7dCN-jfSNnGz1gsViKQJga8gfwGQbxw8ySFl8kp3FdgkqdIxP6tMOwyIw5nhxEA
Requested by: Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CF83 22 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 11:14:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF83 140 KB
44 KB 147ms
146ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EAE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcDjO9NFlSv2UF5kKZdkhY&google_cver=1

43 B
847 B

26ms
26ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcDjO9NFlSv2UF5kKZdkhY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYyeGn1AEwAQ&v=APEucNV6MkjcEyp4SUqf6JayR6SQBuQzHwSeXb8CYkccKLa2BqhT3oupFk2YIGDxJfwTtYKMS5nkbMkM4LZT-OOx8dRciivDA9foZmtQGCg_W1vob8vYjSACwvF6mvLOIsx-0eCyyeUVS-FUv8u6l91BSlLn9TuhVHZTrOv8dvgc7rD_ShP_qmA
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FMZCud3TEQzwYJd89%2F0cImBlA%2F5bWQv8BxmoVWOl%2BjwD4AyfR26btZ%2FbGrVLD5FyIrf40aMK32IgnTuoXYG7cy7Hz1fe8xP279q61JpOKeEvt%2B7XCqt0cV5jSvIj%2FV4PbYiYIA7kgraJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752dbe7c1f2d691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJcDjO9NFlSv2UF5kKZdkhY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EAE5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzcBGM6U0yihWtXkIrlWbAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1P2Qo1NVyFzPvWZn-Rvmg&google_cver=1

43 B
848 B

38ms
38ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1P2Qo1NVyFzPvWZn-Rvmg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYyeGn1AEwAQ&v=APEucNV6MkjcEyp4SUqf6JayR6SQBuQzHwSeXb8CYkccKLa2BqhT3oupFk2YIGDxJfwTtYKMS5nkbMkM4LZT-OOx8dRciivDA9foZmtQGCg_W1vob8vYjSACwvF6mvLOIsx-0eCyyeUVS-FUv8u6l91BSlLn9TuhVHZTrOv8dvgc7rD_ShP_qmA
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jthvsb3N8oK%2B8b648hb51GrX7JLWQ3LvXZU%2BNbUMdShPTBlhKe5yPFaNfhLa08KzD76fVSCt3rTJ%2BDzhzOmTQ51K%2FiWSdLO89J353JKGwOdiiwq1yOc158RT9M603ihVn%2F%2F%2FHPRnoVJw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752dbe7d3935691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1P2Qo1NVyFzPvWZn-Rvmg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EAE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOiG_3GLRImnDMBQtgYcr_g&google_cver=1

43 B
1010 B

8ms
7ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOiG_3GLRImnDMBQtgYcr_g&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLnBuAEQhp3m6AIYyeGn1AEwAQ&v=APEucNV6MkjcEyp4SUqf6JayR6SQBuQzHwSeXb8CYkccKLa2BqhT3oupFk2YIGDxJfwTtYKMS5nkbMkM4LZT-OOx8dRciivDA9foZmtQGCg_W1vob8vYjSACwvF6mvLOIsx-0eCyyeUVS-FUv8u6l91BSlLn9TuhVHZTrOv8dvgc7rD_ShP_qmA

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:44 GMT
AN-X-Request-Uuid: 763d053f-8a1b-424c-8bae-94f8b7be7cc6
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOiG_3GLRImnDMBQtgYcr_g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAE5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

170 B
188 B

98ms
50ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:44 GMT
AN-X-Request-Uuid: b1c0deb6-b672-4aad-8011-d70900af936a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7C7A 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_zhzGAE3Y6SJFf2RjuwP5cWYiA_JntKxXNWdkfdwwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEqgJP0Kn4A89nuUYg4aVlUcgXTeQ3yd3todvm7VURgzQQdZ3FHIr_YnQDvE4feQ2mv2Eaa9Fgdqjjr9ZwoUTjNZ55Z_sE-IWLCqapgK_No_CV_7flwSr77fsxduB7xssN4zDUzhU73PILCcvXpVM4sXvJZJrvLHEPzuiQe4JJqevUr9DVuKrzkqlLMCTnZdG4hk1CYgKM1diw_dm93zclzLOaKu5dpAa54kOSGv0bUNpb0aw8MGKDPx5rNApT37thElvT27XJ1RPApBqOnx5cs884poDScMS0hUgcEYD2KOEBTeseh20hDATJ2P2F_x2rR01q98NH4HDK-Uy5lJRIDFBV49f7kAcHzhln2ol1GUuDF93sFoSZMpMYH5JMUmg3AVLkTtZSntBZ4u914AQBgAabztbYl8fLrVegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODYxNDY0MjAwMzM4ODA4GNnIHA&sigh=BUDcLDiHe7M&uach_m=[UACH]&cid=CAQSPgCsnQUxpE0yGUBZNewRapveCZkp0TMAoH6D7F9zh3ocVy_5eMES8PgHmxkP3hQIAc0znVsAfIJ9cYwhDsupGAEgEw
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 7C7A 0
0 114ms
82ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k52jDo-lBKwC2ASdg2ICAgAAAJGZqDDQq1_qIK7xB96NXYsQGAE3Y_ZzxdZgBWF4R71xABIAAA&wp=YzcBGAAFRKQHg4j9AAYi5dKXnesb7QVwubQPRg

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 257872
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2EBC 211 KB
55 KB 239ms
174ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAFRKQHg4j9AAYi5dKXnesb7QVwubQPRg&u=%7ClaXLEDWAoClfI2DbA8TVV0pC3wyNC5M5jvnbVQIKZ18%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIuRypMidWM1e4UzvK675BiXOGW4noSDWkPUm7ewNuNFMJfeE_y9G1flJ8YmfaziaHKUpwTOOaWfNSkKlAAlRue2MypJAii1y6Y_iBvVWr0Gx2MnubO_UsfXdpoTQA7P3VmKGmvPy_XrJJtROpKd6Ymbrhq69QR1apUH6VCmdn0yeVdz4QRfVo7wFRn_4XzFyMhMzYUeGojhBPHD5yWjqnCQbve8kYNbMQHyqGqz3wWWqY7TOa1LsKAfs8QdpbIfJ66S7aQUv3WyUoorihMFuwya3bQ0-lqv2HzGJAmOEkOOhN_7kifAS5yRvA7JtVwSOw1kKQQWXxwzDa-99Tqxu6kzs4xFw-msBvMsWRL7k7QChKDf1WDaBIFzd-l8xGja_j7NwBpqMSxL6lFmqQmFlhGlBfT_x1lLZ5_J03G6QjtPge1ZruKG8K5ZUJDzmrQHdRDHgW0eU8GFtdqPMv013eiPEU-Y-Hkyerjeou73F2w4XsU-QTPEhNsF9qGHVykmnXr63qh0sfUikz6u_AezPueKy5PJFJWm-0w-v8mpQyTkQqQF6CvSCBgv2APXe7anbB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-jRYGAE3Y6SJFf2RjuwP5cWYiA_JntKxXNWdkfdwwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoErQJP0Kn4A89nuUYg4aVlUcgXTeQ3yd3todvm7VURgzQQdZ3FHIr_YnQDvE4feQ2mv2Eaa9Fgdqjjr9ZwoUTjNZ55Z_sE-IWLCqapgK_No_CV_7flwSr77fsxduB7xssN4zDUzhU73PILCcvXpVM4sXvJZJrvLHEPzuiQe4JJqevUr9DVuKrzkqlLMCTnZdG4hk1CYgKM1diw_dm93zclzLOaKu5dpAa54kOSGv0bUNpb0aw8MGKDPx5rNApT37thElvT27XJ1RPApBqOnx5cs884poDScMS0hUgcEYD2KOEBTeseh20hDATJ2P2F_x2rR01q98NH4HDK-Uy5lJRIDFBV49f7kEUF74vgVRVmpteXtA3RsHyQJpmuFbxU0Nz_PPQW8ch-hlXzZvzKJ2Uz4AQBgAabztbYl8fLrVegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y46PI1hE5FiHt7ridyMub-b_oiw%26client%3Dca-pub-2861464200338808%26adurl%3D

Requested by

Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c78831ed358a59b734f7949681849692ba2ddf205b0236681e44173082f7ae8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AdolxFPKgDnxJZCB5qwjT4J6Glm8moXcIDLLwoXAY72M0f5qHbFwkTDozNzDt3Vq3Kd9EYXY9s_AEEuzKITJd5t44hzL15O0C9mYJvc1sfkfgp_V7q4KnQAt5kVVAz4KVrSmiif9SuM4NIDr67a6CTcHwz4Eoty_1O0vJeWlkfu8nqxGhx94u_cnpnUt8nfLhPYyKs4QnHalqkCDo6q_Kli9vqhzTU9w2LQyVDuw6jMmSGUreNSCdG02LQw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 132288583
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7C7A 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7C7A 17 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7C7A 0
0 49ms
47ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYSihIAv36QvhI3O9XFxr5r8d7Az15Tf4JzUZw3yNTSXhejWEWjWFXZLHp5EYhS8nTkvIPC9bhOlk4yz_JvxBEOkM4Dg
Requested by: Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7C7A 22 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 11:14:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C7A 140 KB
44 KB 141ms
140ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
URL: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 container.html Show response
305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63B7 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 82ms
82ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=06934ef9fe7b101a&pm=bmu&pxo=1A2kyxBnhhKIZae8FCynMJ5NEAIhqtVc257i8j4CKXnYrT19tMkzBHPn7VoDhRyctOkaPQ5zGko7ldowKzSuKGDw02gjQXPxThmycMnfm3GirQCtWW0ja9whgIfn5W6nddfyPvuXRHwveliaPmiyp-btlRT08xk8fD4nk_z-G_Ei0mQ%3D&p5=gfgmb&rand=fpblrhd&sj=uQHqlcu9K-N_LlVNyb-G9VNXkdaabxym6Pa7ZsOuZKiAVFvW9c_TSDlIwsm_rA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjid&rqs=F5k30HHhBH8XATdjCNIDRXadIQsO2WYW&rtb-si=b&p2=gatl&resp-time=803

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EE1 36 KB
16 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0217 36 KB
16 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame D643 36 KB
16 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 93D2 0
0 42ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092701&jk=855455490258528&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7AAB 0
0 44ms
42ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=2885599302262370&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D890 0
0 45ms
42ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=1353651628256477&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14F2 0
0 45ms
42ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4366274836163851&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55A2 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4F8A 170 KB
59 KB 172ms
23ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
Origin: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Oct 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 4F8A 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUQGEO_M1NbwlrUGglMwsmhIeQ7U5pYgCyKsk-pne9VvTZUNMhOqAu2-i4HQ-K62exxN-szqLV8losYppKahp8AOQCll87K4D8OE5vevrE7HQ-C8fXiOjmEyV78HX-Pj_6kEwDF38r0z7lWWoRxh-Mfen5IguZn5EiUiMy9R0ms3KAFtg&dbm_d=AKAmf-BeGMeKfSXCSgfzyJrAVxSUveZG-mRbLya6kVYC5FFi0PGh347fNbz9_6-MyABBJ09baSSOo2w9EpvbVUrChU12OTGWv7JPBOrGmbcY2C8rtuaJyzJaFhlgl3PxsfJ_v7Fd6Hq6OrrPz79MVKMZP65_0yfWV8HXrDRo_ItgsvvM7gpA_E86gRKHafTsnnYHx3iLP0bn9rf5OVm80-rdinES98X3kvbODKUKhfIFuCS_D2HWzrXO95G-KZlCMVnyANUS_W7ksC6NBoB06WH68Qh4CgkpK31AZ_M19_w2gtqYLa7B8FgfFbNotQGugjAmZvgtF3cleHtoxGONAnC6WPB86RyLoDtpdxN5MSObvEnCQIboH4D9OaCeeoac_mIM03waXlFYMiDdXvebt5pDoIdV4AXWA1nNWdX2XOxybBv8ClegIt0RofputMvwOpz8Nh-b6YJoVe_tIfhd-cnJ0v0Bezk6uv_nmyXUAcZRoVX8GSp-t6eoc4POdYBHkvBTOQhphAdREwBwzBaqO2KNW6EYjHWp_gmGjWWaRwmTBTsh7ka7dy3qpeyJqUGMBsoiXpj-fp7g3CMgr0VMX_JS7rp9OdtQQT-ao0VNzx2hOG8_tNZUGjWpyIDRa4hMh6WGx7ANcu399qw0-555SPiVi1mCNvSCgzKmCvSkcP0mnrv32Ee2oyxQfHZ3Cld97pbtvYVILIv4mVsO2R8blEexBmZWngsF00Y6Y-f21O6Blznq-NIyv5rrNL3bPMckviKjoCIX5laJWCGnFMvExiDG2xsmT6tQRxVFSsI7tVm-nQgXcHmQDMcdlvZYZxQYt9zM2thp-Ssyg1xrkIQ8vgPoZCjKDn0b2y7pTSkSxgfqiePa2pDk-s3H-tK7Sma1P5UT-mTvFoznCSe-GKB-dUcyh_wNKtXNbg4cBnAZsqkiW8rxV9u-0EI7hGu64WG7U_sFPGjmxnxc3g308sFSqcGTvz24-vLZrXVLYU2ZPRyQ-UEuZr0izDagFWavnU1LBDUZPpDRtbgkbXBTBJdwdZNPdDw5p3VwUEIsbR2odz7wM1zJ2JPC8PoLIPmuvuX_jZH3WC5gw36cPcf0Hh7bRqSLEnqxYTt8vyOqCLn6lMch51lThhyt2K6R_aMqjxVYaP-sHGaWCiKXNJnRa8fw0-OQrTRF44KjY7_1EPUWX7pON4h5ihKbfFcf2SPzQfc8o9Gu194WuKeHbI8Q49viBD4mi9g6Z8LzzJb6pwnOupYbag3a9hLSfxKKJrNU0xn-m3aoCBzzi7KnMhH2pm9wDNzI9Y7qLryHMn2XAd7SpylBs_7tD7pFR-_Z5FY4HwMgG-E8fPVO8nIb_YiBYbtQL_rMR2llFFB7S_Qlh7_tleLDkSrNcUn4807yv2cnW7ZqbSBb6jENr7XZN_B4vFlWS3VMvtftwgsp98jd3azUs3AiP2GBEILftw5E20a1I8B_Vf50AdY0-BncsPlg7z7j-zAoM3mgDj56r8jr3ngzSAeoyLESUYoKz_Ns1g_-sPCmSoJy1vLmAH5Zxspt5zFqDcXAfl_KbbxmCofxONOXSjbuAoDIePGtTF4xjzDzfCpeA5blmItbj8qC_IIBFuS7hxhlOLpFnV77eTtgcP1PJ8flGBD_eyibV-hBIS5xpwLKqpR_6fWqU1GFyshpT434-3enm5tlxONT0RWVq5i85JMw81BOzA5w4Kzov6akJltLQSNTWnofabsWTfLeEeyVRW7iF9EXgL-V1m5JUMmvhxfyRR8BS2EqVYmaBXv3374g8PdT0f-3mKeQtD-IgIXm04j1tOovwoWNal0rUeAgNkO1SC-my7WfeRR8dZQYapGjVPDzpKURr7qWl0d651I2Mb-G7TnDsdL6IlptfYUVBlVmLmUvXe380fEvh5RbWKeqd_rp6IixTPST5rvGdC8PG3c0ROF4ygRqlXRV8m--K9sGCsjfy-Iv4Bu_oU6CUxPN4TqY7DuK_vCUJ_fGY36Kfdz99n6_G-Q2fjGQ5pzGR6OJnA-j68htREXpQWg9fc1vVxI7uOghf6oe1NN991kRo5OjOWNVyw2gBLvLpoE4DgqgcGSphmtuJcFHFdcWZrtkrXTG20vtlgiMuyCcygGj6AWiwXVhu4nWHgz2Ua_oW4wyH-emK33VfBR3bKOyJmKOmEzZul32_pNyVAOOtQmtTDfm_y9Zu1KdHS2lGtXn0HeTHqrMKW7kYaYgQukoLWAHnduuS4xuLw-Dcx0l38e_ULXVq7wn2r24dKnU7NrWwWCnALPICf85_Mum2JnjfBCXg4s2aEW0x5OPPEeG2ppVqmIfdqraTeDrG9Mp-LKOn9eauM7BP_263L8alvkr8HG9RvrMWtgUHY-CAr4rl_v_q-4j7HOH044Rysx3SXdk3eE4fWLszc-Dnhn0Q2BZegRYs6Ybf2sckS9aiBZ_BvzX4_6gXN6az9rMB3SJ1DXFVf3biSEudxdoNnS0u3Qa3VkNRnfGKX8AztYG_SOZacKshU-Xc9Ar-Sh1l4ByUDMrG4i_vkAo5bCeBDiVkE0qRNdo_lSK8bmHIpwL4fwldIYGWP_GaggJAUUA_eOXAldGLDcCgIn_kM95k_czCmHAd_Nb2EMrX7JvxlZ04yhdRtQM0ESYkzhK9D4jXod3PDTWDMqbDqtuc8wniSjyEMO57GFs85FBPCzyyto7WTCEt2M3OS-_cNJi-PGM83vk0UcGI4QdC4qgO5REb54kIz5w8xHQ-wBFWyN4Ou1Y69IlSDnUIFZuOg7wE_t8LIRu9mNe7cAAB5BIFVFJflORHKDat0ttFt3j38JsvB4QSaJvwCEiNr2SXBjqizLg3RPLvscSTvtQqjQDrUrpBHsOpWzCT_LMyUqSVg5af6sbCbieSmyuE-hxSqh2h7GN2d-6-mMgx9sqMDZ2UXdIGSSU0M1aGi41G-1UbTpZ7PJyyUZ8A2l-Y6HWVRwHuyY_c89x7OwMsXC6qFSKAhCEeMx6Eat-CjI1x-4O_meboWsx4ocuE--v9-4JPSxEndCsJ1eU0BRbIDvmnJpZ226ku3OCcKFFhV4xPgeree3m6d_B04v3vc8RKCcPp4VrzsESrp2ocn4MQJc5PNoiJn2RzTt57QIATFvpLw6QZUOnVdB0O7YY6kBkWNNbyOkPr6WIDhQhKVYFkQgu7t_zDh-7TzxM3b9eEFdiQdOHe3jJYrZB4RHc9aW-6DVSY2kLoKpd4KlxvB5_29ElCf_EmZlDgVtnHf1TSi6yXi6Y25jYe8CEZ1i6zbyYOy2UwFdAthXcs48akXTbATq1guPTUXjIqLezffyJOdZnIBnivWtuo923hmtDqzNsPfgdHYXj_uShoN6mpAgUJxzikVsnKzD9-5hQoVerVPqSKAEYA0UYvp6n50tkdIn1O4VeGauskK0DPM3zM9nzKCIw_fRwyqu6WTm7bG_EOth1oHDpwinraewitUlbVwZC0SfsRlAbzq-TrG6sG3K4VjZek94ONp2zTprr_v9WXEWyRjR2BNe-DvP-E2NcJG9C92ho_IoHIwAaeSvISr69sS7P0G0ApW3tgveTrub3DDRRNBjQvTaXRnnWbXcjQuXAK546ws0zcANTJvxt9lU9ixB78wfP5WcgQU83qxpZ1tNj8nS8XJQshoKJ&cid=CAASKORorykIZTZKGdhGkpM9ZYvmENBuzMVsjQp7s3dutNkvdCeclflzdKg&rfl=2%2Chttps%253A%252F%252Futro.ru%242%2Chttps%253A%252F%252Futro.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:39:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 4F8A 30 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:40:50 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 63B7 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cta_OGAE3Y-6EGMqL3gPuq5HIC8me0rFc1Z2R93DAjbcBEAEgAGCV-ouCmAeCARdjYS1wdWItMjg2MTQ2NDIwMDMzODgwOKAB1bbS6gPIAQmpAkHEJNzLf7A-4AIAqAMBqgSrAk_QAQl3way3xOFQv2YXIBRB4A6kgdWBs-6hU1hvBzAVh8qnzi_Eeo7MyQ46uDJmeI7I3A-Qv3UkYRfybapBA5uX7-btiG_50C0JffjK8H676WuWDihI8Mr1ASTYaNKYfTISBV1YqrxrseTkacrY2GeIPmUwt3fd2mHbQJIf7MmNrAhppbVEISTY7dmQPJ50BMhX1YdlRycYOGuYcQa_suILqHUWa6srPvAplbWLxwqkDePHU7qy20Rrfm8o1lSLbUdoF2-KJw60iirUTjy4XHQa9pQ0yfr-BwiK2di7JYzbzTR1LRtuwgOiPnIa_iKMmBulRYg2DCsS6pFC217SdCrjLUyR0q_aAFW7vdRBFBUrWViWIqrViyX3MQHhaTH3HORcbfPgKd0FbGmc4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjg2MTQ2NDIwMDMzODgwOBjZyBw&sigh=L2m10NCe8SM&uach_m=[UACH]&cid=CAQSPwCsnQUxFl_priy0AiTAf4vT2jLcW5iTzDuNB3z2e9NSHGuAqSm4oIQMifkytS8tKcY1n4Hl0DMIc4n-9AtDaxgBIBM
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 63B7 0
0 17ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFIzVC_ABkAOdg2ICAgAAAJGZqDDQq1_qIK7xB96NXYsQGAE3YzR3KlFeCsJg4Hw-ABIAAA&wp=YzcBGAAGAm4Kd4XKAARV7hEHXF54f4V2MajWHw

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 158747
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 07FE 167 KB
50 KB 111ms
108ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGAm4Kd4XKAARV7hEHXF54f4V2MajWHw&u=%7ClaXLEDWAoClYalyVDqEKmnDiCrWLBipNsE%2BTSlUZl7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WvNmdxDN44eLi0PpJ3dzc63l-Gcnzkaq2xEBIM6_yDqSjYxB_Pvxne8VU0KOz2chVyGJjF3A6buRxfwI_fImnV1f_BHK_FpWdaQumvbzo0cBiPO2fqO5BKfvFBB_Ctn4S2s9NRPE3OvFH96dRwkXmhMYceJdhkZTQJi-Dt2GJmRZU1wWXiLo3NWAtDHcjKZNsgMOa2pHMmocYQCbaMuUUg9k-5fB8PhmDWKzY68ftkOpxn79e05Gdaev4PG7jhIf73H0MmlcNLvMo9tj1rDYsy1TCCmcCFvJETx81KM6HQ9iMZCGhgzFdRFqVlkuyouv9dAYe3zjGFYoV_ngaYeQdnB4xDPtFdCFJWT5l57nRua7g8fomgnyNuKbuNgjsIxcDEh76Jqm9OCyAAovZvJZvQLvbXUICFqTUmQf2WAudCezoHQ1nQCHF5iT7k86Av1vblzdco-AWJ1usm4A9OlsQN3-bwgbuGZvPH5AFjAgXF-a38l2Yygdh_45d18nLZQ9gsYDjoRZjxyMb6OG7ZnBihngv9sQ358qozXtWmyr1wLA23CjyikNTRiHmTepvaEAUUOt7Iq3uUYRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT5MwGAE3Y-6EGMqL3gPuq5HIC8me0rFc1Z2R93DAjbcBEAEgAGCV-ouCmAeCARdjYS1wdWItMjg2MTQ2NDIwMDMzODgwOKAB1bbS6gPIAQmpAkHEJNzLf7A-4AIAqAMBqgSuAk_QAQl3way3xOFQv2YXIBRB4A6kgdWBs-6hU1hvBzAVh8qnzi_Eeo7MyQ46uDJmeI7I3A-Qv3UkYRfybapBA5uX7-btiG_50C0JffjK8H676WuWDihI8Mr1ASTYaNKYfTISBV1YqrxrseTkacrY2GeIPmUwt3fd2mHbQJIf7MmNrAhppbVEISTY7dmQPJ50BMhX1YdlRycYOGuYcQa_suILqHUWa6srPvAplbWLxwqkDePHU7qy20Rrfm8o1lSLbUdoF2-KJw60iirUTjy4XHQa9pQ0yfr-BwiK2di7JYzbzTR1LRtuwgOiPnIa_iKMmBulRYg2DCsS6pFC217SdCrjLUyR0u3YIcc8MkhSq4k_-oirhFLcny9BOy_564U_IUKu0u3MMViv6HojBS4b4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2t7hCfTiYhG7Oz0MvozEaDs57beA%26client%3Dca-pub-2861464200338808%26adurl%3D

Requested by

Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2001cccc51bff71df4be675d0021987dd7d2e8dde052676c8816299485d2b9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=12LYPFPKgDnxJZCBRqoKq24Gg-aUIw2swQWJpgTmFUw19vg_ij1WHLRKU6wzTphanwad5IyTit8ISuQLb_nmd5UaDGZBNAOh9Qqv2Fb84hs0EqHhP1cvW4n-crCiLtA4xjEuJT-WuDQk307tm4NgfSrCYIn6f0ZNg1KzJcuw7pK5l3hi3xab28btm0vbpZHQImKyDMbRPB1DoBdeXeWciLLpdPPcO-LwHf8BtEguL8Zso6RD1UzO9-rb6iFNc9xD6mEV3Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 88329405
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 63B7 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 63B7 17 KB
7 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 63B7 0
0 49ms
47ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhOBGKemKckQk9zebPxRKz-6SzjBb6MTxf1gdPAm8Vt9KcYJYGHVlGs8SMbN5-U1lhcNvSpDh_ozW22gxWczjpAfmgTA
Requested by: Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 63B7 22 KB
7 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 11:14:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63B7 140 KB
44 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
URL: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:44 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B7C 36 KB
16 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C9DC 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01B1 783 B
535 B 55ms
49ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc8e2fc23137b2acebac963a0b4d2ce022066c55335e292cdc7bbbabb4fff9db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kWL9b8XqjsO6o8ht6c7iFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kWL9b8XqjsO6o8ht6c7iFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A42 13 KB
5 KB 12ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BE0 783 B
535 B 66ms
62ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35e4d9158070db2da5cb8344c5e08062ada4fd8ff180f4365df41da520109a5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1eXK1F52akAerbL5Co8SZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1eXK1F52akAerbL5Co8SZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Fri, 30 Sep 2022 14:45:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 418A 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 81ms
81ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmu&hash=f556fb2e497b5988&duid=1664549144290028393&pxo=wGv6s1RenjSII4nbx3DPhPBRar4aERCl82T6WaiGQX1BRh9zLn-91JG5fPw6BCQhGUimZnbnaqZUcUGXJxzMeZsgod4XFQAvihMA6ICbBUwEGMNlxzkSfefxWYtULlx3yjtzdF5vC5d61nb0WQSnZUBwNM3Kr1ai0yRhGzWRx-N0Zg%3D%3D&p5=gfglz&rand=drsdeqm&sj=K2UWbGvrwF7NB0AMPTVVAsDSpcxfMVM8TUsSd_nnRyso1RWR1MjzO0LD_9ZPhQ%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjih&rqs=FymN4zJv5WAXATdjwRRYiYi-fYqtCFCQ&rtb-si=b&p2=gatp&resp-time=692

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
DATA 200
OK truncated
/ Frame 7C7A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19299445b63c280051c6677eabb013cbd94dc198fdd427c540eda90518a8ec98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF83 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4bb65f619f09b9d4f0c9e25826f10eb47e9445eec8da10825c6d5f656b747a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4D7 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 12:50:52 GMT
expires: Sat, 30 Sep 2023 12:50:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5173 783 B
535 B 50ms
49ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d849690fe5bfb4638b1dea171184cfa3adae1a051ad6fff555acc2a63042be4f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tx3WeoOtK2Kp64Kasx0j1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Tx3WeoOtK2Kp64Kasx0j1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:45 GMT
expires: Fri, 30 Sep 2022 14:45:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E23 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:44 GMT
expires: Sat, 30 Sep 2023 14:45:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 88ms
87ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmu&hash=30cb906bb60bf542&duid=1664549144290028393&pxo=dxQr6PvF5m8nlXikJ8LlGtk3gS7Kdb88J69DaCQxKZSQs1CKWHXE6H-YZxXnCqHpQC7tRcMv3az6UqyDes3z8xubMlANNgik27Ghmiq_ofZjJkYrIx4e8lTcQaxC8v8Vnwhppn-gJTfGumA8UOLKNEVgExoCHAfZNDtCve4Iv24iFOs%3D&p5=gfgly&rand=jvbxfxf&sj=eX7xj4Bwznur_5OvHy7zjXWVM2IJByPzqO1jkHxGoqcrADQ-imHFGG1YUHrGTg%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjig&rqs=FymN4zJv5WAXATdjcRhZPYNjguh1OGZH&rtb-si=b&p2=gatj&resp-time=765

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 07FE 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGAm4Kd4XKAARV7hEHXF54f4V2MajWHw&u=%7ClaXLEDWAoClYalyVDqEKmnDiCrWLBipNsE%2BTSlUZl7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WvNmdxDN44eLi0PpJ3dzc63l-Gcnzkaq2xEBIM6_yDqSjYxB_Pvxne8VU0KOz2chVyGJjF3A6buRxfwI_fImnV1f_BHK_FpWdaQumvbzo0cBiPO2fqO5BKfvFBB_Ctn4S2s9NRPE3OvFH96dRwkXmhMYceJdhkZTQJi-Dt2GJmRZU1wWXiLo3NWAtDHcjKZNsgMOa2pHMmocYQCbaMuUUg9k-5fB8PhmDWKzY68ftkOpxn79e05Gdaev4PG7jhIf73H0MmlcNLvMo9tj1rDYsy1TCCmcCFvJETx81KM6HQ9iMZCGhgzFdRFqVlkuyouv9dAYe3zjGFYoV_ngaYeQdnB4xDPtFdCFJWT5l57nRua7g8fomgnyNuKbuNgjsIxcDEh76Jqm9OCyAAovZvJZvQLvbXUICFqTUmQf2WAudCezoHQ1nQCHF5iT7k86Av1vblzdco-AWJ1usm4A9OlsQN3-bwgbuGZvPH5AFjAgXF-a38l2Yygdh_45d18nLZQ9gsYDjoRZjxyMb6OG7ZnBihngv9sQ358qozXtWmyr1wLA23CjyikNTRiHmTepvaEAUUOt7Iq3uUYRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT5MwGAE3Y-6EGMqL3gPuq5HIC8me0rFc1Z2R93DAjbcBEAEgAGCV-ouCmAeCARdjYS1wdWItMjg2MTQ2NDIwMDMzODgwOKAB1bbS6gPIAQmpAkHEJNzLf7A-4AIAqAMBqgSuAk_QAQl3way3xOFQv2YXIBRB4A6kgdWBs-6hU1hvBzAVh8qnzi_Eeo7MyQ46uDJmeI7I3A-Qv3UkYRfybapBA5uX7-btiG_50C0JffjK8H676WuWDihI8Mr1ASTYaNKYfTISBV1YqrxrseTkacrY2GeIPmUwt3fd2mHbQJIf7MmNrAhppbVEISTY7dmQPJ50BMhX1YdlRycYOGuYcQa_suILqHUWa6srPvAplbWLxwqkDePHU7qy20Rrfm8o1lSLbUdoF2-KJw60iirUTjy4XHQa9pQ0yfr-BwiK2di7JYzbzTR1LRtuwgOiPnIa_iKMmBulRYg2DCsS6pFC217SdCrjLUyR0u3YIcc8MkhSq4k_-oirhFLcny9BOy_564U_IUKu0u3MMViv6HojBS4b4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2t7hCfTiYhG7Oz0MvozEaDs57beA%26client%3Dca-pub-2861464200338808%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 07FE 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 07FE 308 B
636 B 23ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 07FE 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 07FE 43 B
348 B 66ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HydqgBIf3grs1LHje7NVhMzPadm_ARneLdvB_zAvCEY7QB-URXruUl8IE3ZSnGHCIT-QqTpZRUCk1u7bpzSWaWdAKceXUbW2usQdFFHKxFpetJtvz8gum8j6AOqqaLbSMV-RYEZt05QrYpGOI6K8NUbbmruHplcizOG7bTKlFW_cLwWJxlxD05l8F6oe6kOi9Io_TurlRcsLFObg_Qc6BnRtBPhADBQ2W8_6NfH34VkOkrwrdyjSBLxYVRPzbw_Ih2UkOJIVSWL36wuJREgXhm-lYq8Jrm9qhJz6yAw6XZSs2AOyhNO1Qv6UhhRFtMoCLKEqDgnBXp0E_L0e8cK5uCzlbdJ9QyC58dScPqUbvqWpnVQ5qcHKiMtIouffzpesxwGYVjfjnPTWTt_vHVdFr1NoknCOo0i_2WiNSJIMNU4d68mWjy72RYIEpbCCnOR5kPnSnA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2881278
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 07FE 44 B
751 B 145ms
103ms Image
image/gif 2600:9000:214f:f800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664549144
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGAm4Kd4XKAARV7hEHXF54f4V2MajWHw&u=%7ClaXLEDWAoClYalyVDqEKmnDiCrWLBipNsE%2BTSlUZl7M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WvNmdxDN44eLi0PpJ3dzc63l-Gcnzkaq2xEBIM6_yDqSjYxB_Pvxne8VU0KOz2chVyGJjF3A6buRxfwI_fImnV1f_BHK_FpWdaQumvbzo0cBiPO2fqO5BKfvFBB_Ctn4S2s9NRPE3OvFH96dRwkXmhMYceJdhkZTQJi-Dt2GJmRZU1wWXiLo3NWAtDHcjKZNsgMOa2pHMmocYQCbaMuUUg9k-5fB8PhmDWKzY68ftkOpxn79e05Gdaev4PG7jhIf73H0MmlcNLvMo9tj1rDYsy1TCCmcCFvJETx81KM6HQ9iMZCGhgzFdRFqVlkuyouv9dAYe3zjGFYoV_ngaYeQdnB4xDPtFdCFJWT5l57nRua7g8fomgnyNuKbuNgjsIxcDEh76Jqm9OCyAAovZvJZvQLvbXUICFqTUmQf2WAudCezoHQ1nQCHF5iT7k86Av1vblzdco-AWJ1usm4A9OlsQN3-bwgbuGZvPH5AFjAgXF-a38l2Yygdh_45d18nLZQ9gsYDjoRZjxyMb6OG7ZnBihngv9sQ358qozXtWmyr1wLA23CjyikNTRiHmTepvaEAUUOt7Iq3uUYRQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCT5MwGAE3Y-6EGMqL3gPuq5HIC8me0rFc1Z2R93DAjbcBEAEgAGCV-ouCmAeCARdjYS1wdWItMjg2MTQ2NDIwMDMzODgwOKAB1bbS6gPIAQmpAkHEJNzLf7A-4AIAqAMBqgSuAk_QAQl3way3xOFQv2YXIBRB4A6kgdWBs-6hU1hvBzAVh8qnzi_Eeo7MyQ46uDJmeI7I3A-Qv3UkYRfybapBA5uX7-btiG_50C0JffjK8H676WuWDihI8Mr1ASTYaNKYfTISBV1YqrxrseTkacrY2GeIPmUwt3fd2mHbQJIf7MmNrAhppbVEISTY7dmQPJ50BMhX1YdlRycYOGuYcQa_suILqHUWa6srPvAplbWLxwqkDePHU7qy20Rrfm8o1lSLbUdoF2-KJw60iirUTjy4XHQa9pQ0yfr-BwiK2di7JYzbzTR1LRtuwgOiPnIa_iKMmBulRYg2DCsS6pFC217SdCrjLUyR0u3YIcc8MkhSq4k_-oirhFLcny9BOy_564U_IUKu0u3MMViv6HojBS4b4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEAiI4YAQEAEyA6qCAToCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2t7hCfTiYhG7Oz0MvozEaDs57beA%26client%3Dca-pub-2861464200338808%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: OD20G563K_AfnvWh44DWofB5f8JtHMox1zscJz19YnEDzANQOv6H8A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4F8A 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
URL: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
DATA 200
OK truncated
/ Frame 4F8A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d539670aae1ed0b7e7e2336d383c83246cde2af363e362ff92e3d9cf273fde7e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 8D42 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGokEKd7sIAAM0pDaeOLT-czWcSn5vZA&u=%7ClaXLEDWAoCkSIMiw4qTHLUnndtZZDw%2BlJ74pXm0tTUA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbHGW0Fvz7D0eKh2C8prNv9_7_J7xIwkw3fAzqN_dCEBTBuoITTQStoeSfsGzwwLnZcfBQu5RkPMclrm_CrGNZdRlD2Lmzmz9_GSNm7awyoIiMKwtUu5I2WKIIyT4-sVlcw9MF8fj3LMJs2lFPaBoHmRsvI0lNLw-svnzQvVNLOiRij3bQkeZsCV6N8ZyowtQHWGCYzPbFrNiOMruthrxDn6NtGKthEV00ezLvjHNONPcymYUJvDF7OJQwLhNC6IFXKh6gCd_yQionEOy9fmTaqe-D6HYv4Y7Zb-qiQVxwxUji8xSZjy9PAudvpatXiKGuwSDr-ybJNZvd1D14CNu83eI2LWKxnmrOQBjDwirVzua4YzzjWl4igmTqZlHvU-vR6eaWt0J2Srdl1Y9pnSRzEwZTlp5KLGAxe6YzoICJ9B3ltFcO8aDOFyNocJ0qCHbiyCsOG8JJV_74RpHgnDvbW1EgF06-WNOraBpJTxjsOHePVRAd-LHnbHAFvzT7PqONzbBsMWBGcUgH4FxMDDJ_EK7P6G8tzPMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtzYlGAE3Y8HEGoj23gOk6YyoDsme0rFczYbj1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEsQJP0NKQf_Fr3op8qVO7_9f0Yn1suYkSHHrv8aYiL1aJ2lSKNEEE29nNVqxOmFmrxshXdibAsXQjwvIoXV9WpDoS2iN7S78DZg4U0rtItoG4f8H42cHtCV-5MQtcxZpyYJmf4PQnwPEVHi1ShFnnTTy0i0k5xtjJYpOqeKitZovQw1Z6_fHF7lM2tXRD4ZOJ-ntD8Vlm_KTqqiEb6mSz-rVTGSI8P4M-fWP7HUnYeq-jNETu-e3hOvnQeqf87zhefwOFP-uc3GfRMgzb1HkJHtw7tUwcKWzxqtbLfVrhUtK1ksereys--CeSpwPQnZtUBVGb9YR4u-Kh3Eo7ZK3YRaFoRU2dj4RdkSWgqf0JohQwYaatjRQJS2WM4uxd2vPte_zvK2_ubbssm09dvx346ytqLOAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33oLhQSGe7i_GQU3J8kB77G9T91w%26client%3Dca-pub-2861464200338808%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8D42 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 8D42 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 8D42 293 B
621 B 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 8D42 43 B
347 B 20ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sl5zHwJ6N5xdH3oldp0yrA2cxHVln-7DonEIYQZPZHa_50NuJGose8iKfQnajY_QAS0ZGBkxaZOEkUqvXf0TeS4gNweVd0DG1o8U6zp7Qyum1Zl8dDQmgOp1TjzrmNFhTE21VuazkntW3PIiH989WUWmJG6PggPiCG1W6nthdWdVHsDtBgtCm7VCJbS3aLwR-tVW4g2kbhTRQvH193NLaS5wgiwlmbiVYCIJIGAheAeADB05Wp26ecNW61TH69Gt2EBUWwNCZqXgjcd_kcuYcDkeWS6Iuo1fFNrQo2SAv9EEacCzCtHLENmp0ItF8eoI4LmbbbHPAWn7CWwYc-zpZsLOzwhUjQoo1jaiYG0NPyO926fGGruBwIJTp11geeVI4RPU8y7pNuaQsDrHK_qhXcsAedEHTW-EsjW-fKUKgtK-0wV7x8Hr0tTT4NSb32PSDl2ZqA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4209191
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 8D42 44 B
753 B 102ms
102ms Image
image/gif 2600:9000:214f:f800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664549144
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAGokEKd7sIAAM0pDaeOLT-czWcSn5vZA&u=%7ClaXLEDWAoCkSIMiw4qTHLUnndtZZDw%2BlJ74pXm0tTUA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbHGW0Fvz7D0eKh2C8prNv9_7_J7xIwkw3fAzqN_dCEBTBuoITTQStoeSfsGzwwLnZcfBQu5RkPMclrm_CrGNZdRlD2Lmzmz9_GSNm7awyoIiMKwtUu5I2WKIIyT4-sVlcw9MF8fj3LMJs2lFPaBoHmRsvI0lNLw-svnzQvVNLOiRij3bQkeZsCV6N8ZyowtQHWGCYzPbFrNiOMruthrxDn6NtGKthEV00ezLvjHNONPcymYUJvDF7OJQwLhNC6IFXKh6gCd_yQionEOy9fmTaqe-D6HYv4Y7Zb-qiQVxwxUji8xSZjy9PAudvpatXiKGuwSDr-ybJNZvd1D14CNu83eI2LWKxnmrOQBjDwirVzua4YzzjWl4igmTqZlHvU-vR6eaWt0J2Srdl1Y9pnSRzEwZTlp5KLGAxe6YzoICJ9B3ltFcO8aDOFyNocJ0qCHbiyCsOG8JJV_74RpHgnDvbW1EgF06-WNOraBpJTxjsOHePVRAd-LHnbHAFvzT7PqONzbBsMWBGcUgH4FxMDDJ_EK7P6G8tzPMQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtzYlGAE3Y8HEGoj23gOk6YyoDsme0rFczYbj1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEsQJP0NKQf_Fr3op8qVO7_9f0Yn1suYkSHHrv8aYiL1aJ2lSKNEEE29nNVqxOmFmrxshXdibAsXQjwvIoXV9WpDoS2iN7S78DZg4U0rtItoG4f8H42cHtCV-5MQtcxZpyYJmf4PQnwPEVHi1ShFnnTTy0i0k5xtjJYpOqeKitZovQw1Z6_fHF7lM2tXRD4ZOJ-ntD8Vlm_KTqqiEb6mSz-rVTGSI8P4M-fWP7HUnYeq-jNETu-e3hOvnQeqf87zhefwOFP-uc3GfRMgzb1HkJHtw7tUwcKWzxqtbLfVrhUtK1ksereys--CeSpwPQnZtUBVGb9YR4u-Kh3Eo7ZK3YRaFoRU2dj4RdkSWgqf0JohQwYaatjRQJS2WM4uxd2vPte_zvK2_ubbssm09dvx346ytqLOAEAYAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_33oLhQSGe7i_GQU3J8kB77G9T91w%26client%3Dca-pub-2861464200338808%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: xnF1PHyTlvU4IiPg-v6M7vDt48COWdXoXyTvFSdtEhvkLRMZjYKxjw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2EBC 2 KB
1 KB 22ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAFRKQHg4j9AAYi5dKXnesb7QVwubQPRg&u=%7ClaXLEDWAoClfI2DbA8TVV0pC3wyNC5M5jvnbVQIKZ18%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLGGpugmDfhrYDe7l1vqZ7ZIuRypMidWM1e4UzvK675BiXOGW4noSDWkPUm7ewNuNFMJfeE_y9G1flJ8YmfaziaHKUpwTOOaWfNSkKlAAlRue2MypJAii1y6Y_iBvVWr0Gx2MnubO_UsfXdpoTQA7P3VmKGmvPy_XrJJtROpKd6Ymbrhq69QR1apUH6VCmdn0yeVdz4QRfVo7wFRn_4XzFyMhMzYUeGojhBPHD5yWjqnCQbve8kYNbMQHyqGqz3wWWqY7TOa1LsKAfs8QdpbIfJ66S7aQUv3WyUoorihMFuwya3bQ0-lqv2HzGJAmOEkOOhN_7kifAS5yRvA7JtVwSOw1kKQQWXxwzDa-99Tqxu6kzs4xFw-msBvMsWRL7k7QChKDf1WDaBIFzd-l8xGja_j7NwBpqMSxL6lFmqQmFlhGlBfT_x1lLZ5_J03G6QjtPge1ZruKG8K5ZUJDzmrQHdRDHgW0eU8GFtdqPMv013eiPEU-Y-Hkyerjeou73F2w4XsU-QTPEhNsF9qGHVykmnXr63qh0sfUikz6u_AezPueKy5PJFJWm-0w-v8mpQyTkQqQF6CvSCBgv2APXe7anbB&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-jRYGAE3Y6SJFf2RjuwP5cWYiA_JntKxXNWdkfdwwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoErQJP0Kn4A89nuUYg4aVlUcgXTeQ3yd3todvm7VURgzQQdZ3FHIr_YnQDvE4feQ2mv2Eaa9Fgdqjjr9ZwoUTjNZ55Z_sE-IWLCqapgK_No_CV_7flwSr77fsxduB7xssN4zDUzhU73PILCcvXpVM4sXvJZJrvLHEPzuiQe4JJqevUr9DVuKrzkqlLMCTnZdG4hk1CYgKM1diw_dm93zclzLOaKu5dpAa54kOSGv0bUNpb0aw8MGKDPx5rNApT37thElvT27XJ1RPApBqOnx5cs884poDScMS0hUgcEYD2KOEBTeseh20hDATJ2P2F_x2rR01q98NH4HDK-Uy5lJRIDFBV49f7kEUF74vgVRVmpteXtA3RsHyQJpmuFbxU0Nz_PPQW8ch-hlXzZvzKJ2Uz4AQBgAabztbYl8fLrVegBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggQCIjhgBAQATIDqoIBOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0Y46PI1hE5FiHt7ridyMub-b_oiw%26client%3Dca-pub-2861464200338808%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2EBC 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2EBC 308 B
636 B 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2EBC 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2EBC 43 B
347 B 19ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UgVEn2JtuBEOPjEkn2PEM9ZBKFOsek1CUOEaTRamxs8Gr1eyDXGB_ripw9qucDbsm4aoGwSatRNAd0LCVlWXpV1jGjozsGrN5_YPkGqBHDSG9dWAFn6mi_5cqQd47HsddDoTD1B5RDdkmOEpSz9WHWa-bO60CgqvOjxVkqqH4dkGvfrHtdYhiVtn0SKKjwpJRVdidGtdGido2uo2pK7wcsmgiP2dPfhMmti03_-D0cYVlTAdGPVRIfb6zmeCBOkLfPbj8vxcJxzz70uNmjHbNilHvU0rGFjz-sN8ofExXASyCjv8clCjYHznOuEspwmNBubJVz0Ti-zZrBn_CgWEzKZt55R4YWryX5FBX3E6ZkuUKoC4tZRd9G5M9xPRNUodHsXksyUjVVYFmq_8dL5It_zJEwerpeE7AvgZd2hNynIvsJse

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5380669
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 418A 7 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/error_handler.js

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3268
x-xss-protection: 0
server: cafe
etag: 4444027641539208282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 19:06:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 418A 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 418A 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 418A 0
0 47ms
47ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAd5O20FmnA-bp7s-lELj2Z9OzFf2aBMWtOm-wk8vRMvjhfV0H1yOjNfcEk_0fdNPywfBrKRjUMfSZcxAEM4sbYVtgIg
Requested by: Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 418A 22 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 11:14:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 418A 140 KB
44 KB 71ms
71ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:45 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EE93 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP28zcFxc4jgM3MK5Bzc6KVabuAOv_sx-zCcVIR7cFDGiBv0BP5p3BewzHnadrf-lbMKn9PoIOGPHsfbNtLFz1tQmThggIU5Y5LKX2ZyVW_xlkCET0UntC966_W7jjd3IeAk6qKYb2BC_pSfVWD8ROWDixtRRrvE4GniI9AAkFVMKdp83qnoThCJobV13xJ7cfJe1WpfoNSkJOYVe4G2Zzhngxdo3UVdkl8eSmKrzNrpLGcOycyFsH0-coNeNqmJWGTy-M8eMteflfrMQAUKhysl4CUWrksjzxbzOv5xVcAwdpbx9SjSr33PqycqqEm5DoL2Nw2niLFbRQPAbxWKMs2YHRlOj5_2cC3DP36PG2bB5uh-c0Kr20Xn6CKAdYXLKiEhE&sai=AMfl-YTGRZVmSR_IoNSs6eaV5AzDwgZzIpC0EEfBcNg60rXAze-dO7fMVU6H9rCuCEaWUCyKAAtSHLhTAAMlQX9-Gi0QsBgrfwK02WPZxx4VtLTnbTZJW0ClRP9-0hIaWePj&sig=Cg0ArKJSzIXBnJloVxt9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame EE93 60 KB
15 KB 121ms
40ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 30 Sep 2022 15:42:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE93 140 KB
44 KB 76ms
76ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:45 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 76ms
75ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmv&hash=ca2ee74b10dd22c4&duid=1664549144290028393&pxo=z5QevhPVgDUxB8O6hrsuJrBHdZTBRkAy5JqOMZKZn9lj8eUlzeZwq84RcVPc4WsZyjMLKU1o7Kmo1Mq7rrWO-TZs5pAlgXyKEepuGaIWcvKowj7UBMrJr_9tvuneVXiI2rv5HyTjuVVynyWgM_VxW3VDISA9dfu9YqdFmhnAzSxshw%3D%3D&p5=gfgmd&rand=hnoljys&sj=mdzG3i4uGsdq2X1PXi_IZdgi_uvVfVIzHullOqT3netZzUtkdfYKaFFAaXfgog%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjie&rqs=FymN4zJv5WAXATdjftGZxcIlS1g4JWAl&rtb-si=b&p2=gatn&resp-time=826&creative-id=138378263566&google-width=300&google-height=400

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
DATA 200
OK truncated
/ Frame 63B7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffe9cfd09a050ac09c1d29b54e40b91065642b308b63f61130ea1e31eaac7520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 931E 624 B
297 B 22ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGL6Z7sEBMAE&v=APEucNXt_Yq19i1mhORdW5Js976h75libQzOA7QKDhCtZjFcGyommw-KzFb-JkozstKFZ883B7syaRwmUwGCicLOOqJE9cd8lylKotWzMuUrKX0dqNvWTn40Gz7ERWBg5S7ntHHLNP2ik4ZNzchQKDGADSIHLJtgaV0AMIqpuUE82izl3vDfnq8

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 02E1 80 KB
34 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG7jddOmmvGBherJzZr3fK89jZmVDS7xOUsH4PzcB26rFc4UyTQ_bZ_O0xddUnPF1VVemnEOfpuPbBqOn2m1D3bDQ08Q&cry=1&dbm_d=AKAmf-B1y59PqiJXwqrySOqU9Scjocfhq9F1A5-kJi45vZHRTUIhQZiAR53LWUeAqNpoQxl6b4-8rWSgDrrrLbZ9PNv3_6WHgPxyP-Z5dSVTYGDfsWwRDxJxJ9NnfM7PWiaPxxNG37r9XLXb2dB7VIsKmjPSSwaNeIuR-Oy9Cp1DQEu0cpjadDkxKo3H8pL7bFFI-0wwhzQJ3GG-n08Nv9zRZvQJGxC4D3mTAsUk1Bp-zlCyYWN0u3cLNrZrEPb6PkODGRCCAEK-oujKkFESD9on2_ICOrAUHetFOje7xEZdtEAj95n0g0u5u8yMs7E9VE1ZTiIXqfoixaYEUS0HCpdDXjgWCqldxI1qJKkAZwT8cvNpXaNPMJDIBILM4NwK18ZiLNkD8iGXlVD1trsVawQAGxFSWnvCwOMR63QBKHIyI8G2IWIOw96_6ah9dvKKJ6eqbIbqjarBjnKvPvHM7X6BkMlpWQvLhHGJIQ237PAdYpHRpHizNhfucJztd7zeSm5X16q3TUzH1TWGKZM49fHuQ8lbHuhe0I2vVRxm94k5GkhNHoIR0heNAiXiA8ImPHI2qTQfLyDzgkXmrUtfLdyCu1SKF8yiSswelwCzMLpPeNWWQAuKMUM7dJdiXjPZs88XyMMe6CuB6iiFT4WMY9lBjbCnnSxG-JTEtprk7q21MAT2H0_dVQ5JBBUx_hAu9vbcjJq6Jk75VfcswvJVGP0DYgi7oD3VJqwGLIqZjEeeYUx4o6eMSIPipCUhDNse3XWIijSMwNBIsW3RjRQI5iu7_jv1C3D66OxHcB5Fy0P3cuxKtHGhkeMEWqwlCRcIiPwVgPtixaD5HupxZoCw5WpeSTLz9JvPPl8b8XBM30jWj_VQH15cAGFEB-DACy0CLVe1R3nWEOWYUvTfMuHxe21Ly1_XRZEfxJlrgSry94_5GVEye9wDvRkuQrWzzeA5iRn3En2uaivWk0UP5Ici1ZQ0bh0GwH_6GYTdnblgYGe4Wta1HVdnVPrDflJmfdGMhn9yW-7caNEQYPaZLAzFGiv2kJjU7o84rV1u1SXI9GMYPByJKK6-NUoPybLWJE6kuvOgpnO0-FFNFC6y9ZIT83H6pUVaBLjwUhul1uu5yOFI3T88l0nTzbMY9CD8jixuV_nDlGfHhZDWDUHINm4SW79lzjF6zwGfo0r9Qigjc0x_LUyCo8td7XebJCFkJkleDMFikPFm2wTtfbbO5mbTo-VYPx1kzRgztrPFRHRt3mKuzxfFaEGrpHQ414C48LiBqn-SYMVQYgMzRU0EmvJeJ_1_gNpxbmAuIbCcG0ZD7Q-kg8YBNdSnyv8AMqML4f3jsa-iFFWLBnmL4BebuhueChbiIVf6YfRdqVrtIbWzHq0F_txZoRAKkT_CR4DbYuxR0MCUGHEJUN_a6-c-UUBVDc34Zl-JZ_lreO5ZFiOhL9Iv4jd2pj8Fm9YhnAkkn6-FVkFhYxEq4Ob0K0sqXiFAM4u0-XsZTD8UXVKh588NEEIvJfMlsw8CTCEFxmuxG5cgEGtND3Y6MDdsSKzamtm14ICxrcg4wY09mSONNMI498ptgVT6CuVyeMzkkFYAvH1aEEGbcYvjmlUHGwbgmrSPkSCPZ5yfIP0vzGRzeaHcP1CanL4pOFsdnyUTGnNkzj_r81xALLoRLqDPO4EjTXXC5VwlYoUA-bAUYSWi65o6oBpZSmpJjLmLrwG3P7H47W1f0fUoKe7CMW5irRZQh92eyJzPlMQAx-2PLAHZWKuCGkLfKy6wtKXNeQGgpDt8ljIFdhV7jCqqpmJU8xtL9mAsOfn1h0m2hDywhk13S9qmYELqgRmOB_fPZUhW6C4yxZXkeDmD2kb75-6PINKEdN8cq5v1w2ePnJmjHMhoC07tLO1ivxH6SH0SVM16rCEzpx5RVnhXfjgRuHLKIwEu2yCbS5KgoApWuA4pkhGSGlc9R0PSXQ2Ji6dDMxHZJDLHGVtdpAeUg115uEo5rHluiIMd_-WEQf9eeH7s9wsxtPd3Kg1jnpwI12TKNcXpDyhjpZBdjyYWQCenSNtBEtIsakmy2_C-_yIaOPUMGHtfFp9gon249GUpHJyfVcLDzrMyTm_v68X2HhmGygYJdPzEnU1iks_mmqA_ZTUaiME2Aipko5wpibZmIHXvKRCCpx1vNyCEAhiY8jwt2LT7LOylMXjcQ9K6wsla8pd1_tKvUOh-KJnm4PT-MlhlOGkUwYQtp2HUOXCirhRzGTAML0GWU-eivfbVub8bxxtvgL32fRtT8SIFs3hH1m7yeQKvTmbPZNO96iSDXnXLKYGX57hnSDV3hnVdYrki1Bn_8p-NsbAgWMN8ZveCO0fDbWo29ESaXQeDSyROai5S1Qi1k6HNoo0HQCytM7y3xJUUvhNJNZkuNZZpnF2XGmAfjVwH7VM_NSdw4BIj5DT-xVigigK0eseZIBDFlG5mb84F_hdEDyHO6JLDrJbdLxDnJEYsyFHxPhm8FUS4JbH4dfDHSWCre8E9t5OMNNCLv7IgV5NdrAgEYxig6yoANsJTy7-niSvrD3pJGLiFsr5BgdBzb6OUysGAQfNYUvoLnmBO1m5tYBzbPL5VspMNbgmbnl_tR36X6uHalb9DcmgZYrwOY_hZrcvx19zXHej2vRB5kpumcK0-62b3lObjGWWK9CILxHH3OqaebZRLQ-8-FOCrBFloFei3Pyia5nuixxhItUGsNOT3VjfGgmmwYT7D-knEl3Zuhn9zg74nh1EdYj48djP9eblsvs_F-sHsV02BK_AR8slMJ6C5qY-Q81Lu2Ov2c_FFFfirZquZhRq5cg9wcmYdh-zQQqpj0VigjYQUgq-sPcjovPibxhtZTKGf4QLj8MXA7gwQiRrppWKK5AkA0m9kuutcLXGFIohAu7vx1-MsrHuZleB_zAd7WotYskYHMvQH4IcG6WktZ6NEecXklgBt31i0sE-T6oCKEDY9YEwh2k_O3BVdZjHpUQIH_CIlkLxF_lFotJbTlyG1YTvI79SQoqDVeFQdQAysaRnrQIkApNmTjhPQ7SUh3PVPSTVaCbWlBCPbQo9XNkiQFb4YOdhnmHAOtT0kLcwANZGWIVVPUxgZsPnHawevYxs6vzZHPfFYw2cWW57ZsnT0aqn4FKmc3ODjiNW1bYfUKUxuWsZydVrMRlJ-5sFhbZTXKre1Rc9M2xQ04XVY6w0CDKaZSjwMTwX4WM8G0M5HpHi_2QCzS19DxI-PjONobih3g4fF1apf2RXbBgj36dThc5jMUofVcGiHgzuAEgMQ-nF7LmadaJ_lVT2wfGYskSvsuJ06NUUYRjHY8SHe1dsuLQLwryJXHuYDf_Enb-1n4ojGUlfqkbIatV_CDzz_0jRSQy-OkGjIQ2FRFonDwqSxnAfb70WMMDBEm5KnjQZcXDjesDM87NsyH7MacIKWJM4vfXUpBahbxeEF2eJPA44yVAMrWnCIW5IwxCfT1zdPghiGvg&cid=CAASJeRoM-DXfF7yN7dN2Pj61obuMBjKUi06FzlUOg8tChDnwqs4ms0&rfl=3%2Chttps%253A%252F%252Futro.ru%242%2Chttps%253A%252F%252Futro.ru%252F%240

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc2732dd1f029e71c6bfca78c04850e0d5a9d0cf81576d70b17a8d7ff554d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34433
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 02E1 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:21:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 02E1 17 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:16:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 02E1 0
0 52ms
50ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQpxSCRhwEqvFuqfXkx1a8oRgZZaazoJNtACFwd0XGn1PPpbLSID_AVRybNcVarVHibik2Du5rs_eqlWciqNJnhM4Z_ww
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 02E1 140 KB
44 KB 78ms
77ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 02E1 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DqltKfTQWQr6V1BRmgUo32Ji2KZGGUQSNrczl3ul_g92Nea5xhR8fIV_pggGkhD57PoggWEi_Cm1H3GDLKLeY4UlMNEaOFTnJBhSVvwM0wNt1Xwhg

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01B1 0
0 42ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=698392689564855&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/ Frame CA57 7 KB
2 KB 102ms
55ms Document
text/html 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95363508b190297c32b321d95b5d149f2053def4a6e204bb389814357a385521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1753
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:45 GMT
expires: Sat, 30 Sep 2023 14:45:45 GMT
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F8A 0
622 B 378ms
67ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuV4etY4N0KGjxwuuLnLV4j4gejU7_P4r0DkkWIUhBRXVVXvJUC8WVLAISLT9_LrKNSB8eJgz6lVpA9bloTTs02b9WmY1je5AjTc6uzGZ8VES7xaIVJR0bW_GJ8XIgtDsZToSr3Y-l2manSvDowh-n9dfSPVUZJAta9KRpU3Pv42A1nNIatWEg8i5nHMF0vI06aAuagAZhTg9IU3tnOOAV3UdhMEwS422aSqgtBuF0h-rzEOaY_xCSz2KvNdMTuXJiASX6aBPhzEB5dNo99G1E61AwbJMazsMbBWPzMZzDOWsAWTXCqAucf2HSFkvsZ28yio5EBmzyuI5rz7umY_Yn-Tgz67FDMhH32m8iSVZ04ZtHDXBPUT1ac4DDccaVKJM6UKCvMIHq2G60EQS7Dc8XcxLfRrcGWXUDJxZG1lTKswnz5kSyzpFz6pl8In_iGNazbfIa0sbRt9DFEizGGWgxp1Hlx0ZMAxwxXoRm6dF8kNWQm7n-nTuxRwGQonRkrXXtgQv7zFD8QGzrrj-74F3kFuhOeq8HQtcrvnPHhXBm9wJP1wkrUelQK6H5x1LanSZJDA4XnNMxyS5AlqEO0vm6XcHC-10gRyFCg6Bf93W2psfv71gmL6ZyON9F2oqQ0l7MHEie5QwldC8057E3ga3HS-bs_4q-IEv7QUH0xeyi9DR0-ZWAgjs20RxP9M9sPCttjwOtDml2yjLLB4rRGeAj1aCThAfv3s3pAZGhCh9PzsfsnJdcXjHofdJLTsPzsVN8l18NYMf303xBi7dLKtb5NzWSGs_0-F6W_AnuH4tiHwvv0TWIQKUEs6iqwgow9cBd6yVgyS4JnYvutMQR4Z-OkmVbPJWmokKdgzkIGYiGQ8OfLQ2eiiaLp1Cqv3K4_MnEuI602LJV2lq2CQ3pEQ27VjBLe6-tCwgIqMCVl7QBfcEPOZ0CwZ6On-EQUtvWlBVCMBRsjM6JryoEc9UMDazw7elrg14lk__VzDH-IjRm9YJJMG2dIymT1VeWB0U_X2Ro3jY9WHgniGkkiBmYLSfDDVEUewFNLvyceWMxEiH2ec7DuevP4DWdFzjCYtccTmhXuq1JIhfcrqf_PG4EIP8Der00VQA0mr3iuHrgL-tvf_r3aMUCVg_0D9cur7F89DwyUDD8OHA9wkL2rr2sOXnPVvuzDu3pzO7O5YNE2U4dMgo7JpNw&sai=AMfl-YTUlBf5eU4XS22Wmfv2objFmftnp7OGgFT9aTM0Gl82ogCYWTgXl4NaKpbGq69IUQrNKvy_Vb_KsSjKKfnJY1KNymmSn7OU6Tx_QFH41r9Z12rDHs8b8WtuGHaMgcx5wNtx2aEDT1aQGi6pGFGm3AG967G3BtbeL7tpgyW6HyLR8nSeal1uDC6SFE68-6LMdPUfAAm2zmt6U2plOx5VgKoHAV-Yw9HagfnS&sig=Cg0ArKJSzG7n7H4ZnSpJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=459&cbvp=1&cstd=452&cisv=r20220928.03478&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BE0 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=1743681486487374&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 07FE 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07FE 12 KB
12 KB 260ms
26ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=66&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=476&s=kwGeVMhC2IfY58Gte7bKOD03

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

babd9729f52441a13bb2c40b861669da826821125a4175c697dd665fe47cbb0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28660815
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12042
expires: Mon, 28 Aug 2023 08:06:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07FE 2 KB
2 KB 248ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=400&s=DrzYj4BBZ_BeucmSC-VkbH0_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=936548
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07FE 2 KB
2 KB 248ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=400&s=GdGTAr7UZCrAyx1v0-prh3mc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2079050
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Mon, 24 Oct 2022 16:16:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07FE 1 KB
2 KB 262ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=400&s=SY31qpkHa_4W904lxzxOMzNE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1007186
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Wed, 12 Oct 2022 06:32:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07FE 2 KB
2 KB 261ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMalteser-Hilfsdienst-e-V-770DE.gif%3Feb%3D1&v=3&w=400&s=HOBQQANtw9q3snp0Z1q0uE0g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=598239
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2288
expires: Fri, 07 Oct 2022 12:56:24 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 07FE 0
128 B 245ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=12LYPFPKgDnxJZCBRqoKq24Gg-aUIw2swQWJpgTmFUw19vg_ij1WHLRKU6wzTphanwad5IyTit8ISuQLb_nmd5UaDGZBNAOh9Qqv2Fb84hs0EqHhP1cvW4n-crCiLtA4xjEuJT-WuDQk307tm4NgfSrCYIn6f0ZNg1KzJcuw7pK5l3hi3xab28btm0vbpZHQImKyDMbRPB1DoBdeXeWciLLpdPPcO-LwHf8BtEguL8Zso6RD1UzO9-rb6iFNc9xD6mEV3Q&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 07FE 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 07FE 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 931E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1

43 B
843 B

35ms
34ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGL6Z7sEBMAE&v=APEucNXt_Yq19i1mhORdW5Js976h75libQzOA7QKDhCtZjFcGyommw-KzFb-JkozstKFZ883B7syaRwmUwGCicLOOqJE9cd8lylKotWzMuUrKX0dqNvWTn40Gz7ERWBg5S7ntHHLNP2ik4ZNzchQKDGADSIHLJtgaV0AMIqpuUE82izl3vDfnq8
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVHLf5V6LfaPLo7dofyc4DJsGIdjMLP2D9XJ%2BAMtTdxrUJlqEIOIiubKskXaF%2FpdOUU7kW6712%2BTXBvon2lc9LraqxZMsAlGWQS1xzjZleyQ2FPj60bYDFfF5yABIBlJJF7YGZj4GgPIUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752dbe803e2f691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 931E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzcBGM6U0yihWtXkIrlWbAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1

43 B
845 B

31ms
30ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGL6Z7sEBMAE&v=APEucNXt_Yq19i1mhORdW5Js976h75libQzOA7QKDhCtZjFcGyommw-KzFb-JkozstKFZ883B7syaRwmUwGCicLOOqJE9cd8lylKotWzMuUrKX0dqNvWTn40Gz7ERWBg5S7ntHHLNP2ik4ZNzchQKDGADSIHLJtgaV0AMIqpuUE82izl3vDfnq8
Protocol: H3
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiWzVVDEPA38PlzNWtB9cncadV3AvRb%2FcE3q9CaYhsI9oMTNCJu6Liz6MJ%2By8ZaGF4ZAluSLG%2BTglUV7BBRLIZVVR9uI3clIV%2FFjg7LzRH4MnOR3fnjuOlTT70O0ET8Rs9kfJft69Tk%2FvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 752dbe811f96691f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgIjyM-ZNzrfgI_Sv3Y6ik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 931E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHANEiU4Gw2KHKCJeKll4so&google_cver=1

43 B
1010 B

11ms
8ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHANEiU4Gw2KHKCJeKll4so&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CENqRvYYDGL6Z7sEBMAE&v=APEucNXt_Yq19i1mhORdW5Js976h75libQzOA7QKDhCtZjFcGyommw-KzFb-JkozstKFZ883B7syaRwmUwGCicLOOqJE9cd8lylKotWzMuUrKX0dqNvWTn40Gz7ERWBg5S7ntHHLNP2ik4ZNzchQKDGADSIHLJtgaV0AMIqpuUE82izl3vDfnq8

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:45 GMT
AN-X-Request-Uuid: ded1f268-5da6-4b0c-b1e0-15238e4a9c0b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHANEiU4Gw2KHKCJeKll4so&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 931E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

170 B
188 B

51ms
49ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 14:45:45 GMT
AN-X-Request-Uuid: 71bd88c9-d6b4-466e-aca4-30c0af3d0a50
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzgzODk0MDc1OTY3ODk2OTEyMA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.36; 81.95.5.36; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 75EA 22 KB
8 KB 16ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 03:42:07 GMT
expires: Thu, 28 Sep 2023 03:42:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame C9DC 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A42 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5173 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092601&jk=4018142668032661&rc=
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 418A 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEOClGAE3Y4aJJ4bz3gOig4LQCcme0rFc1fbi1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEtgJP0D4rRTNOzgDCrad3uAG5nzfgPF80OjP_CZZflf5ElP7mSsXHJlR-xiHTgSmqt4DxApP_HUcsDJsUKjCtSeS-Qleuq5NZnlnoZnlcg3Cyqjv18Qik6O18E1XN_KKXvHsTEsi0ZhLlfywD3b5U_ijftNxTwnICzoFVpX39ND5YvU6tG_9f6TIHY6bCbdEwmvGLbW_GJtRnVSOyhQ4fpJbQb__63E4hpofrZGYUJfBhelGrmTk1pwHcQhyV5qnazkB-8ttt9KfFegg4pjTiDw8_Y9CMS4xaFsPaheSEwUYA6qRoIRe3-sMA6qdds41BQmEMRiJZ5vTtsOQ-a_WxSF4C9f_LjzK8vacxQnBfCN0yJdvYBgVdjn6VldrCUZIZbXBWMpOYum6lRKkX9IDgALpUDCEfSu0W4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODYxNDY0MjAwMzM4ODA4GNnIHA&sigh=CyFCqrcVFe0&uach_m=[UACH]&cid=CAQSPACsnQUxJo-N3_sCR2eWWPqXCLCwHd92Y9IZZ85TE_dnSpR8zCcCKSSWwR__buW_6urF0kP4AE-ZqeN4NBgBIBM
Requested by: Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 418A 0
0 34ms
34ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k5CTFLr5ROgH-gGdg2ICAgAAAJGZqDDQq1_qIK7xB96NXYsQGAE3Y7adePbKYjQwuJbfABIAAA&wp=YzcBGAAJxIYKd7mGAACBotO-d5u-zCf0zGdj9Q

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 180969
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E91D 230 KB
60 KB 132ms
132ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAJxIYKd7mGAACBotO-d5u-zCf0zGdj9Q&u=%7ClaXLEDWAoCmirct%2Be9PFY%2FGQki9tF9D2p1vJqwAssz4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbimbwZ6CV9S0AkeKyEFgVOKsJd6ilxGpPRbnRrUXaynsF1RrMfpTQl5RkhFSGrZSEUJuslQfUL_02OZFjs-F487P01gCNxDcS04l_jQndnP9VOG27sIdV-K0SK2fBa9GMdGYtd8sVzlnII7lHsGL3SL-JaumCoJgEPjFH858HhK7UJqH-_jCc3mgEy6Zis-IOvX0KoZbfIJ7PAVqSa2sFeJxY1VKh0OF6o1U89fU1IduUWEzwIswVQTenyOFebcaOXFsLSSckGTswEuaj1IC5t-K8iX2fVj9efYHf1IixMeJr_9g1tKmP0-SwGqUG7ps74lULRqDl7359VuHI3EYfbk0Atou8I4ejg20NK7dSxPahhSy4ZMFJycAtk6G-0qdqRPPHHG-FZ8wTr4pxevH50GRLyGUXBXYI1OQ0nQcZdZQeduOqncgakHAhnQt16l5eOe92OlbxPyogsZ8ab_470NmOsSEbFlxVydOlUH5pJkv5i3X_GZiM6dfJ7sKMIPROxBsyiceRCYv9YOoR6h081uFiXwsq9UCw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVXpCGAE3Y4aJJ4bz3gOig4LQCcme0rFc1fbi1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEuQJP0D4rRTNOzgDCrad3uAG5nzfgPF80OjP_CZZflf5ElP7mSsXHJlR-xiHTgSmqt4DxApP_HUcsDJsUKjCtSeS-Qleuq5NZnlnoZnlcg3Cyqjv18Qik6O18E1XN_KKXvHsTEsi0ZhLlfywD3b5U_ijftNxTwnICzoFVpX39ND5YvU6tG_9f6TIHY6bCbdEwmvGLbW_GJtRnVSOyhQ4fpJbQb__63E4hpofrZGYUJfBhelGrmTk1pwHcQhyV5qnazkB-8ttt9KfFegg4pjTiDw8_Y9CMS4xaFsPaheSEwUYA6qRoIRe3-sMA6qdds41BQmEMRiJZ5vTtsOQ-a_WxSF4C9f_LjzK8vacxQnBfCN0yJZnaJ5faAeKGKkbW8kIky4hfJpkusEC9xh3fySYSv6R4FKS1zv6pomDJ4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATNNDvYJy8zPnBJrDCs1BFm9MBw%26client%3Dca-pub-2861464200338808%26adurl%3D

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b9893a76d9a1cb1e7c76752f90ba9539b433841c080676d09a7438c65380494f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 14:45:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5NPTl1PKgDnxJZCB3_RjXqw5aRC66SPYzRgvVLj5BrUaD_HpO6G_rfOexwUacZ31IUHQ4XuEXruQQ3X7Txtw-fAG3GluOXnuH_8PK71_IS2kVZQaIjkdcPgenqBIUmlxwcAqpF2hyR6gbXptizxnyIf6xsU3MBqwe1wdeoW4CoB2T8iI7jeKbV1b-8OakuOoADr1hcljXN1YCT13tqdW-NmZoVnZaKPIb0DK6fZuWC2d303-34MIuPjy1IZE_D3ONzegEw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 106322478
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8553 1 KB
749 B 13ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 15:14:25 GMT
etag: 48472445140208031
expires: Fri, 30 Sep 2022 15:14:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE93 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d11f725724ffbbd271ab97642636a1e29088d30191bea531d8a2f73f15fd3a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 8D42 12 KB
6 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 7 KB
7 KB 122ms
28ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=m1GX_QMlGpodNuu18g8N-1Gj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28660815
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6722
expires: Mon, 28 Aug 2023 08:06:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 1 KB
2 KB 141ms
47ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=800&s=V_ZNrXFScZltk3WSrE71MkfL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1007186
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Wed, 12 Oct 2022 06:32:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
2 KB 140ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=800&s=VqTak-1PQuSgw4NtqaFRO-V1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=936548
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
2 KB 139ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2079050
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Mon, 24 Oct 2022 16:16:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 3 KB
3 KB 141ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoStepStone-sucht-fur-das-Deutsche-Rote-Kreuz-295856DE-2203290822.gif%3Feb%3D1&v=3&w=800&s=VpvLKR3klboFeQeW28_GABdI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2265489
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2742
expires: Wed, 26 Oct 2022 20:03:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
2 KB 141ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMalteser-Hilfsdienst-e-V-770DE.gif%3Feb%3D1&v=3&w=800&s=pWzkCXUVABbK7t2G7BcDSL96&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=598239
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2288
expires: Fri, 07 Oct 2022 12:56:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 3 KB
3 KB 45ms
41ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoGSR-Servicegesellschaft-mbH-204477DE-2206291323.gif%3Feb%3D1&v=3&w=800&s=l7RVBAfQxS_QgiTFjo4MEk30&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dd2dca0b73e6585089b6a37f391d642fe0b96459f3ce6feaad7dcb346bac21e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1037
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2713
expires: Fri, 30 Sep 2022 15:03:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 6 KB
6 KB 46ms
42ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoArvato-Supply-Chain-Solutions-SE-243479DE-2011271948.gif%3Feb%3D1&v=3&w=800&s=8DIhXoQVc24xx4H-heeU0SAV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2d5c7ee64095341f6a8bb1ec483afeee919abf5262ebce1a2b222857c74fb11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=3555
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6022
expires: Fri, 30 Sep 2022 15:45:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 4 KB
5 KB 45ms
42ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoSC-Freiburg-e-V-156881DE-2107081256.gif%3Feb%3D1&v=3&w=800&s=m6UNDfbWO7FJQp6nRQktxm2J&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ecb1db3dbd557e4a05a2f6394b0dc555f96169272ff56aef2339ca2cf38b2f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1834310
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4486
expires: Fri, 21 Oct 2022 20:17:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
3 KB 43ms
40ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoLand-Berlin-vertreten-durch-den-LfG-B-198904DE-1908200950.gif%3Feb%3D1&v=3&w=800&s=aiVk7hg9E9JWz-lSoOZrdLmZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ae66a471041f4132884bdf23e6a3bc8ac7a698305e7b3bbf840d8394d88d2e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2614
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2408
expires: Fri, 30 Sep 2022 15:29:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
2 KB 49ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLandesamt-fur-Zentrale-Polizeiliche-Dienste-NRW-66057DE.gif%3Feb%3D1&v=3&w=800&s=vYLMtKnM7MUvR-eeF_q6lJec&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bc31dd1668b538cb276b888ece7b1bc77aa3ef5fda2652aa92501e0502f3587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2072
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 8D42 2 KB
2 KB 52ms
49ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoLichtBlick-SE-68566DE-2010051010.gif%3Feb%3D1&v=3&w=800&s=8V4ngYxWHtF6D6yPqmJBfgQm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a909e6040703f472c817757f38b1a1587454809c1ffb73c88c1ada686e9ebb91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1617354
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1678
expires: Wed, 19 Oct 2022 08:01:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 8D42 0
127 B 104ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=L1aXbVPKgDnxJZCBwAm4jqSBu88oyqpv6HX9Zb5jMIzQQV48yDkPob1ccATprINC-hCUsQXYXxX1c2mXFOxeu9DyI57jR1W8YY-HemLXfjVBNqrp9UGY5imkdgrL8lakZNpPQ5vo4rus3vQ3fbSFoTAKncXBt30sAD7lbj16Ekhe9YwC3p_sSuqRy5aFGb7rrHHDiDdpm2k5deVPJKKwYFi1FR9F4oEH9_NJz39tZhHijWBvOkfr_J_fCh0&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8D42 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 8D42 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 02E1 106 KB
37 KB 70ms
22ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
Origin: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Oct 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 02E1 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG7jddOmmvGBherJzZr3fK89jZmVDS7xOUsH4PzcB26rFc4UyTQ_bZ_O0xddUnPF1VVemnEOfpuPbBqOn2m1D3bDQ08Q&cry=1&dbm_d=AKAmf-B1y59PqiJXwqrySOqU9Scjocfhq9F1A5-kJi45vZHRTUIhQZiAR53LWUeAqNpoQxl6b4-8rWSgDrrrLbZ9PNv3_6WHgPxyP-Z5dSVTYGDfsWwRDxJxJ9NnfM7PWiaPxxNG37r9XLXb2dB7VIsKmjPSSwaNeIuR-Oy9Cp1DQEu0cpjadDkxKo3H8pL7bFFI-0wwhzQJ3GG-n08Nv9zRZvQJGxC4D3mTAsUk1Bp-zlCyYWN0u3cLNrZrEPb6PkODGRCCAEK-oujKkFESD9on2_ICOrAUHetFOje7xEZdtEAj95n0g0u5u8yMs7E9VE1ZTiIXqfoixaYEUS0HCpdDXjgWCqldxI1qJKkAZwT8cvNpXaNPMJDIBILM4NwK18ZiLNkD8iGXlVD1trsVawQAGxFSWnvCwOMR63QBKHIyI8G2IWIOw96_6ah9dvKKJ6eqbIbqjarBjnKvPvHM7X6BkMlpWQvLhHGJIQ237PAdYpHRpHizNhfucJztd7zeSm5X16q3TUzH1TWGKZM49fHuQ8lbHuhe0I2vVRxm94k5GkhNHoIR0heNAiXiA8ImPHI2qTQfLyDzgkXmrUtfLdyCu1SKF8yiSswelwCzMLpPeNWWQAuKMUM7dJdiXjPZs88XyMMe6CuB6iiFT4WMY9lBjbCnnSxG-JTEtprk7q21MAT2H0_dVQ5JBBUx_hAu9vbcjJq6Jk75VfcswvJVGP0DYgi7oD3VJqwGLIqZjEeeYUx4o6eMSIPipCUhDNse3XWIijSMwNBIsW3RjRQI5iu7_jv1C3D66OxHcB5Fy0P3cuxKtHGhkeMEWqwlCRcIiPwVgPtixaD5HupxZoCw5WpeSTLz9JvPPl8b8XBM30jWj_VQH15cAGFEB-DACy0CLVe1R3nWEOWYUvTfMuHxe21Ly1_XRZEfxJlrgSry94_5GVEye9wDvRkuQrWzzeA5iRn3En2uaivWk0UP5Ici1ZQ0bh0GwH_6GYTdnblgYGe4Wta1HVdnVPrDflJmfdGMhn9yW-7caNEQYPaZLAzFGiv2kJjU7o84rV1u1SXI9GMYPByJKK6-NUoPybLWJE6kuvOgpnO0-FFNFC6y9ZIT83H6pUVaBLjwUhul1uu5yOFI3T88l0nTzbMY9CD8jixuV_nDlGfHhZDWDUHINm4SW79lzjF6zwGfo0r9Qigjc0x_LUyCo8td7XebJCFkJkleDMFikPFm2wTtfbbO5mbTo-VYPx1kzRgztrPFRHRt3mKuzxfFaEGrpHQ414C48LiBqn-SYMVQYgMzRU0EmvJeJ_1_gNpxbmAuIbCcG0ZD7Q-kg8YBNdSnyv8AMqML4f3jsa-iFFWLBnmL4BebuhueChbiIVf6YfRdqVrtIbWzHq0F_txZoRAKkT_CR4DbYuxR0MCUGHEJUN_a6-c-UUBVDc34Zl-JZ_lreO5ZFiOhL9Iv4jd2pj8Fm9YhnAkkn6-FVkFhYxEq4Ob0K0sqXiFAM4u0-XsZTD8UXVKh588NEEIvJfMlsw8CTCEFxmuxG5cgEGtND3Y6MDdsSKzamtm14ICxrcg4wY09mSONNMI498ptgVT6CuVyeMzkkFYAvH1aEEGbcYvjmlUHGwbgmrSPkSCPZ5yfIP0vzGRzeaHcP1CanL4pOFsdnyUTGnNkzj_r81xALLoRLqDPO4EjTXXC5VwlYoUA-bAUYSWi65o6oBpZSmpJjLmLrwG3P7H47W1f0fUoKe7CMW5irRZQh92eyJzPlMQAx-2PLAHZWKuCGkLfKy6wtKXNeQGgpDt8ljIFdhV7jCqqpmJU8xtL9mAsOfn1h0m2hDywhk13S9qmYELqgRmOB_fPZUhW6C4yxZXkeDmD2kb75-6PINKEdN8cq5v1w2ePnJmjHMhoC07tLO1ivxH6SH0SVM16rCEzpx5RVnhXfjgRuHLKIwEu2yCbS5KgoApWuA4pkhGSGlc9R0PSXQ2Ji6dDMxHZJDLHGVtdpAeUg115uEo5rHluiIMd_-WEQf9eeH7s9wsxtPd3Kg1jnpwI12TKNcXpDyhjpZBdjyYWQCenSNtBEtIsakmy2_C-_yIaOPUMGHtfFp9gon249GUpHJyfVcLDzrMyTm_v68X2HhmGygYJdPzEnU1iks_mmqA_ZTUaiME2Aipko5wpibZmIHXvKRCCpx1vNyCEAhiY8jwt2LT7LOylMXjcQ9K6wsla8pd1_tKvUOh-KJnm4PT-MlhlOGkUwYQtp2HUOXCirhRzGTAML0GWU-eivfbVub8bxxtvgL32fRtT8SIFs3hH1m7yeQKvTmbPZNO96iSDXnXLKYGX57hnSDV3hnVdYrki1Bn_8p-NsbAgWMN8ZveCO0fDbWo29ESaXQeDSyROai5S1Qi1k6HNoo0HQCytM7y3xJUUvhNJNZkuNZZpnF2XGmAfjVwH7VM_NSdw4BIj5DT-xVigigK0eseZIBDFlG5mb84F_hdEDyHO6JLDrJbdLxDnJEYsyFHxPhm8FUS4JbH4dfDHSWCre8E9t5OMNNCLv7IgV5NdrAgEYxig6yoANsJTy7-niSvrD3pJGLiFsr5BgdBzb6OUysGAQfNYUvoLnmBO1m5tYBzbPL5VspMNbgmbnl_tR36X6uHalb9DcmgZYrwOY_hZrcvx19zXHej2vRB5kpumcK0-62b3lObjGWWK9CILxHH3OqaebZRLQ-8-FOCrBFloFei3Pyia5nuixxhItUGsNOT3VjfGgmmwYT7D-knEl3Zuhn9zg74nh1EdYj48djP9eblsvs_F-sHsV02BK_AR8slMJ6C5qY-Q81Lu2Ov2c_FFFfirZquZhRq5cg9wcmYdh-zQQqpj0VigjYQUgq-sPcjovPibxhtZTKGf4QLj8MXA7gwQiRrppWKK5AkA0m9kuutcLXGFIohAu7vx1-MsrHuZleB_zAd7WotYskYHMvQH4IcG6WktZ6NEecXklgBt31i0sE-T6oCKEDY9YEwh2k_O3BVdZjHpUQIH_CIlkLxF_lFotJbTlyG1YTvI79SQoqDVeFQdQAysaRnrQIkApNmTjhPQ7SUh3PVPSTVaCbWlBCPbQo9XNkiQFb4YOdhnmHAOtT0kLcwANZGWIVVPUxgZsPnHawevYxs6vzZHPfFYw2cWW57ZsnT0aqn4FKmc3ODjiNW1bYfUKUxuWsZydVrMRlJ-5sFhbZTXKre1Rc9M2xQ04XVY6w0CDKaZSjwMTwX4WM8G0M5HpHi_2QCzS19DxI-PjONobih3g4fF1apf2RXbBgj36dThc5jMUofVcGiHgzuAEgMQ-nF7LmadaJ_lVT2wfGYskSvsuJ06NUUYRjHY8SHe1dsuLQLwryJXHuYDf_Enb-1n4ojGUlfqkbIatV_CDzz_0jRSQy-OkGjIQ2FRFonDwqSxnAfb70WMMDBEm5KnjQZcXDjesDM87NsyH7MacIKWJM4vfXUpBahbxeEF2eJPA44yVAMrWnCIW5IwxCfT1zdPghiGvg&cid=CAASJeRoM-DXfF7yN7dN2Pj61obuMBjKUi06FzlUOg8tChDnwqs4ms0&rfl=3%2Chttps%253A%252F%252Futro.ru%242%2Chttps%253A%252F%252Futro.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:39:23 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 02E1 30 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11727
x-xss-protection: 0
server: cafe
etag: 4188671789125589074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 14:40:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9EE1 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uaBLTg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2EBC 12 KB
5 KB 90ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 657923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5EqRhARnQDE51MGxsxi82P4q8Rq%2BSnTCO05xtcli5641PhWq4wtOKj72DMgXcpiy5jeQ%2BGic9R3k%2FQ0P8v5D3DMhebp5nI0HZ%2BITOxz254oW0Lh5AwcjUvthZrCIWj4NAGoWUfoB6qCrfDPkTlVzZq2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 752dbe801b769193-FRA
expires: Wed, 20 Sep 2023 14:45:45 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2EBC 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 2 KB
3 KB 73ms
47ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=72088&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F72088%2F220302%2Faffc3ae6d67e493186bf67ef0aac4d96_finn_logo_1.png&v=3&w=596&s=sKmCR1plYzUCnALxwJC8zoeV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

71533350c02f8b842f2fb80b248252092bc4396e7dc4e7e38169015685ac40ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28833651
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2518
expires: Wed, 30 Aug 2023 08:06:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 17 KB
17 KB 55ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F7940ff93518bd2c60aa135df20492c53%2Fe9601058%2Ffront.webp&v=3&w=800&s=nKHV9vW98rCCI5M5dWmeQn-l&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

07faabe387353b0296c359d78b6ac2eb57d41bbed4b5127c8bc4b6b36a971a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1689
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16944
expires: Fri, 30 Sep 2022 15:13:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 18 KB
19 KB 76ms
50ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fa7591cbe66a440c1e2de1ce7415d432e%2F248fceed%2Frenault-koleos-2384-kyanitweiss_picture_front.png&v=3&w=800&s=Qhkirg0SzSBMbfpLHaN7ZGJO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0a577305667e4f77941988707fb29528c3f5a616f264e83d0ae3064c411a635f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=307728
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18852
expires: Tue, 04 Oct 2022 04:14:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 18 KB
18 KB 74ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fed7f49390c17ee203fe0d96ba7b372a8%2F0de73c91%2Ffront.webp&v=3&w=800&s=KFwouGV9-9xDDKMwACXT92CC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0defd00c3eed246b92206f8c32b116156c1041af1d505bad184d009b03b85ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=394492
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18122
expires: Wed, 05 Oct 2022 04:20:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 33 KB
33 KB 65ms
39ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fc43277f218cee7655a631f6083d9d28b%2Fd7fa3818%2Fnissan-leaf-2821-blackmetallic_picture_front.png&v=3&w=800&s=jgYn8Jxy6sBdLKyP3N7KjjIv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bcaa367e2f29ae72fc19909e53b5399e8af88181b7a9f2d175297f9419b8be19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=308755
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33907
expires: Tue, 04 Oct 2022 04:31:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 32 KB
33 KB 78ms
53ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fa63024ce5f250b93e903e274cf7bcfaa%2Fba0e3162%2Fvw-passatvariant-2398-deepblackperleffekt_picture_front.png&v=3&w=800&s=g3gFfyJKv9dy2dBPwUrBHgwS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bf01b44e7a857c65e3532d07c5ba7f41a6617e0455884e6c2de75f40f4c8aa16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=307896
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33078
expires: Tue, 04 Oct 2022 04:17:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 15 KB
15 KB 47ms
44ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2Fd424f6f90e461b390eea18f76b713de7%2Ff4d8320e%2Fnissan-leaf-2528-ceramicgrey_picture_front.png&v=3&w=800&s=v9zEBKisnTGANyxE1vDgIyBv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e1b8aeee78dec43e4d68073c7618092d4af1278bd22be89b1e0eef970479d90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=308120
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15500
expires: Tue, 04 Oct 2022 04:21:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 19 KB
19 KB 46ms
43ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F680792142de7aaa6f73358f662a4e3c1%2Fbc733486%2Ffront.webp&v=3&w=800&s=Hjwt0y3pv3ptXWiqszSh9x36&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d195585a352009773b6084ed09581257b4f62c1e9a9a02f2b1fc659e55e8183c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=308097
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19642
expires: Tue, 04 Oct 2022 04:20:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 15 KB
15 KB 51ms
48ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F4cb5e7861af0233e6a940989707f7223%2Fb3c4ce8a%2Fnissan-leaf-2821-darkgreymetallic_picture_front.png&v=3&w=800&s=j9Xcm-le4bb3Z48-7FhOjiKT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

21350d45dcda28b711f8cc5d96b4be02ca6784a55258059e961a5e37d79d2d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=308466
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15466
expires: Tue, 04 Oct 2022 04:26:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 18 KB
18 KB 49ms
46ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F1c2ee0fc4be6e2055930218b1a6c5b0c%2F3a7b3acc%2Ffront.webp&v=3&w=800&s=Afmf2YyOpVWHcF0_762JD4Lz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6b15a2950b25f9038c9924a3e0033176ffc625d851cf1d61a588843d9eaa3b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=418795
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18252
expires: Wed, 05 Oct 2022 11:05:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2EBC 25 KB
25 KB 50ms
47ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=72088&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Ffinn-auto%2Fimage%2Ffetch%2Fhttps%3A%2F%2Fdl.airtable.com%2F.attachments%2F82d80727f1524087516d1a8c7fc5166c%2F6c60c19b%2Fa2d66b23&v=3&w=800&s=GFcJNIaVnVzMs-m4HuiXJaZP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e7362a543eeaa82303048c1b56956cb7bd71de927e33453c5cea2a6504bbe042

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=481592
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25694
expires: Thu, 06 Oct 2022 04:32:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2EBC 0
127 B 36ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=AdolxFPKgDnxJZCB5qwjT4J6Glm8moXcIDLLwoXAY72M0f5qHbFwkTDozNzDt3Vq3Kd9EYXY9s_AEEuzKITJd5t44hzL15O0C9mYJvc1sfkfgp_V7q4KnQAt5kVVAz4KVrSmiif9SuM4NIDr67a6CTcHwz4Eoty_1O0vJeWlkfu8nqxGhx94u_cnpnUt8nfLhPYyKs4QnHalqkCDo6q_Kli9vqhzTU9w2LQyVDuw6jMmSGUreNSCdG02LQw&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:44 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2EBC 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2EBC 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
DATA 200
OK truncated
/ Frame 418A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6e6171b7e205d47ff3ada395499e07961ab6f5769feb9f877351a0c83337bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0217 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5KF7RA
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js
pagead2.googlesyndication.com/bg/ Frame D4D7 36 KB
0 12ms
11ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame CA57 118 KB
40 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Oct 2022 10:25:39 GMT

GET
H3 200 appl12c317205ab21023ca4c.js Show response
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/ Frame CA57 12 KB
4 KB 23ms
22ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/appl12c317205ab21023ca4c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30ef4ff037d0e6fd36093cb017e58ad2e7cb1b3f2d7191d45167a402d819b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4532
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:16 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D643 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Vef1zg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B7C 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IkkpCw
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E91D 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAJxIYKd7mGAACBotO-d5u-zCf0zGdj9Q&u=%7ClaXLEDWAoCmirct%2Be9PFY%2FGQki9tF9D2p1vJqwAssz4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbimbwZ6CV9S0AkeKyEFgVOKsJd6ilxGpPRbnRrUXaynsF1RrMfpTQl5RkhFSGrZSEUJuslQfUL_02OZFjs-F487P01gCNxDcS04l_jQndnP9VOG27sIdV-K0SK2fBa9GMdGYtd8sVzlnII7lHsGL3SL-JaumCoJgEPjFH858HhK7UJqH-_jCc3mgEy6Zis-IOvX0KoZbfIJ7PAVqSa2sFeJxY1VKh0OF6o1U89fU1IduUWEzwIswVQTenyOFebcaOXFsLSSckGTswEuaj1IC5t-K8iX2fVj9efYHf1IixMeJr_9g1tKmP0-SwGqUG7ps74lULRqDl7359VuHI3EYfbk0Atou8I4ejg20NK7dSxPahhSy4ZMFJycAtk6G-0qdqRPPHHG-FZ8wTr4pxevH50GRLyGUXBXYI1OQ0nQcZdZQeduOqncgakHAhnQt16l5eOe92OlbxPyogsZ8ab_470NmOsSEbFlxVydOlUH5pJkv5i3X_GZiM6dfJ7sKMIPROxBsyiceRCYv9YOoR6h081uFiXwsq9UCw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVXpCGAE3Y4aJJ4bz3gOig4LQCcme0rFc1fbi1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEuQJP0D4rRTNOzgDCrad3uAG5nzfgPF80OjP_CZZflf5ElP7mSsXHJlR-xiHTgSmqt4DxApP_HUcsDJsUKjCtSeS-Qleuq5NZnlnoZnlcg3Cyqjv18Qik6O18E1XN_KKXvHsTEsi0ZhLlfywD3b5U_ijftNxTwnICzoFVpX39ND5YvU6tG_9f6TIHY6bCbdEwmvGLbW_GJtRnVSOyhQ4fpJbQb__63E4hpofrZGYUJfBhelGrmTk1pwHcQhyV5qnazkB-8ttt9KfFegg4pjTiDw8_Y9CMS4xaFsPaheSEwUYA6qRoIRe3-sMA6qdds41BQmEMRiJZ5vTtsOQ-a_WxSF4C9f_LjzK8vacxQnBfCN0yJZnaJ5faAeKGKkbW8kIky4hfJpkusEC9xh3fySYSv6R4FKS1zv6pomDJ4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATNNDvYJy8zPnBJrDCs1BFm9MBw%26client%3Dca-pub-2861464200338808%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E91D 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E91D 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E91D 293 B
621 B 26ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 25 Sep 2023 14:45:45 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame E91D 43 B
347 B 19ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AHzXJgJ6N5xdH3oldp0yrA2cxHUFvyxuWw2M_41d4GURYi9N4c3NJxToxi3S26PZzjoJyyC6ocS8UIkClcgP-Yi-g8tWAPTUlqxbnV79c-G-NifHBfKwnJf9d6jMhJT_OBcPXwYc2dvlLPUHaGKtifrSZLtqQdavxaD2Olq4qRSvV2atplkJseEWJaEyT4mOhaf5m21nFFoYBzdD9R68Mbdugt8cN0ALjX9ghgt8-w-8Gnhu_UY48KKPB_vV37ooeRu0dHvu7T_gFcja_nyZ_HyuMSKNL0bxBjQjAJoGEW2PHIKb0KuPFTcR8m1HP771i3IplxtSFPn9y1Ws5RBDBUhlhnFbhRQqIXI0Mqi1LBEtA_32tEQR-udDuzWNa8iBKQ-1owUDmlsp4CRY-LdvcBhwOB8CHzOcB56REjJTXLfLJO2l

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4019546
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame E91D 44 B
751 B 104ms
104ms Image
image/gif 2600:9000:214f:f800:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664549144
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzcBGAAJxIYKd7mGAACBotO-d5u-zCf0zGdj9Q&u=%7ClaXLEDWAoCmirct%2Be9PFY%2FGQki9tF9D2p1vJqwAssz4%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi68P0DamZZWW6R-xWgoYfrjMzRrCpCocXkbimbwZ6CV9S0AkeKyEFgVOKsJd6ilxGpPRbnRrUXaynsF1RrMfpTQl5RkhFSGrZSEUJuslQfUL_02OZFjs-F487P01gCNxDcS04l_jQndnP9VOG27sIdV-K0SK2fBa9GMdGYtd8sVzlnII7lHsGL3SL-JaumCoJgEPjFH858HhK7UJqH-_jCc3mgEy6Zis-IOvX0KoZbfIJ7PAVqSa2sFeJxY1VKh0OF6o1U89fU1IduUWEzwIswVQTenyOFebcaOXFsLSSckGTswEuaj1IC5t-K8iX2fVj9efYHf1IixMeJr_9g1tKmP0-SwGqUG7ps74lULRqDl7359VuHI3EYfbk0Atou8I4ejg20NK7dSxPahhSy4ZMFJycAtk6G-0qdqRPPHHG-FZ8wTr4pxevH50GRLyGUXBXYI1OQ0nQcZdZQeduOqncgakHAhnQt16l5eOe92OlbxPyogsZ8ab_470NmOsSEbFlxVydOlUH5pJkv5i3X_GZiM6dfJ7sKMIPROxBsyiceRCYv9YOoR6h081uFiXwsq9UCw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVXpCGAE3Y4aJJ4bz3gOig4LQCcme0rFc1fbi1pMBwI23ARABIABglfqLgpgHggEXY2EtcHViLTI4NjE0NjQyMDAzMzg4MDigAdW20uoDyAEJqQJBxCTcy3-wPuACAKgDAaoEuQJP0D4rRTNOzgDCrad3uAG5nzfgPF80OjP_CZZflf5ElP7mSsXHJlR-xiHTgSmqt4DxApP_HUcsDJsUKjCtSeS-Qleuq5NZnlnoZnlcg3Cyqjv18Qik6O18E1XN_KKXvHsTEsi0ZhLlfywD3b5U_ijftNxTwnICzoFVpX39ND5YvU6tG_9f6TIHY6bCbdEwmvGLbW_GJtRnVSOyhQ4fpJbQb__63E4hpofrZGYUJfBhelGrmTk1pwHcQhyV5qnazkB-8ttt9KfFegg4pjTiDw8_Y9CMS4xaFsPaheSEwUYA6qRoIRe3-sMA6qdds41BQmEMRiJZ5vTtsOQ-a_WxSF4C9f_LjzK8vacxQnBfCN0yJZnaJ5faAeKGKkbW8kIky4hfJpkusEC9xh3fySYSv6R4FKS1zv6pomDJ4AQBgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ATNNDvYJy8zPnBJrDCs1BFm9MBw%26client%3Dca-pub-2861464200338808%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f800:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: K45ZCiz3tqYF4n-K3i8eHozRZKDgXAf2RPUiA9MXLiVAI5C_Y8LJpg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame EE93 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/275069/getBulk/ 75 KB
26 KB 252ms
129ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/275069/getBulk/v2?available-width=300&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo4MjY4NzUsInJlc3BvbnNlX3RpbWUiOjIxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MTQ5OTcifSx7ImJpZGRlck5hbWUiOiJiZXR3ZWVuZGlnaXRhbCIsImNhbXBhaWduX2lkIjo4MjY4NzcsInJlc3BvbnNlX3RpbWUiOjIwNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM4NzEzODUifSx7ImJpZGRlck5hbWUiOiJhZGZveF9yb2Rlbi1tZWRpYSIsImNhbXBhaWduX2lkIjoxODIyODUyLCJyZXNwb25zZV90aW1lIjo0NzMsImVycm9yIjp7ImNvZGUiOjF9fSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MjY4NzYsInJlc3BvbnNlX3RpbWUiOjIxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijc3NDkwNCJ9LHsiYmlkZGVyTmFtZSI6InJ0YmhvdXNlIiwiY2FtcGFpZ25faWQiOjExMzY1MjgsInJlc3BvbnNlX3RpbWUiOjI0LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoibkFCVTdHNlJwcHh3aWg1MmtOZnoifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjoxODA5OTA2LCJyZXNwb25zZV90aW1lIjoyMTgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTYzIn1d&date=2022-09-30T14%3A45%3A43.934%2B00%3A00&dl=https%3A%2F%2Futro.ru%2F&duid=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&enable-flat-highlight=1&extid_loader=MTY2NDU0OTE0NDI5MDAyODM5Mw%3D%3D&extid_tag_loader=utro.ru&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4Mjd9CiqkNo3kuO1CBNTFj-m77dtK35cxgvGMZjzj7u_2dPfsf_37shQ5OutWXrlLmrAn3pQOyZ6g2Vn2ndzJAb0I0DNosxk0UxX633_J2jXsXvpXUVUxMzUKml4ZQgl5oSLkBYQBQSiOQ-APjjAUD-gFLAjFAVEYxQAiAiUOgQkIFjQPSUAU4Dc32rAIhaEslIf8pSuLF0A3efyls6xlIcZyLNsAC1z6JTYUDUlL_TAAvqAIT4Zs-Zf4E7MsolAWEMShJIwCrCVKtBAKFfHuAloIbAjZC4F4KAW4AzlIAf5A5cSASxcCFwIZghYvsbMnf6ac4ZfMaCl-PNkhAtNLbaC8EKuZA-whgGAZEi0t8YLlDQBDRzFD9lDRkiZz9W8hAe3DCkLhEMBbljtIgD2kL6gQcymL30dhHIK0pKMtIHk8DRyAJcNo1grwYuvOLRuoL3n8JR6vZ1hyQ9HsZh1IpvnfiO14NOTs_B8Pf6kL357j69KYVkYLE-e9PuwAhnt4JHEIeXmESyz6krQQB3khKRz-gOjlvbtOv-Kp9QBvmtiNks_w4nf5Hd2Vty-7k3iWENQggmUhmAWGFOhT159jFpuxBw8G46bdyyUfqJvig1EsGNxZphul6LJ2F9CpvW67b67eLQdGlWV1LrI2buIvC8LPu9grDLCGC-hm-s4OdaLjhvT0z8MbKA6Gve-ELyxnzUMe6J2V3FtmGAUBRYC14z_TRR9hcSZEj3d3efdk8NNbrzC276Jh8_6fJ1oyDwFnz3t6kJb5MaBxfgl5Cou-LOZrb3bMtKt0G58Im10oiBe-ZPfc7YYwYLvOey28GXNXrTnRntryY0_n5JLd6bRVMHNO-UsGaybF_ZVgxK_pGVcyBQg5hFIlsgNGxwpFR2q0ZYnzeL6gMZdDesguToiHlrvkvUGd8H3kPz4PE0v8vJMv-byuO-wlcjs9e08-RJMB7yH6137QJ3y8xk7Bcds-LJkmH_ip0ndY1FUO_FKRfH_hErf8FZRSdIaN5JFrubA2gbsUFxJTe6LlW8rU5EotGRU1ud5AQUWt1CnJ9FTgP0RQMzZUqLV6pSHWGLR6cKxg6eEQq1UUpNaYUq1R6jVKcKysCEEaV1ERpMBTcLd7SB17u5bnhoPqHEjjiWcpgloZ3ZtQ6EkpVTq4Sp1a41kDEhBvNZLJ9WhDInZXoOJVxZESams52KE98IgfEETT0M17XoBvedpIlsmEpAjJuMoJx-JHhnvFx1Ys53rHjgD0DrqHTEr3JRwE1HDdVchIpnuMXX3w1RRwqKg1ap2GQg_GciWwFDowY0oyAykpOFYyAxw1idJCrKNQklvdsA0UYBqN8FV6DcVyMC78LhO9KrNvkAvP4OI2GsnU8NRD17CQMCxFErLMHK5KpzWo4FiWZ9mT6ZYO1eLzhG7YOynaY3G0YKbB7cE9ZrXshDEOxaIEyY33EWcYHZEWy7hhgtJOv-IUGjcMILlxjIuEm8Jb0ZbHNOGwCrB9lowkZNOH6T18EqVSrcl9V6rhwSPTWyhUarjTc910tJm78T63i1RvUFEO_oKtVmmXVQPIibTEKhHYeOjjfSaLkkS1OEQJx5oXa_jc-xuNW_Sp9rUGXS_nZjgptvD1Kotyx4WnUpPAdVXs8Gj0xKTLRU7v4DMaH0ytbxbyWlmNt-T02ywdPBKVnmtZrZ5CZ_iynrnPZYGvBiO1e8hdwikND6td6-JbSgRxW53RWGDjLwJCwC4e-owOeqGRSeXcz81YHanSOviXK5GaFK4h4YTRoFKpiWMjhZpYM9sOzG0OHQeCLdUX8GdqbC_oqBxpy2naFy9T8yKjXcBhflb7QRAln4lG2atqCKuPQ9jCBw_Ks3PODlKODFHpKdVabbsoL8_Ma4FPpqYEa-IaLRdPimq7mqzV_Rf5mAZbAQsRWk9Q8NCrwM25Lw6mqWdQ3rXKm2nyKKpoyQZfnDDFBUt4LJhmlW1cuj6v6h0rVwnmVGwA09PE6AFCPOW59boNgfZiEHclxhkT2BY1--mn5kTPwztqSYjxqCjomC954gU4T7FpGHrrsbzRS-UV-vEnDaeC0Tv0iT265lQIirezhgDd5XCvpBOOoUdUiumGoPOPBvkSFVi3kEB9yJeOuZ1Vz2vSpbW2KvmxZb6Lc0Vp39FFx897rGMS1CJWvhwylDYCmHIlvONcFDtUOFOvjZeViFEcobZhs-x7yseRwv5bhoQTIzC-yOhw4ufO6EACh7LGm6R3buBNOw9AjgzkbEL7HGvJtt6NCnudUq8FIqni1Oe8Nu8YahArR6BNwY81u60JAPHKfro3XhNMYTwGYj6vpuLG57nudZRWN7T-sJ-SfaI_ptRTz6y-7_B-KF8ZuFfUlC__VnJBQ9bxaSpM0X5fcTWsE1YcO69ir8NPp7jwB6X76Lr1n90a71qXsF3yQnAnko2DQ_nMnF5Zgk5y34BEz-fupLEkDqGvlwSmNBjQ_1fK4vsUzF7wERt2Ng5dtiLHpDRwXMyoVa9JolErLWO1kGh9Z-J864n8tzlbFCxTiWMOwjdoNFesuPPAHrn2U4ejFgfRksgaghDAOAmCLkdrfB9GUAZo5CxJ6d3mZOmcVN2ZbkfUmPBCuIdfjAJY24eT_yhLkC4R4a05_LhUR8zxWGOYTvVhPO2vmLO9827YdHQX_ZGdC82Pcl0bgikl4b8njhHA9hYAXlIEya5-ftfvMynTjpdff5zjJRPe0nk2lE6F-V9YxjUdSpcD0WOTPmUQ01rKFuJ3MniLveM_2rv5uNBWeidFeR8CwE_m2E9B0I6H4jm9IJY_8zwGvig_K_iVuF00raGMVh9957sw61N02o6enz-UVT8Ix5NoMxbWU8h6n4IewA6wLd9XUDHiBqP14WHqD2jfRaK1pdkSfu5kHTVScRNCFFtiQAIKMCjeCNDLQazXg2VKRkuZYn66_y9LpmCydrweDetTCeJLsnHepZsM06eR6ub_F6WNunGyyj7MY2f0yzs7tuwYaq8shZX5gugb9lEFctnz0GvJDh74dj3G8jeuX-Xq7wxZcg_1fCMl01HoVRZScrVKmT9EjmeglQ1VozF5HxZQR91AMTa7uRxVSh0lmZ49-RXEV_fgLLVrHcN5Wo4lMo9vZjm254QNjKUB6xlaaibBD32xQw4YlezSD1du2-ZPbd-xSfO8cVjywdcF6BPH2dbSnImKrsbLwXltXHnJypt2gne4lfrJK_ccx04Z1wwtuvOHvX7FzGA2xyVlj9gtaw1B-QCY__9kP8aSOSbqFqwu9Rwe3VExj-maR993lwf65rXwrZW3GM7ZxZn6ttVSS17oAelnZgWkfLb-YKM3M3hwDZ1DvnpKVKcBe8TpZ4kQEUPRd6ZueoS6_OxVHeoCFO6CY_fKdOFDnoCN02W45nDUL2TJXzwv9S5C1IU_VV5y2rG-b8dPvI_7Vhld_5pnLoHViCfOSF6xvJMnsNk5ejpaxDQQvG9MigRQTwxm6ZimCIRn_sxknWolomkzpK26RtUv4gjNkqxzn3N0DC3v4494ZoQsE1TZQgj6cQA3aRBLhe9BvN9C7n4k-7C-0pRe-n8ml87dhSmYsbOofu3KS4hx0cNsDysrT7w4o5XvC2PuYrS_Dnd2F2AshAFxsqcc-e2yFJdawO5TPD_90y4F6l1D1auhWm1mWgZaCF5uXpTaqFTiMpY_KGyglZbg9JEyXwAVNkXx42h_aSOfPqJwxVzAbHF7dH7M6nEbBemWejTilzk2z8fDujyHkwlvpqMHf1S6QLvLzi0amSUlGRk0S8caHZv-05XkvCXO_cHL6g6Xey_pCxt4yc7pE3BrGbeEzyXzJiiniF6OaTxOc4g4JxbrwICQuZpnZO7Gp1xLWq-KjUpylV5voVSTkWg1zFqzXipdp_EB2oI0UKiJWSnEnhXGJsfyoiLnpP2OUaTTwPM1YKVOq6eiR2SaBD8YLsumKPuQQk7BEoeq7G0Qm2gQM7ENeJOFsRndTM_E6MgmFmO7Co3JzMDEKhBSdMd2O1oTLUImtgOqm4dWonTJlav-MT2va0WSMfPv-vglY8JKxd0BVXYdsW1Yxc0Tl3HulL81lDDOQsJyUjo6220Qtuw2o4pWpIatlxe5r9GvJe5A5XXwcXIsiuwafONJ-LrNN-1YwNY17wESAmllOTq9fTyGWhuMf8TNHp8wXWjCbxeXu26Rbk4Sfrrs0qEpcj50aO3sSvIt9LFLXmq5oOLV-6vo_3zYtvjpSPQg3kjWT4QVl5I6yRZZ86dwI2uxseKU1IWvqbEJnVsONlNWGPUi8I6W7oYZiz0YEDCBs0cTeUC4CU3kJiuU4_YljL-6HBZQo3gvlFsVX7MEzDI_NdQQRDab0ZlomAheQ9wY6C1r4ec28Zdf2J4Xx5dnteTkD3Yu2lYhWv3MjrGFOtKu0j5d29ir1renS7npklTnuqrII_DUBCftyTmE7YAPpRWL9fpzlz_SiLIJ1vrgmocdavPCivToyZGuVXeqmFOf19Us5YTnly_EdHXR3I89Lo-wUNxmgSku1K0YZfjxK4keJa7_R20ITAvkfa6VbvougvoKEBXifjHLJpsR2m4yeEPSn9dhMNsP68De5h_B0uXrD_Z970aDop9fwoGokE2Xs0qSN6fNkY823qN8tKpiinoYJbCTtXaU7EdRoW0K8NkMajaZ7VtoEEutyPvTI7Kb2YAfRNA9Lr2JDoH9qgbARJidh7OtakP3ur8Sj5WTTtcH_zBKW7pCJG_fMV8QfkkIht9r-bM30n0zxmuir4XCalSzfT0aOc7ZXo3BZEZgO51dUfkRT3F96_7s-nRr5CM4JvCPtRTEMn8BGXlIZkp1ZUBgorMfFgB_CGydI9u2RN1SNi4poSeiJHRxfQQmV9-HsighD5_ahdZpnG24zylnrWwwIDTRIrK9RlSnXZ0ojQb54sgA2-QBou5l-L_ruJH195bSdp1xoZ_FagsnJxvPjSCerUQ6D25bwUY24GyyWQSRiZbGtmNCXrSnvSNiu70CuZC4Sv_oF1JTcfGJvMAKFtX7SVSou2WmbCSn725aQPRp&grab-orig-len=5120&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1140%2C%22top%22%3A1410%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A7%2C%22ad_no%22%3A1%7D&p2=gatn&pcode-flags-map=eJytWFtv2zYY%2FSuDn4tBN%2BrSN0qibCKSqJFUHHcYiK7LW9AOXToMKPrfd6iLK9kOXRcB8tAU%2Bg6%2F6%2FnOl68bvm2FZKbhSrHSlFRT01FJG2UqIc09L5kwvDWFaHKxefv7182%2F75%2B%2BPG7ebh7%2F%2B3vzZvP8%2BM8z%2Fwu%2FksyLCNl8%2B%2BPN5p4qI9lvPVPa3De0M5UUjaGlWtlr2bMlQOwnQeodAUquaF4zeMD2NOc11wdDW3i4Z3VttKTFHW%2B3phElW8Eqho9EWx9M3%2FLfTp4IM8%2FLjk%2F0ihnJtzt4yRWf3lC10DZg2hVud6Mo9P0Ba8%2FLLdOmlHRvKi4RdYUEMsMbumWunMUkJEE0YLB2inaZb%2Fyj4i3XDCUp7tQOnu253oleG4pyaeUGJ3Ea3gz%2BGsgUFeqkKPtCq%2FNnboNmgLyxFRcgtsy0NIVkVPN7ZkqmWaG5aM3c96zkFFWr2ZXuJEkU%2B0dM9tCZlu2NQhMa1ENpvAA%2F%2BcN1HJKMLdgIOATnapozdLQwE7A7tKP53MFHN%2FDjyJHDEYuk9FhIJhWys7KMSeqH4do2i%2F0xwRiyWtCSyaFGtFl5%2F%2Fz5y%2BPCLApSDOBoBseVksOgNc6IF0bIlWIM%2Bc4Vk%2FB0bfbx%2FZ9PjyvLMA6yZLBEXcBwrdmxYdxb7X4yImE21roQfattbR520mmSJuk0yQewFHswsjelaChvnaTpJUEYj0VYj1DV17VC2zK3vR8GoXcMMZfiDvlBeGYreem2TEgaX3TYUq%2BWPHeaB74Xj%2FG%2BY20wuAv6KMEfV1mPRH40Ef1gOzN9LqTtI0lL3qtffhDhQK3fo8PgnT09OKmLRGEylbasOmwp1YkWvah5wzDGK9PA87y1beSFY8xdgbWDSsG0dfIZiQhgpu6tBLLM7LjM710bdzyZJMG5Oa8scezt3F7rkBcQZgfuad2vqhV6l61rRmWLdQvOvKeS05O4g9WjBGt2zDK0hLIsC1lxTDaTElxRi%2B0SgazsUy8as9ZJLqTdy%2FlhkAKdkO6Ex0k80YX93LRC84JhCzVbp1kSwG4wU6ozBS12zHpoOiaLkxr73ipFCfGzsSvAgMVkdTICJ0RI0jQgY1rn5i%2B5xGIyhXLSDMn8JF2MHVdwFdmEHiism8r1aBaSSbDMtsOoqqOm6GhZQlO5QSIyVWagRsyrPnTMhG6vQY9k0YONLBaSy%2F1clsQvWkLnmaLmxd2V12eMpq81z2nbwm0sropD8XIbREULN2VlaZAkCz8mkJG0sR4wUV1NDzkkjqUFLUVdny6ok03uBVE49sBW0jxwf4s59L5%2FaxR%2Ft%2FKX%2BIHn%2Bv4CvfnkBYu5OXZsWOuSlUxBLDn980kQj9ZWjUhWYdZ3dhJ44bZLw2mLIGmQzo0dcwkFP%2BmJTrLcvcdiLKLAX40StIVEX2NvY4hRj%2B%2BrFJLDra78zI%2BiS%2BvY6pVpPw3HDCSyPh2VMzTsZn9s%2B1FlWpBxc9xo%2FrIz47L8KZ%2F0VryqRyWrKOZr9mw8In8QznYNRrrOBZXuclubSfB8LyvtOttsWwTgLm%2FgZ2TVKzuuh0ZbgKHd77Rw90mYBMHqSim6ZjoljqeGclM5btFw0jBHjOLnMYYLYKBiKfaWkXZYm%2B%2FARLR2IliRTByn3FzV2664iHjxSLmtFYbIcEP1yJO0s5F5kZ%2B67xw%2FmPT0XCrVUKkNLvqeWfeujTKJ45gcb4387owzz5NJ0oWWtuION1Oh0R35lacyMimA%2BSajKOX5zTqFcIFPP3z6%2BPz509NJBrwocFTmvGVvPbWzKE4cD4B8G943V1A%2FPD%2FdhLpwW4u%2B2L0yvOpxGR5eORMHevyf1%2FQVm%2FanEW2n8dbqTJzuUECH%2BYxa0%2BekRdYgENfTdbujLQAa%2BjBfxlUt7BlfXv87BEn8SVRdsD67Krxfg8vWw%2FY5veWHOIOzyO00fPsfquoL5g%3D%3D&pcode-icookie=6l5qC7Qwc8io5U7zRK6QZkOKEjALV%2FhuZ1jr%2FzG6qS9JsPzuUXljRro2LaTK%2Bgj391zwsFflipPwwMujn2nBKSQTUDY%3D&pcode-test-ids=657518%2C0%2C67%3B651042%2C0%2C42%3B659467%2C0%2C7%3B658041%2C0%2C50%3B655716%2C0%2C51%3B659462%2C0%2C18&pcode-version=659462&pd=30&pdh=1200&pdw=1600&pp=g&pr=334542566&pr1=329121954&prr=&ps=cxhg&pv=14&pw=5&route=ssr&skip-token=&slotNumber=4&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Futro.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&yaru=true&ybv=0.659462&ylv=0.659462&ytt=3300146675717&lvlfrom=20&rqs=FymN4zJv5WAXATdjftGZxcIlS1g4JWAl&rtb-si=1&dmv=2&csl=&ad-session-id=2972861664549143580&rtb-answer-hash=11475584910008822647&usgn=AX1E4kuu91F0MtJoO7tdOCCXBe2pRBMGRH_4Kcsu1wJo&resp-time=1439

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c802737a07b63d21d688042cf024558dd0e249fbafccce929d801b23e328218a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
ssr: true
x-yandex-req-id: 1664549145969020-515362743773684367100105-production-app-host-vla-pcode-202
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
content-type: application/json
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:46 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 72ms
72ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmt&hash=0c492ffa49805ea7&duid=1664549144290028393&pxo=z5QevhPVgDUxB8O6hrsuJrBHdZTBRkAy5JqOMZKZn9lj8eUlzeZwq84RcVPc4WsZyjMLKU1o7Kmo1Mq7rrWO-TZs5pAlgXyKEepuGaIWcvKowj7UBMrJr_9tvuneVXiI2rv5HyTjuVVynyWgM_VxW3VDISA9dfu9YqdFmhnAzSxshw%3D%3D&p5=gfgmd&rand=mciydi&sj=mdzG3i4uGsdq2X1PXi_IZdgi_uvVfVIzHullOqT3netZzUtkdfYKaFFAaXfgog%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjie&rqs=FymN4zJv5WAXATdjftGZxcIlS1g4JWAl&rtb-si=b&p2=gatn

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8553
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBarSrrzOFmzWwgfpGY86gI&google_cver=1&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR9FbHvKBipVg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE40E468A434473CAECAF18744D3EB90&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR...

170 B
188 B

58ms
58ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE40E468A434473CAECAF18744D3EB90&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR9FbHvKBipVg

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BE40E468A434473CAECAF18744D3EB90&google_push=AZmPxg_7zhw3B4La2FDbNiWQ5hzxf9IY9z4m-L0WARFWeqDnAw5DnYjZgGu2SJLPmTMiQi2beeLWyA6DuLl4SwR9FbHvKBipVg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 29 Sep 2022 14:45:45 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8553 0
191 B 105ms
29ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEKEfdo2V-eEMpMVvYTUf7IE&google_cver=1&google_push=AZmPxg-iPiLWxoDtZ88SSNFO0UgdbMaL7LGEJjBskJL_x7cpQW_82P-aC-UuTC3HRtHKzxh7d7pc_oYsq-BV-ftmAYMa1sIrYYk
Requested by: Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8553
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEG_ruDKeOO-9Ih_WFM305LM&google_cver=1&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CD...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTE4NDE0MDM4ODUzMDMxNQ%3D%3D&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CDswmk...

170 B
188 B

58ms
58ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTE4NDE0MDM4ODUzMDMxNQ%3D%3D&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CDswmkU1j44PFIQ

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE0OTE4NDE0MDM4ODUzMDMxNQ%3D%3D&google_push=AZmPxg-WP8KSNxZZ0i9VHqQG08yCPUB42UkvK8qL41gY67JW6S8SIQXMU0ynwfRsBA6Ed4MkoMQZPlUoo623CDswmkU1j44PFIQ
Date: Fri, 30 Sep 2022 14:45:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8553
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESECi4ctk1VQEYWQZ1BD3kUV0&google_cver=1&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hf2_e8suRe22V2DcvlwKDQ2&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZPUUjRysJBhs

170 B
188 B

58ms
58ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hf2_e8suRe22V2DcvlwKDQ2&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZPUUjRysJBhs

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 14:45:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hf2_e8suRe22V2DcvlwKDQ2&google_push=AZmPxg9VREBuTM9lF0f_IsAgrIwr-yE4mnBQR07-S1GrHaDgRXCEdBqwINxjNcTINZUQQLKqmHFFbcPL502adRFZPUUjRysJBhs
x-host: tde-deliveryengine-production-b869b47b-lnjqs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8553
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJddDWJS99w7-vIhNAThODU&google_cver=1&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhPTEwxMTktMU4tMzdDUA==&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKBXMvNmKUbB9UMJ5ALYcG21wY4

170 B
188 B

51ms
51ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhPTEwxMTktMU4tMzdDUA==&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKBXMvNmKUbB9UMJ5ALYcG21wY4

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhPTEwxMTktMU4tMzdDUA==&google_push=AZmPxg9EdQP9ItCcuTsh5ePRuj8PVhlZOJf-xSticYZfxQG-EzgJUNnaXBPirZ8Tn1jPcEuXlKBXMvNmKUbB9UMJ5ALYcG21wY4
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8553
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEIeQWtuJfpFMTDPH6518-L8&google_cver=1&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZ...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIeQWtuJfpFMTDPH6518-L8&google_cver=1&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-2...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=2ejKIuIhRAWPLZBktfXj4w&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-...

170 B
188 B

54ms
52ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=2ejKIuIhRAWPLZBktfXj4w&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZbOIz4

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=2ejKIuIhRAWPLZBktfXj4w&google_push=AZmPxg-x9XdqJEt0x53PFQKTyV9yRCh-OlZOeWZR1jMgeMixgBeAaYW8UJsns6SR3XQBhMAowl8CPlIHbw2A3E-26FuQIZbOIz4
access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:46 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 um
sync.teads.tv/ Frame 8553 23 B
172 B 150ms
102ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMtZAU_L9mLxlizyummzoF8&google_cver=1&google_push=AZmPxg8tPfFquNCJCTZTWpM5sEWUCcZne6ugomPCiDjwO0-5K71MZzVNW6eE6ny-M4ecUQvb5y-h4VqmLhcxXOc7OKB1UvgUGPj-
Requested by: Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

expires: Fri, 30 Sep 2022 14:45:46 GMT
pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8553 0
12 B 48ms
48ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrxPXWwSqhlYSHA5klp5QW-hVHVvHJUkDhbU5x8aPmjUj0je7JluFS_YtosSdsvCAayqqx2A

Requested by

Host: 657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
URL: https://657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ Frame 2EBC 2 KB
1 KB 42ms
18ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Sep 2022 14:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 13:10:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Sep 2022 14:45:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 02E1 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3302 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 15:14:25 GMT
etag: 48472445140208031
expires: Fri, 30 Sep 2022 15:14:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 02E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2748db3da3f1cb52153bc9c8ef29f4d17273fb0651e79b516cbbedf360be78b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6620325417265254417/ Frame 74A7 84 KB
21 KB 27ms
24ms Document
text/html 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6620325417265254417/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b8d2d1ee19091fe12abe606093e8eab838c0716e3c8e152a01f61f597a91f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 154433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21100
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 19:51:52 GMT
expires: Thu, 28 Sep 2023 19:51:52 GMT
last-modified: Wed, 24 Aug 2022 15:41:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 02E1 0
27 B 115ms
66ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsul2WTbpOebc0OewQgD1ji8B38VU2gEDN3gA8c51xKf1aMVam0pv9e6ilMnZ4jZnU_5aH54nphup0afb_HlXH9-4KUkY_Tz4Gg5B4lKeOTy-QboKJyJZc6HrHEOkRVODxX_7RNR0gauJsOOL_lFPhnc42Ww86hMqRwkAxCxAUutovfNtSlwHcg0sjKRp8faYMLa0tD-1hcRyiWHD_YMb9g5Gzdx4fiDLWpAkQ25IKmHH-DW7r3YzxzL0lSMKU8NdDzXBbV_EpKeP0iatNzabEu4rcVdl8pd9gf2jtpI_s3FsDuHhu-IBRw_rZCxmw-yepmRDiM7ic-bbUBijcB7KR2qMkS6f0t9cDrfzFGFU5jxeM3TIMNtzyu1ZoB32DewJEMZvVIvR1uF01m5Uv_l3hwDe0i0ae_gM3P3qtOau2AB2tC0iHSeHgL1jGN9QiHjntCz52a3UfmkgktVRl3CxZeGXpwL7P-g94cxkJL4UShZcW4QN20a38_gxSVhMfOpouML698MolJ0Va0jKbqyYgvLy6b2pXVsm9o8ZL5kCtqiXYMlCEDAa0gN3Jw0vNfIIBHXHLVj5uyFqpZu3dztgGXuLEqmL_6s07QZ7aGEtVxLX2-CDoLrCwJBGJuSTzYwy7klMwSvTS-mC6kMJhLu12KYT54kZTB1I6f8HHdC7kF-nBk1bm-M8PyrnKUvlUvfDhDQ92YCp0htWG0KgXd80AdXH5EQ3x8bESza6sbxR7RkEXUwhnV2Wx8M2nwV82sETwz3zfhAtQqc-cMlKnE8Jw-Cbt8iHA1g-DugTG0o_iWo47IJVYNfmAc9TBrYPb5Hb84lHgW72Cpr28-c8qRzHPLGRO9G2gqsGYbHuDB3_3zF5ElZJDuAvXmMMa8uX_XGgnSaV4yjajqZ45Dk3ryji7pHDlQ_v8eU7-xNip_baH9FWgQbdnAnBdD8xYdNqujRDElHuEF7ad68OXSahpqJaZWrIcjOcxZk1YtNEeFqPZdJ22OkfjRdbB_-Kbt_GfD4JKxlpFJOGcdfeugjX7RMgwlb5Z_HH-exmm4hKiB57eQm1KXCcnKofIv8tRvCWJ_DdSC8vuZM5pW3k_I76MmI3KPNQZufAyLaOSpHueZ4NTeZNlkFHh5BZbSZWY0jgjZ2i3ppQv1kYqy9JS1vpa7YghknRY42Ex_GtLUY597yAKAovE2LHtVcmVApDJQKW-axgYd1z0br1gTjrLjE2ut6zRgo_rKe5HiTICJNtL2RTo2EnXU&sai=AMfl-YQcx65lXoo3eE76nmrTX8iLMPFB7FcB5UocrNqN3D8GCIPWFi_6IIpW2M7l2mfjGT1HElfuoHMGwqo9ZAWVOY5LvGHZOWAT4-9yj56IUj47S0EscyL56c-b9t-lbYZiWzc7GXiuaNZLEy3Mga2LIIIf0taK69z7lk6z2nd8saEQdAWtmHa7nFJF-zu7Lu9mpA4VjLUtSj7k-5UndjooI-4bA48&sig=Cg0ArKJSzEISXqpLQzdeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=431&cbvp=1&cstd=427&cisv=r20220928.30826&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 75EA 36 KB
16 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v12/ Frame 2EBC 16 KB
17 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:42:30 GMT
x-content-type-options: nosniff
age: 248596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 17:42:30 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 88ms
88ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=29fbf32e379f18c8&pm=bmp&pxo=MiFJ58uFDbpPGJL3upMweUyDYWKUi3FFslscXSHHXRGGIauUP8lP5P_uicGixGbpYrMWlxvyId9OPZqkUz5C-t8v7DZMlwhww-3OwuXwCGPwVPYjOnZwAYAO4aR5D3FLe440ldG5CoYQKwP8mgk8E35mM_xm_iKIhT5YHiZSTME4Fg%3D%3D&p5=gfgmc&rand=umcapi&sj=f89rIATjkiQfJAO1daK2Muf78K7pOFV5WyLrBRs6LF7VeBMvbLO-QSCEdhx0SA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjic&rqs=FymN4zJv5WAXATdj743_dPXU5IXeG3_B&rtb-si=b&p2=gatm

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 vendorl7f53738c7c0429a70b52.js Show response
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/ Frame CA57 17 KB
6 KB 26ms
26ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/vendorl7f53738c7c0429a70b52.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/appl12c317205ab21023ca4c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fcaefc86e136654f7a6d9ac280844f82f37fea09039e7d36bdc42d7f7d2083a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5945
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:17 GMT

GET
H3 200 2lb3a7a897f71d8c3b9208.css
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/ Frame CA57 22 KB
4 KB 26ms
25ms Stylesheet
text/css 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/2lb3a7a897f71d8c3b9208.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/appl12c317205ab21023ca4c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eae6b8af299da9bb7fc41d221e16068d3869070cfe9e68f4e5444f554f0f562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3880
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:17 GMT

GET
H3 200 2l2e2b22d8eee9e64a8406.js Show response
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/ Frame CA57 63 KB
19 KB 26ms
26ms Script
application/x-javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/2l2e2b22d8eee9e64a8406.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/appl12c317205ab21023ca4c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357f401c5a50a01c8933002dbf034a79ccfae7889aad12798e0e2e6a7f279d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18970
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:17 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 76ms
69ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=48d3410b2a72ad87&pm=bmp&pxo=c387wGdKFDgBYU1F5fLFga-UR2kcWT-OWmfBZheucPiSdKF0rDIs8Y0oW_XX9UCzbrlD8ieqg2zLmOHJifVYVSmwEX31R70ure56W1V7A91Envod4KVWKGONKdq_AomziLgyxMKcvNIzFP4HKpGD-ebhfPrmvEeQ285JHmHCFGM9ZQ%3D%3D&p5=gfgme&rand=hcgjfna&sj=zqJ_0LGyFxNx5FrQnEeUUkcU1Igt5Y2vGNsd0TtV6eVhpmPPZ45gYGKWGQ83-A%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjif&rqs=F9VT1eKpIHwXATdjPjBgyd3UeMf5ryYO&rtb-si=b&p2=gato

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 74A7 29 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 20:09:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Sep 2022 20:09:35 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 71ms
70ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=2b54b73334ac6693&pm=bmp&pxo=1A2kyxBnhhKIZae8FCynMJ5NEAIhqtVc257i8j4CKXnYrT19tMkzBHPn7VoDhRyctOkaPQ5zGko7ldowKzSuKGDw02gjQXPxThmycMnfm3GirQCtWW0ja9whgIfn5W6nddfyPvuXRHwveliaPmiyp-btlRT08xk8fD4nk_z-G_Ei0mQ%3D&p5=gfgmb&rand=bzricno&sj=uQHqlcu9K-N_LlVNyb-G9VNXkdaabxym6Pa7ZsOuZKiAVFvW9c_TSDlIwsm_rA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjid&rqs=F5k30HHhBH8XATdjCNIDRXadIQsO2WYW&rtb-si=b&p2=gatl

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 98ms
98ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=f236800e1393888f&pm=bmp&pxo=M4o7pHXr4_8EGL-iUXpqEQrC-MncfUPfzY0DuxTaPo3YnlKjv9QPd6zLMf7DoqpLn5hsxyHDMZBZuEo5SMemb-xa1RbOCFRLc8i8MFY6hpIhmTl3eJ7ZyHuHoFzYDeN7bQZHq36OXE_YqbdsEw76BuFqM9cgY1lSCJBPg79YhXcpVA%3D%3D&p5=gfgma&rand=nqdhkew&sj=HFebaII-_MfrIjFnRJlmjgGlhEr5SFU-cDzEnhiOaisyuYpFuyJi_RfKiqFj&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjii&rqs=FxW3Z7xqMQoXATdjNi7gH--nw7RLJeYz&rtb-si=b&p2=gatq

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E91D 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 1 KB
2 KB 15ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1007186
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Wed, 12 Oct 2022 06:32:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 2 KB
2 KB 15ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=936547
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:54:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 3 KB
3 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2265489
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2742
expires: Wed, 26 Oct 2022 20:03:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 2 KB
2 KB 16ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=598238
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2288
expires: Fri, 07 Oct 2022 12:56:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 2 KB
2 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2079049
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Mon, 24 Oct 2022 16:16:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 6 KB
6 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2d5c7ee64095341f6a8bb1ec483afeee919abf5262ebce1a2b222857c74fb11f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=3554
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6022
expires: Fri, 30 Sep 2022 15:45:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 4 KB
5 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ecb1db3dbd557e4a05a2f6394b0dc555f96169272ff56aef2339ca2cf38b2f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1834310
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4486
expires: Fri, 21 Oct 2022 20:17:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 2 KB
3 KB 17ms
16ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ae66a471041f4132884bdf23e6a3bc8ac7a698305e7b3bbf840d8394d88d2e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2613
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2408
expires: Fri, 30 Sep 2022 15:29:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 3 KB
3 KB 16ms
15ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dd2dca0b73e6585089b6a37f391d642fe0b96459f3ce6feaad7dcb346bac21e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1036
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2713
expires: Fri, 30 Sep 2022 15:03:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 5 KB
5 KB 14ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=iLZcqtagBcJ8KuEcP2SNaUbP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30725196
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5106
expires: Thu, 21 Sep 2023 05:32:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame E91D 2 KB
3 KB 19ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoLeybold-GmbH--Part-of-the-Atlas-Copco-Group-50797DE-2209211242.gif%3Feb%3D1&v=3&w=800&s=5Zp32mjZrxzHEUJhdU2_4c0K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9057beeea4c492533d4d376d1d07e8b5222b3095e8ec395b6690c3779a09161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1837302
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2546
expires: Fri, 21 Oct 2022 21:07:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E91D 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5NPTl1PKgDnxJZCB3_RjXqw5aRC66SPYzRgvVLj5BrUaD_HpO6G_rfOexwUacZ31IUHQ4XuEXruQQ3X7Txtw-fAG3GluOXnuH_8PK71_IS2kVZQaIjkdcPgenqBIUmlxwcAqpF2hyR6gbXptizxnyIf6xsU3MBqwe1wdeoW4CoB2T8iI7jeKbV1b-8OakuOoADr1hcljXN1YCT13tqdW-NmZoVnZaKPIb0DK6fZuWC2d303-34MIuPjy1IZE_D3ONzegEw&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:45 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E91D 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E91D 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 25 Sep 2023 14:45:46 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7FDB 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 212619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 03:42:07 GMT
expires: Thu, 28 Sep 2023 03:42:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3302
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJPMDo0gSSfb806NdbtW10U&google_cver=1&google_push=AZmPxg8Bg5DLUioUt5KzUPqJjDgDJoL69rQdFWWsV9qhshWuE4LJqjJrR5w6U6b78rBiQW0xFzfyIw7DZLyN9tz4onnUraHbiwm9
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMzMDAyOTA1NDkwMjE1Mzg0Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC5Ew2_FRgQclwsGfzdTGkM&google_cver=1

43 B
398 B

44ms
19ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC5Ew2_FRgQclwsGfzdTGkM&google_cver=1
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEC5Ew2_FRgQclwsGfzdTGkM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3302
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEK7htVsc6ZG5GqdSU_3ESc4&google_cver=1&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682Aaq...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682AaqTvMFiAccKYXq2g

170 B
188 B

51ms
51ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682AaqTvMFiAccKYXq2g

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Sep 2022 14:45:46 GMT
Server: MT3 4525 e1952b7 master zrh-pixel-x28 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-Ph8-ipMHFveqCd2H9gOzCN-Yyk8WgJFGJ1vGfwnz09Cj81kzqbm2XrMz1vq3E8PoPQF2EV_2Zob682AaqTvMFiAccKYXq2g
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 30 Sep 2022 14:45:45 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3302 0
191 B 27ms
25ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEEo-txaYNg6KVYIkkpQyR9Q&google_cver=1&google_push=AZmPxg-n37p5V8MDdvzpnS017wDtdi31c2PKcOU2fDR8ZzbzmECohLAr60ZUXeHNtvIrCJ45j_EpZXC2jeXP4P7ThF55M4f4GXJONA
Requested by: Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3302
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOYX_jRExVpr0BFVZ9AL9Ow&google_cver=1&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqi...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOYX_jRExVpr0BFVZ9AL9Ow&google_cver=1&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja

170 B
188 B

51ms
50ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AZmPxg9bFxMds1GffVtXQw3itHKpc5yxrbUgPXl9cDLvTjpbuItsPWmjhtFKzo-Ulr3p_vwFk_8kJ4dR55LJCu2IxouMQqiEi9Ja
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3302 43 B
351 B 41ms
17ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOQWe5TWuVCXG1hqj0r6dpQ&google_cver=1&google_push=AZmPxg9m22zpjz_pkhtGtebfVamOaJHjaOGM35-81ZgWkDrLnY6_PsCZZw7-92vY1e8k7Xx0rzGD0JpptYDwOvrjQmtB2h8ITOUAfA
Requested by: Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vgl793g7okd5kahqoqsoieevcvt7s3nd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3302
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEJgBBIBEI3fgl90eJJLc-JA&google_cver=1&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2a...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2aVd0b7IO4NNhMrg

170 B
188 B

52ms
51ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2aVd0b7IO4NNhMrg

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Sep 2022 14:45:46 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AZmPxg_plUcZdncddpS6lwH3TZkNeA82uKWI4uat4SHcOeK_iphAp6HlZ8OQuEEVZUHLv5_FejlgqqTtoqpW4n2aVd0b7IO4NNhMrg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 7_DB0p4o5GZHH9R7kDxR2JMUoUDqOHrOOie5H6vubEZnfDR9yNPSsg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3302
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKhyfKuJJZVgKpfyxlTFNQE&google_cver=1&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKhyfKuJJZVgKpfyxlTFNQE&google_cver=1&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kRDZoZjF4RTJ1RnNZbUZ4VUpoeVFVNjlYOU9XdDRFSX5B&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_...

170 B
188 B

50ms
50ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kRDZoZjF4RTJ1RnNZbUZ4VUpoeVFVNjlYOU9XdDRFSX5B&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS6XWrxrXKaC2ASkkiIzlC4pwaq7VUQ

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kRDZoZjF4RTJ1RnNZbUZ4VUpoeVFVNjlYOU9XdDRFSX5B&google_push=AZmPxg9mBrHRD84WvGMyv9wCl7l5HxSO1hE9GdBawO2NXgEgSdeTY76B_74eXBGPRTRgMmgLwS6XWrxrXKaC2ASkkiIzlC4pwaq7VUQ
date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3302 0
12 B 49ms
48ms Image
text/html 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIg8Ce3cTiMmK7yN6318zyV6pZ-hktZwjGXfGhQrtSstwk3B8h-vSpFakwGQNYHDGDcviHPA

Requested by

Host: ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
URL: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CA57 7 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d2975e1128609a08e08d2160c655f0a56f56a384ed64d11a97674d86cfb103e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5676
x-xss-protection: 0

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 33ms
33ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Origin: https://utro.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: b3dc873d14fb94ba
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 20:33:54 GMT

GET
H2 200 281953 Show response
mc.yandex.com/watch/ 256 B
363 B 71ms
71ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/281953?wmode=7&page-url=https%3A%2F%2Futro.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A1%3Als%3A509460811573%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144546%3Aet%3A1664549146%3Ac%3A1%3Arn%3A125960111%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549146%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr(14)mc(p-1)clc(0-0-0)lt(13500)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8ec3da1b250f95999c24d9b0edc921d040d54cf40e1195d9c9394fb4285cc113

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 30-Sep-2022 14:45:46 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:46 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4694892/TtCcmy8XQ5DIE-_GtkC84w/ 30 KB
30 KB 252ms
115ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4694892/TtCcmy8XQ5DIE-_GtkC84w/y300
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c320bb579481f64c79399f5e2ac10e50194acb33c41041d2efc0c3bab9b6eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
last-modified: Thu, 08 Apr 2021 20:00:14 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 30784
x-request-id: dfa15bc353f27eb7

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 52ms
51ms Image
image/png 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: c57fcdde40431741
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 02:45:36 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame DE54 24 KB
7 KB 43ms
43ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://utro.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Fri, 30 Sep 2022 14:45:46 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 29 Sep 2052 21:20:18 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63B7 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2nJMcCJNNVaqHpucBB8AaAdBre0OyAZTJP3VGaRVg6p54zsSmgLpKfn3mGq5PaNziUbK0O_eKN9X4dAEhLGYKxwQ&sig=Cg0ArKJSzMWjrk9sTqYQEAE&id=lidar2&mcvt=1101&p=953,480,1353,720&mtos=0,0,1101,1101,1101&tos=0,0,1101,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=0.62&if=1&vu=1&app=0&itpl=20&adk=2020866948&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664549144812&rpt=416&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 80ms
79ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmp&hash=6d00d7e58f4b9775&duid=1664549144290028393&pxo=dxQr6PvF5m8nlXikJ8LlGtk3gS7Kdb88J69DaCQxKZSQs1CKWHXE6H-YZxXnCqHpQC7tRcMv3az6UqyDes3z8xubMlANNgik27Ghmiq_ofZjJkYrIx4e8lTcQaxC8v8Vnwhppn-gJTfGumA8UOLKNEVgExoCHAfZNDtCve4Iv24iFOs%3D&p5=gfgly&rand=kcufigg&sj=eX7xj4Bwznur_5OvHy7zjXWVM2IJByPzqO1jkHxGoqcrADQ-imHFGG1YUHrGTg%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjig&rqs=FymN4zJv5WAXATdjcRhZPYNjguh1OGZH&rtb-si=b&p2=gatj

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 83ms
82ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmp&hash=eadd8dda8b1ca556&duid=1664549144290028393&pxo=wGv6s1RenjSII4nbx3DPhPBRar4aERCl82T6WaiGQX1BRh9zLn-91JG5fPw6BCQhGUimZnbnaqZUcUGXJxzMeZsgod4XFQAvihMA6ICbBUwEGMNlxzkSfefxWYtULlx3yjtzdF5vC5d61nb0WQSnZUBwNM3Kr1ai0yRhGzWRx-N0Zg%3D%3D&p5=gfglz&rand=cmycuch&sj=K2UWbGvrwF7NB0AMPTVVAsDSpcxfMVM8TUsSd_nnRyso1RWR1MjzO0LD_9ZPhQ%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjih&rqs=FymN4zJv5WAXATdjwRRYiYi-fYqtCFCQ&rtb-si=b&p2=gatp

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:46 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/281953/ 43 B
73 B 71ms
70ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/281953/1?page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&cnt-class=1&hittoken=1664549146_4ac2e301f1f7710e0b3e31215dace56ddd85aa1ffc898bbc5d7dbd3a68feb3e0&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A754%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A1%3Als%3A509460811573%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144546%3Aet%3A1664549146%3Ac%3A1%3Arn%3A408234432%3Arqn%3A1%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C129%2C62%2C68%2C196%2C0%2C%2C606%2C22%2C%2C%2C%2C1061%3Acpf%3A1%3Aeu%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549146&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(26200)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 14:45:46 GMT
content-type: image/gif
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:46 GMT

GET
H2 200 281953 Show response
mc.yandex.com/watch/ 43 B
97 B 64ms
63ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/281953?page-url=https%3A%2F%2Futro.ru%2F&charset=utf-8&cnt-class=1&hittoken=1664549146_4ac2e301f1f7710e0b3e31215dace56ddd85aa1ffc898bbc5d7dbd3a68feb3e0&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A1%3Als%3A509460811573%3Ahid%3A338505151%3Az%3A0%3Ai%3A20220930144546%3Aet%3A1664549146%3Ac%3A1%3Arn%3A629498724%3Arqn%3A2%3Au%3A1664549144290028393%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1664549142720%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549146%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(26200)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 14:45:46 GMT
content-type: image/gif
access-control-allow-origin: https://utro.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:46 GMT

GET
H3 200 bar_passivel5a72.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 222 B
249 B 23ms
23ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/bar_passivel5a72.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deee137a6dfa1f234d7ac0a3e2a41ad36e4351c4f24df0be7bd608332d969dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:17 GMT
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:17 GMT

GET
H3 200 bar_activel2c09.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 291 B
318 B 22ms
22ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/bar_activel2c09.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1099ec07c289ebd84f0514d6e20321df20cb388797ca17e78000bd5678d793d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:17 GMT
x-content-type-options: nosniff
age: 166409
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:17 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 02E1 0
26 B 58ms
58ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsul2WTbpOebc0OewQgD1ji8B38VU2gEDN3gA8c51xKf1aMVam0pv9e6ilMnZ4jZnU_5aH54nphup0afb_HlXH9-4KUkY_Tz4Gg5B4lKeOTy-QboKJyJZc6HrHEOkRVODxX_7RNR0gauJsOOL_lFPhnc42Ww86hMqRwkAxCxAUutovfNtSlwHcg0sjKRp8faYMLa0tD-1hcRyiWHD_YMb9g5Gzdx4fiDLWpAkQ25IKmHH-DW7r3YzxzL0lSMKU8NdDzXBbV_EpKeP0iatNzabEu4rcVdl8pd9gf2jtpI_s3FsDuHhu-IBRw_rZCxmw-yepmRDiM7ic-bbUBijcB7KR2qMkS6f0t9cDrfzFGFU5jxeM3TIMNtzyu1ZoB32DewJEMZvVIvR1uF01m5Uv_l3hwDe0i0ae_gM3P3qtOau2AB2tC0iHSeHgL1jGN9QiHjntCz52a3UfmkgktVRl3CxZeGXpwL7P-g94cxkJL4UShZcW4QN20a38_gxSVhMfOpouML698MolJ0Va0jKbqyYgvLy6b2pXVsm9o8ZL5kCtqiXYMlCEDAa0gN3Jw0vNfIIBHXHLVj5uyFqpZu3dztgGXuLEqmL_6s07QZ7aGEtVxLX2-CDoLrCwJBGJuSTzYwy7klMwSvTS-mC6kMJhLu12KYT54kZTB1I6f8HHdC7kF-nBk1bm-M8PyrnKUvlUvfDhDQ92YCp0htWG0KgXd80AdXH5EQ3x8bESza6sbxR7RkEXUwhnV2Wx8M2nwV82sETwz3zfhAtQqc-cMlKnE8Jw-Cbt8iHA1g-DugTG0o_iWo47IJVYNfmAc9TBrYPb5Hb84lHgW72Cpr28-c8qRzHPLGRO9G2gqsGYbHuDB3_3zF5ElZJDuAvXmMMa8uX_XGgnSaV4yjajqZ45Dk3ryji7pHDlQ_v8eU7-xNip_baH9FWgQbdnAnBdD8xYdNqujRDElHuEF7ad68OXSahpqJaZWrIcjOcxZk1YtNEeFqPZdJ22OkfjRdbB_-Kbt_GfD4JKxlpFJOGcdfeugjX7RMgwlb5Z_HH-exmm4hKiB57eQm1KXCcnKofIv8tRvCWJ_DdSC8vuZM5pW3k_I76MmI3KPNQZufAyLaOSpHueZ4NTeZNlkFHh5BZbSZWY0jgjZ2i3ppQv1kYqy9JS1vpa7YghknRY42Ex_GtLUY597yAKAovE2LHtVcmVApDJQKW-axgYd1z0br1gTjrLjE2ut6zRgo_rKe5HiTICJNtL2RTo2EnXU&sai=AMfl-YQcx65lXoo3eE76nmrTX8iLMPFB7FcB5UocrNqN3D8GCIPWFi_6IIpW2M7l2mfjGT1HElfuoHMGwqo9ZAWVOY5LvGHZOWAT4-9yj56IUj47S0EscyL56c-b9t-lbYZiWzc7GXiuaNZLEy3Mga2LIIIf0taK69z7lk6z2nd8saEQdAWtmHa7nFJF-zu7Lu9mpA4VjLUtSj7k-5UndjooI-4bA48&sig=Cg0ArKJSzEISXqpLQzdeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=868&vt=11&dtpt=437&dett=3&cstd=427&cisv=r20220928.30826&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A42 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cUoP5Q
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FDB 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C9DC 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dJ8Mpg
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9AE 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092701&jk=855455490258528&bg=!SEulSw_NAAYQgTJdMIE7ACkAdvg8Wv2sSraKMww5g9tjaGOex1pMv-74A08nybePwAYFV8kuWXVALAIAAAOBUgAAAANoAQcKAJK_udfonvgMWqNvEMNsA84Iki094-XkDBk-JVv2323b_eX0WpS_13XdWFc-oMbJfUSIL3NDRLSBheyio6jFa221YjdRTHJ_u2voWh8CXPnDS99DVR51q7Bi2CmCwpM6qkGmkmoluoGtOaM59tPWY42F4MCT3q9_hDz7GkGkoglZAocXxzihLJM83BdS1fJd41ACtZkCo0LgPRqRoZJdAxHzFoZ81uHooFAZSSkSWJz7qfrJmFyODKzRzOKG54wq9M4Gr9mgi3TybmSfoeLu25xXzRAO__MDi8ZUzV8Sn81uiTO3LcK3GpZj3bfNC93swjEdmk543QrIXBDP8MuRbz3a9oWPuyOW6IyAPmxTMk0UfUD6fGlottu7G2ZeTYM8zWKA8b07lSwLnTgBEtZDjBvlxmHu8N8sI4RDqb2duu4O-bglCUmn8hpjrqkjLbj0nBzngvU4wq8vSvLnKm5Xi7JCqgwqAfadQ1J2T7jSP3DAyPPrg1q3IImxWNWGPBHhv778r-MoWwRmR7xEy31FeBbGh5RKoZfyGf5oUSYnFGE8kLH7HdR9RR8Xuq_YpOcgRZwV5oM5ypFO0LdVVk9V3QemkoTClfBOlhDt7LHUxeIxPLY6MFGETdDiR6nVERjPbhGJitbPXoe8HSBIxZVPjPu7QsUZR0Bft88wA9QMHzp8fEVmeZHKtS86kwq0UW0P2MjvUPTnfQE6l2FhC231AfWUYBXucODqbN2xereyEj6rBvb5Z0tAlCkr7jC0DHXg4ZauG_xWiKx1mVObR8hf0rMbF9Ndm0fEitYt3JIs99ygroGi_P7ReK_2bPpFFDSnlR1MZxeBuLzqMevypxfrIBaxtpYFoXutzUmLTmr5JRaff5X58-dOMbL1DJPPLvAiMIWD3rYeulQkRyWL5gPd4oeVy1Dp-AwMAlY7rulL2s_f4hGciq13ApIyP2Lv4S3nF1VRHLfYCVOgV95MsiFupUNl7ywXVNYdwdGhkCu2iotO8zk-Sb9tn14q0rZqwy8tWRa8108jznUpgvgzPT6CKVVeMBRlaep7qIJhD1cPodOCwtjYwVKU1NgEPwA3lrWGOX2WZkIyC-BOkQ
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CA57 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 14:45:46 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4F8A 0
26 B 61ms
61ms Ping
image/gif 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuV4etY4N0KGjxwuuLnLV4j4gejU7_P4r0DkkWIUhBRXVVXvJUC8WVLAISLT9_LrKNSB8eJgz6lVpA9bloTTs02b9WmY1je5AjTc6uzGZ8VES7xaIVJR0bW_GJ8XIgtDsZToSr3Y-l2manSvDowh-n9dfSPVUZJAta9KRpU3Pv42A1nNIatWEg8i5nHMF0vI06aAuagAZhTg9IU3tnOOAV3UdhMEwS422aSqgtBuF0h-rzEOaY_xCSz2KvNdMTuXJiASX6aBPhzEB5dNo99G1E61AwbJMazsMbBWPzMZzDOWsAWTXCqAucf2HSFkvsZ28yio5EBmzyuI5rz7umY_Yn-Tgz67FDMhH32m8iSVZ04ZtHDXBPUT1ac4DDccaVKJM6UKCvMIHq2G60EQS7Dc8XcxLfRrcGWXUDJxZG1lTKswnz5kSyzpFz6pl8In_iGNazbfIa0sbRt9DFEizGGWgxp1Hlx0ZMAxwxXoRm6dF8kNWQm7n-nTuxRwGQonRkrXXtgQv7zFD8QGzrrj-74F3kFuhOeq8HQtcrvnPHhXBm9wJP1wkrUelQK6H5x1LanSZJDA4XnNMxyS5AlqEO0vm6XcHC-10gRyFCg6Bf93W2psfv71gmL6ZyON9F2oqQ0l7MHEie5QwldC8057E3ga3HS-bs_4q-IEv7QUH0xeyi9DR0-ZWAgjs20RxP9M9sPCttjwOtDml2yjLLB4rRGeAj1aCThAfv3s3pAZGhCh9PzsfsnJdcXjHofdJLTsPzsVN8l18NYMf303xBi7dLKtb5NzWSGs_0-F6W_AnuH4tiHwvv0TWIQKUEs6iqwgow9cBd6yVgyS4JnYvutMQR4Z-OkmVbPJWmokKdgzkIGYiGQ8OfLQ2eiiaLp1Cqv3K4_MnEuI602LJV2lq2CQ3pEQ27VjBLe6-tCwgIqMCVl7QBfcEPOZ0CwZ6On-EQUtvWlBVCMBRsjM6JryoEc9UMDazw7elrg14lk__VzDH-IjRm9YJJMG2dIymT1VeWB0U_X2Ro3jY9WHgniGkkiBmYLSfDDVEUewFNLvyceWMxEiH2ec7DuevP4DWdFzjCYtccTmhXuq1JIhfcrqf_PG4EIP8Der00VQA0mr3iuHrgL-tvf_r3aMUCVg_0D9cur7F89DwyUDD8OHA9wkL2rr2sOXnPVvuzDu3pzO7O5YNE2U4dMgo7JpNw&sai=AMfl-YTUlBf5eU4XS22Wmfv2objFmftnp7OGgFT9aTM0Gl82ogCYWTgXl4NaKpbGq69IUQrNKvy_Vb_KsSjKKfnJY1KNymmSn7OU6Tx_QFH41r9Z12rDHs8b8WtuGHaMgcx5wNtx2aEDT1aQGi6pGFGm3AG967G3BtbeL7tpgyW6HyLR8nSeal1uDC6SFE68-6LMdPUfAAm2zmt6U2plOx5VgKoHAV-Yw9HagfnS&sig=Cg0ArKJSzG7n7H4ZnSpJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1628&vt=11&dtpt=1169&dett=3&cstd=452&cisv=r20220928.03478&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame DE54 95 B
400 B 176ms
53ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Fri, 30 Sep 2022 14:45:46 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0000
Content-Length: 95
Expires: Sat, 01 Oct 2022 14:45:46 GMT

GET
H3 200 B-Q3_3221_breit.jpg
s0.2mdn.net/sadbundle/6620325417265254417/ Frame 74A7 26 KB
26 KB 24ms
24ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6620325417265254417/B-Q3_3221_breit.jpg

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3dd4bf99321fbc802e13b50f9d5925fb98953002a8ad7798c92e17178ce7889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:51:53 GMT
x-content-type-options: nosniff
age: 154433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26849
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:41:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 19:51:53 GMT

GET
H3 200 B-Q3_6141.jpg
s0.2mdn.net/sadbundle/6620325417265254417/ Frame 74A7 23 KB
23 KB 36ms
35ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6620325417265254417/B-Q3_6141.jpg

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584655fd4f60a91cce23b6229f5356e4886ad1423650a6153e49a93e4b49ef96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:51:53 GMT
x-content-type-options: nosniff
age: 154433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23641
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:41:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 19:51:53 GMT

GET
H3 200 B_Q3_5189_sw.jpg
s0.2mdn.net/sadbundle/6620325417265254417/ Frame 74A7 23 KB
23 KB 29ms
29ms Image
image/jpeg 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6620325417265254417/B_Q3_5189_sw.jpg

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7157aa7c4579db7103e9338385ec8644caba74337303b3a82f24520a0d68490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6620325417265254417/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:51:53 GMT
x-content-type-options: nosniff
age: 154433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23614
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 15:41:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 19:51:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E3E2 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=1353651628256477&bg=!FxSlFFDNAAYQgTJdMIE7ACkAdvg8WoG-XYZpkYUSC8fxLHsh2k2HPJmN8Qh3V9VAWhQUQ4OLbm2lLAIAAAOYUgAAAAJoAQcKAJUTBzFWNMQWgY16pt3MWoWXDbGkHDKTYIZmTu0UuLm1oqp46oXvVclfclypCozE9_wZ9eDMsolSeb4f1NjYpTDeNl2cOnUcBbpf2iUMmuE9ui40WQqHTP4pIhl1RmZkeqOq78q-m1mffBu73r_Jy5BjzAvbgYa6VFr5yjAopfruLe06F90arWfBzo9IycRBNEw-UfelapkCnK3hWNhIFnQmaPtIYvhf6bS70aaTxgPowenva5558R0Gq4aOPtr8JvjpLifbeG1sEI0qilHqTNEBB19QU2ew8pj-ADt9IHqXP730-c87_nThupOLNXya4S2-2cNZ_C77wd_lSfYrvr0YSilYpFl2yFz3nqWOIOjGs8JbPYcLvSEMOwyBF4-Y5HMB8dZ05WX03FP1erkOdrHe2nht6Qxga1B4guJwgDcLqhHCSeDmWY28iNCFNOZnjs60U0fIsiLdznuIk9vPW9bFQ9SkLqNIrAilfwp8IjWwWnh5iYyjfdMyyb93i8equqY_BN_VTOeTNa_5I4BjxPQET68hRm6QRSMHtV_TCEiDZaXIHTmzfJ5hQJjq9z6Lbntes2m9p0d6NGHZjXTn1XnudydGtM_NFMV0hV7q2iY28nMr-cxfyH-JlpBIkTTbiwFRDfJ3S_ycJ9PIUj2y0GGhUtEOjJ3q5JCMAOn1paQs3mU7UnDPFs34FwwtJK1U43n-rSlZyONnmV-Q22jSgtY0Zxzhhmi8KxI-eC5qVa6MUdh1e0C-dRMpXXBu2eMPB16m0uBnQDICpNO0pP63p4KfXAMxwzbuMEl5MJQYFx5OClio9_VV-afMP_Ypa2gTWQEvOePQLmRNTJVKKpijNNbKBYtpnjiFzzFi81IUwYVQA-lndsANVOjH7f_Vf4cCLpSP1cT__sW1KYkDktvsxQgZJ8yJKc-S6gls1fBRTdazkoJf4El723D2tL_qC6trSUy6N1SeKjIWKVBBNl-PrkMMKjRHM0RC49LXeiyIEn_4BJizvxaU1i7GvFZudjYMwQWf4puvQD2NtcI7Ra1DB6fy_TDTnHC2G7vKybGGaStLS1UGXHwCR211gvrplKKmToSjaHwW
Requested by: Host: utro.ru
URL: https://utro.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 07FE 0
127 B 14ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Sep 2022 14:45:46 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 arrowl43d2.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 953 B
980 B 22ms
22ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/arrowl43d2.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5eacb66f0acd853f018e20bb9423843ea7730844e65c72a73df30e229e267

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 953
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button1l7e6c.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 727 B
754 B 29ms
27ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button1l7e6c.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cebdf07b17721c086eeb3135a9367f97f17da9650cafd06f5b10e9d5eaff2315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 727
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button1_activelfc31.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 698 B
725 B 28ms
26ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button1_activelfc31.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

368a4c343dd077cc461d9b3c7226f187fc6e35940bb4747c0df8fcd9f79d2dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 698
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button2lf892.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 849 B
876 B 33ms
31ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button2lf892.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b1180a5d7ba4cba353b7db720d6d2ef11acfb0fbbd3eb14e84cafb941365cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 849
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button2_activeldb5c.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 824 B
851 B 34ms
31ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button2_activeldb5c.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f38c9c3cc013a00e4b6afe2322a99b203116aaf6ecdcff0ea5cbe0472a4e226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 824
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button3lddba.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 529 B
557 B 34ms
32ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button3lddba.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d86f3c3baecdbb9ce3be42bc9474af56136ea185412a8c7c6c396310059d75ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 529
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button3_activelc4c8.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 517 B
544 B 31ms
30ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button3_activelc4c8.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70be92e9b48e93df20fd4f071e3e4f16c83de8b83275c400fbe4277bd7cac296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 517
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button4leafb.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 667 B
694 B 32ms
30ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button4leafb.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b70d4870b01782d5ec190f549ced4164ecdf602684760f20b4821aef6e607cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 667
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button4_activel3dc8.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 640 B
667 B 32ms
30ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button4_activel3dc8.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cadfcaca4a9c47625fb8672234a17a72a7f3c1d1142ddd659bde24221d208c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 640
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button5lab86.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 795 B
822 B 32ms
30ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button5lab86.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b58c013d6c6e77c34ac7675e3179b568b8086b43e4083e8d6a4554ab80ac889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 795
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button5_activel266e.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 770 B
797 B 30ms
28ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button5_activel266e.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71970ab429bdaed0de1355bfabec79005912d77d19e02cae01dfb723c25262ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 770
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 button6l60ce.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 654 B
681 B 30ms
29ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button6l60ce.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fbc468e52116b00ba148221687c812cf4c4234a84349382a1b87bd9db59ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 02:20:44 GMT
x-content-type-options: nosniff
age: 44702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 654
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 30 Sep 2023 02:20:44 GMT

GET
H3 200 button6_activel30e9.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 633 B
662 B 33ms
32ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/button6_activel30e9.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87b33d5cedfcdde87d6fd8610c33eef870c860b4745bd3d0e977b9d47ef9954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 633
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H3 200 questionldd0f.png
s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/ Frame CA57 3 KB
3 KB 30ms
29ms Image
image/png 2a00:1450:400d:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/assets/questionldd0f.png

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30762a1a4fdf9a375400b0eb551a6bd3f6f64305d903ff9e25ee783da3ffdd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9795918958535114752/3522_mafo_ad_dv360_clark_mrec/index.html?e=69&leftOffset=0&topOffset=0&c=lt7HGTm7L1&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 16:32:18 GMT
x-content-type-options: nosniff
age: 166408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2967
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:07:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 16:32:18 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
877 B 56ms
55ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3195882;u=https%3A//utro.ru/;st=1664549143781;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=5c146e2fde3d91c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1664549142720/////195/196/196/196/325/257/325/387/454/389/1061/1061/1083/3861/3861/;ni=9.9//4g/0/0/;lvid=1664549143765%3A1664549146583%3A3%3A06feab92b64e0bc251865416e8b24e1a;opts=dl%2Cjst-gtag-ym-vk;visible=true;_=0.49769136211025256;e=RT/load;et=1664549146582

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
876 B 56ms
56ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2731601;u=https%3A//utro.ru/;st=1664549143781;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=5c146e2fde3d91c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1664549142720/////195/196/196/196/325/257/325/387/454/389/1061/1061/1083/3861/3861/;ni=9.9//4g/0/0/;lvid=1664549143765%3A1664549146583%3A4%3A06feab92b64e0bc251865416e8b24e1a;opts=sec%2Cdl%2Cjst-gtag-ym-vk;visible=true;_=0.6563707426560523;e=RT/load;et=1664549146582

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 62ms
62ms XHR
text/plain 146.185.195.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.195.94 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel23.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utro.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Fri, 30 Sep 2022 14:45:46 GMT
Server: nginx
Connection: keep-alive

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 987C 0
0 45ms
45ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=4366274836163851&bg=!EhGlEVXNAAYQgTJdMIE7ACkAdvg8Wt55GdnwjGCwyOD7D5MeUAyJ83Nj3-awkP_DauXJZI8OAJI7AAIAAAPNUgAAAAJoAQeZAq3xDLk4R5SV8f4zBiSCfKU0R2YJzCXG3oP0Q_WhPRiPHohS-M4w15lyCraVrdJQw047MXAuMOX2SZkS_ITFdAf9lcpm9pl4R-qSgioinmpVnaTCDNxEns_f5fcOFTVO0zJQeuchZpkAE2EyYoo7g9bMvGYbgHek1MJahaGc7yumK3wXm9DVf4V6oPFP5ZNQeIiFwJoeHX-tJaJZnAO6KghZgN7aNxE9YW6xAd9GQY31wQKRAGgSvB61B_77NLY8tVe0r_2zY56EeqEP_ZHqjxRApdpwVPYfFypGipQxlWgBQ9vpSkatkqUyDX61HjcmjCUW2kqzvXJqmsj2MdgZuXquW8cqs8KgkAr3yOcz7YVERU37QCahx9ukvufyq9OiE8QaCIYoaU_qCaD0kTq8FKr43POzaIf2hbeH7qiJ9SePZCVrC7s77F5AhOSCMXgKjDYnLKbqL_plAV2tsXD1tLPLlUx1L1S9uAZw7CSLejmvX3bYF2-Bhan5ZoyPKqFYAFjuCBVAINeCOvehbO8NOZDu9lI0Jh9lzXsgAo82JRKVfbG4hwOsIcm8YOj1dEYO3XA7jjsekESxOQismNSeuvpxJ4ZwivOSyW3KSPTB-AhuMp-FAEJGbTyonC2AVdE9YG9zMnlGSAn_Jy8HJVoKoZYBaGqhoOXM2QqL3wdQDtkrwHEHB4VAetp9uec-x3x1hpUu16j81c-Tre3HSJ1qY_mwOK-U2fiZXROPAG579dg-3r692k7rJEi1iGYR7z_9qUP9MXsVZLOmX7u6JwgseWWeEkjVNew_4RSdNfpEcrYzgEaMAJjeNUb1DkSTwP9CAoZ661HMr_dcefA1xz3ms7TnRfQm4Hdxdmcj004puVb6MrL5J0sINuHG93lfDqXqPxcOF7vsyak2JZ4CKCRk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B88 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 18:33:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B07 0
0 44ms
44ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=2885599302262370&bg=!V1SlVBDNAAYQgTJdMIE7ACkAdvg8WoXsoMJcbzsXHJ9pyZ0eo2U5Nhsgtg5v-w0Tptvd0GufClru_QIAAAN6UgAAAANoAQcKABbYrO2Un1lEyjsBt6UzBpVs9NvE45VxmQKpjyerA33dSfbw7-Sc-39_A_5_9-SIxFTDP2YDmXqBBNxFnVWxSABkbqTHTp5aL4Rk4_MrUWnJm9NsO1nWPTkq0_u17Y1oGUF-TdNffnlSpy-lSvLZMSeq-605kaom8-dSy7mgkFD2vDrgg0yfVYt0aT3QCr9pqp0a_513EjBZr9yeNQqmDGNbsXySI9h3-gwK7cLXxY54c1RrtAhG-aorfvMdqriztA5ja558_JFb_Pm1o8OfCZkKnhXfFOk13AUpQ2ggiTZHEaqJzQh5Xy4CS2vYenFwGJafsA87LrjGGWegXzHlVrey_sIUD-OEAQSQUyHyUs8sNKhDeTr6riPcQ6U4A-tBLB51wgDNdtdwUGJpy9OH340dbY6dTzy4zLzB2l5eoepljOp5-i4YaObUYpxSoMqQTh-bPPI4Gqy3vk67chhbjavvz2JiEi4D2-Fj3SnUGDYtu5Bn3roDOMDGxgZVTOryQJxw6G_2sk3HeIg2Bc167c9ZChMn2BKvHhNfvYodVLbcG_bdsNUTckGTUGkEPoSfOmaT4B6laup9tbL0D2BRZE8KgEK7kNOJ0c1bTWkFqE7-bvozu5WFWAO1rDjDR79tvItBOZNR6c596E0ia9jt1-ZWi5Aewn48WbbjthBJqCxcdRlXJg_r1IEOxTuqVHr7EHB7gCnj6V5Ur9lbm3kD1N2AiGsZtVoAJya72BsHkz7Br4Ewe_a6eA-6wIL-4mf8HvZ-pv1MU2MGdLymrgSYPWhL3KkND17-ccaRtToODjkIxeQSKaQAF9Z_sFUqQVFPNdyUfi4JfShK2KP0vxBau9st-0dzUYKFDsC3IcgJE63gOYUWw9FDpg_huQbS4PCsPmKR6_spHLpZv-6JF5n3R_QMiFb30fPeQP6aDRn8_lxypVfS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75EA 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQjZ6GAE3Y_HqLKOU9u8PzP2boAQAAAAAOAHgBAI&bg=!fn2lfTnNAAYQgTJdMIE7ACkAdvg8WvlXzcfE5ezRJQE6c4SQIXe3Z-6YnI58oLZf7D91w18cjy56HQIAAAFtUgAAAAJoAQcKAIrOWJru_VTHAwIj3TKNZ6Y2XtEU8i_S448NAIUhaE3SAO4u2qYBES0cNvGtrDqfp2iol4K4IHAMc6HsqQHz6GEMyoHrfMqvIwaq5MkElfoeokUQ1WF4o_mDJmvna9hihDzcbwOujm_gKjdDweYWcmbcd1NLjSiYJ6lojC2dwT_XNosuFJSX5T1gEreZAwP2KLth2lyHrXA8Vy7zUnfbyHBGnY-X4rBcj0gqBv6M1W9hbNRH7-bEdAx50EZJ8mSGcX2rkjOwS6Kr-BE_JiHjJP-nW060eTjJwgD6_-1KnbwvkYxgK3UvlSvDpHt_YB8lJAh9x4jcXUK4g2gvOI0InSkxKQuMBSg_TN-0ljTn_yF77B2XogYr2UBdjlxftJL_XvcDeS1I5NkIJtoKNaSONB8igFOsPA0b5RY-CH-XSy02x-fhl5ysTYnfbd8AI0l3OzfGNcvk9yCIGUMBhwCiB7j4RdF4iwwe1vgo8XH9Zv3hyXngPaO_Vc7H7AMn-UWAKJyJTZ_tb4uFAkDUuR8DFl-lGMDS_T9Hc87ebtDm_yRx9svnmKvxGZJTwjf8-6-Zf0vBdCH7fWA4w8fnU77u7BM-Fze_MqInXi1RjH7vc7p0-pM2zNn39mvZcWwIUarJQbJlmZkYihafDg66ug9lWFlSJKElglAR_Nmg4KSpXKcHzmyxQeZBakTuXidC8nb5lz39NVeAwTyd5gIqaREaMKSR9yObqFHvegeSq0T8p0Qcfu5Xuvx4tIykxptgunkus9vqb3FEYd30uOb29pek3S4AOfIAD6xOhxO__vmKTsUfz5opwpbYctesMOElcHFZzTQDslHfIYnzQo8bPeQ2Z605k25BkISVrKI-fn9y-F_r1GIhTN7KFugNiTmHmW5nThYR0hKH0bGp6VmvAuXVrBosxg64bMWQa2NE54tMt4ywTle2j4McUswHSiX5GUu2qmyScx9bXMlvDYN5jABNd7WfaiW39F-QMFnu527WpdmltuHXRcyOFmYaSC-Jc4hDHvNgb41LsAKHtcZZvwMHSDU8ucCKyFg133RIwc5XpODmB299bJ0MoVg5vKcabhr7yzovj4H8VmHy-vfYxMjxoQVIujDi7DfCjk9lTOeAmrQ_iseC6yxLzy-csk1g5MPq9TVK71LNTwXq9PBN5W9UQ4W5JfUy7-_Uh3Ums7AJ6z0psyOtE7nHPLd826H5qTMHBKo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FDB 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWpHLGQE3Y7yxEKuK9u8PmPKzmAcAAAAAOAHgBAI&bg=!SkmlSQ3NAAYQgTJdMIE7ACkAdvg8Wp_C4ZjgK7GP65iaUxXwAH2F1Dg5z9CCVAkGezZ-sIqwl93uzQIAAADIUgAAAAJoAQeZA0OowtJAALXFv8XTBU9k0KdoWdSwdrkinKhvZVMUOE3jMrBUIj5qOy_7hKgCIO8_5KNnFzYHr4s-ySki1_RynqPDu6WzbPq-zzy1TFcugLJP6f6QcoD8CtZp8fVDRPXT5dLGdbVBx6cu8zPAZ2kZd-iOtYktZaT5eAckoCR3BmqO3JBVyWRzcPza024PWSD8HTZN1sri7QpUS4AjjpxV8Ns86VK6NaSYqDAqw2IJPlyUOkBCVgt0L6PP_f3kPHF8HzxSRDATZ4XksjwMVyEot6uvDYHYdMB_IDsZoGkvkPVOqNIJ1Fhji_jAMy3htZOlCqcXXjmIRtNdKDHzW4UAKEyjmaM49bwfk-ICUb-eJPKnvw6K-T_QHqj0MytaMhOTrmdSSkPn1KaAdfsmhthm4ZjtWDRPNMA5IiONKcVASO1asrurbhzA7AEAOq-YPpMxW0R8oseNyaydigD2BZEgOUEFpRFCq-RaUBDnRbRMjNuRzHxW63o9FQwHl0-FruJYce8Nf31FOl-aK9DbUULHBl9OMu80ZYchESr9ErV2JIGp80ka9qqptOMTxQ_PMT-N-YBf1tJ5cTF-JxyXpgBM-5vkqASlkNN_RYJiKvOw9H5fFd4VfpyyGERLv9mucyQxjnjLz2pi1YTzjndVC2pFkAyp8acspo9OfkT5_MTuJE8sNVNyX6jpvTrVcqFRtu6hirJPA0v2lXHKSPSUcTTodnNrDbdkxgLg49gxWIEMLAMzyetQ1Zq6wHBgdGjXL6XMp-MY8J_6VndgorOoLYUTBzJbcIMVrjN0Z0OtP9p0eaet87wAwL2MDeX-W5EC3ARslPTZ3swv9DHGRDUnE3EluBLgfF4xFt5-nU9WN8E1H7I7fLc0oYGu2HNhEUEpO7spHs7bjWna1kUrkwQDhsEErpAlVknNv540o6cIuTg89fz5L586wQeBQXrcquEQPVMMX6DLI4jHqM8rsei7lfUNkp5J29m1LdW9oVg7yDM5zGDHYFs4E9rwyTzJ0kjhV5ZhwbOjy81aoSWRA2-DmXrF3_A-1usX-gO7qJHAWLUXlIyIOfFiPtCm5jrzLwrE1_5nKVbIa9xE7XHJ10wl2INaHs4Yc1K0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 02E1 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQPPK35_50HSv7VGOPuegShXJbMWFekDExvu-qfqiH6XQEGsHleulQbWEqfCaDEDFZJOd4wfvujFDP3kQJ-ZvndkrseXuWd7urCLR6ROKu9SmigUu-SssNLNefofy_pJTn-4cJRQ&sai=AMfl-YTd_nkbqKBTMGHJ4G6z5jQBv44ncc-150pN0bTvsNlczKB8-JtYY5IlkrI4uvJEL8dQYp3J1oLxPPWFdQQbAYvm238ztlZc8CJ5xk2B8pxOe1whRDpbVvAP8LYIIzI&sig=Cg0ArKJSzBrQb6XsTibaEAE&cid=CAASJeRoM-DXfF7yN7dN2Pj61obuMBjKUi06FzlUOg8tChDnwqs4ms0&id=lidar2&mcvt=1000&p=83,300,173,1028&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4047511872&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664549145251&rpt=708&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F796 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=1743681486487374&bg=!wcKlwobNAAYQgTJdMIE7ACkAdvg8WuGFO-3YvnKY9tvJdnB3GI4IlTC10a2E3fqKlSE1frNL4i1XigIAAAJNUgAAAAJoAQeZAqdcofKfHYLCUwPCxG5FsP9J3pq3-YenBk2Hya4oaxFZdazht2xD5-nHqadXVCYhL9_KTE8unNEVr9mMEgUo6JButQHB5Y2vPybjQZS84xoUORPcdnz8UrL09UHeC611o8ZpC49Ki27xDRSwil8Oi60z_ZW3nGlmLkZHNX-Z6B31JfDnu-gRginXXAg1ef83IIALudGl9j-K7WnjgTxog9jvPHAze4H7YELs0b0YXapIoO0SyjxiNWPFuYU1njT497EZ5ChUsoLr_-2-Q-kNk5fgQ3LL7MNyH1AUXluEU5uPepEyJ8YyL8EF8JWlTjAWgD54-X2rVnZ6625vmLwbG2lkGnGj4oGeu-JrF7tuZrJ7ik4wsfc4xCge79zVbIE93gzDP5owNmm3fvqkmM4dz6_04ebhO6MYhnJGvLQKym89CH7P-1WJvEUPULoWyxTEiO5UhPQJN610HS1KxHzd_qcamw_uatmlmRID6KqKT1j2K4ojZK0dGJFXIJfxRLyruKiPpv87bH9kWkBd6pMJWhmlz2_1K0bPbot9ytKFZmyFdMZHAB3bubdeERRS7o6arNZQ8dKCxWr7nLyAfyOpsZWiBTTy_LNxH7c7Y3-a4ZS4UU-H3F8075Iqiuv54vsgep88O5OwiUN6V5pxGHRnUZgs__NxDzd9Soj7QfXJNFMcxDhFUhd-mdJS5lWJW3f4zAupXcyUVOo3G0kNfRM5XRCugBOCMT3aEhDdGwfMZ-aFuy8xjqZGwyoHiW6_e-fVF767jTOhE6FqhrkWF9tjpXCEyayeXweJm5TZr08C4t9mw4wVUhoCncylt35yaSGdobTRh_QlzA_ESIO80rb1yjB20DGOJzr4rGiOyg18wRVt-kA0zjM9pgdWD7BSDEz6WznP6LbHZ_uh
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 190E 0
0 46ms
46ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092601&jk=698392689564855&bg=!6-il6KzNAAYQgTJdMIE7ACkAdvg8WnqErTSFY4dB8KAU59Npf7Ow7lAYCOMhMFkDYdhApumeFzlHvAIAAAJ3UgAAAAFoAQeZArGZE0WPHUgdA-gzz3Fmyoi5SEZWdO9MocB64p_NTiiwbXCrMxgoWGrd5Xxhi5JnCOTdFutx1lNn5TLAzSaTofjrdhqlrXeYD3XIIZNU8MvOQjryRT4HHMC8dzMAn5dIKM1rOln23g_ZoSkfXxT15xcysESbthps-HAq0ESXeoySDMbW9hQQRoY_COmxkUcGmeLaulCWq4MReDBeMkSm0caBvXFBj1Ndso3j7oHnKu_KaR_sa7KxGjM1CyZS3xkFXNcuNZGLribMGMK9CoOxgaowQ8hqCfA1Wx16Dd67qtq75Y5-9P3CtGnLjnJJ7cMGrQVyqH_VzfLOi1M-GaljtAy_sYzpVldLEIsnkfCj0vT-LeaC0bfJSvrjRnf4LlNImBdv-EX37blS2doWBUmuEjXIJ1j22Zq2CyMiEyssVfRLnd26XjFvnRyvr3WaL0Xx7fmPXUL74ZmS9pwFJmxK3cxx6blBZCYl_tRtUSC-W2S-9HI00Uwk43zP6zTkKWpiDNAcXlX6TEieM8VxNdizLZb5HaiW8z3VsFzp-j0-4JpwXC_BQn7ffPVnhpjHdMg5aw6F3iPXK10jk0WQ2FZytXGhlZyc3uXPO1KDC4URzjjna_ySrZexGvk2j4Lp3T2M3UjmMtPyaRRXiUfKxQEFDqwUz_nMaCAnknDsIXEaG-XPLDbvBPQpEf4InG7nlHvRS8KvholoMPWs4N1h8OYPbz9cxNmOF4-NiujdeqJBxDsb2K7EHrEaPSYmoAnp9qkoZXUT1evtXj-bAylJdgrGA1tDyKatwXboqyDmrCznjkEwc_7Mfb2xB3ht69fYq6dxeytrAtsni3wDRIJA0eyo4iuGppS4-BrHw4RfvcqqhG2j-B7HTIBM70dIldav1i2wwCAoxvHVORoSz2YqwJrU0cVTaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 79ms
78ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=6057157c43f3e93f&pm=bmn&pxo=1A2kyxBnhhKIZae8FCynMJ5NEAIhqtVc257i8j4CKXnYrT19tMkzBHPn7VoDhRyctOkaPQ5zGko7ldowKzSuKGDw02gjQXPxThmycMnfm3GirQCtWW0ja9whgIfn5W6nddfyPvuXRHwveliaPmiyp-btlRT08xk8fD4nk_z-G_Ei0mQ%3D&p5=gfgmb&rand=sltpzm&sj=uQHqlcu9K-N_LlVNyb-G9VNXkdaabxym6Pa7ZsOuZKiAVFvW9c_TSDlIwsm_rA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjid&rqs=F5k30HHhBH8XATdjCNIDRXadIQsO2WYW&rtb-si=b&p2=gatl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 72ms
72ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmn&hash=93d45789a54cd997&duid=1664549144290028393&pxo=dxQr6PvF5m8nlXikJ8LlGtk3gS7Kdb88J69DaCQxKZSQs1CKWHXE6H-YZxXnCqHpQC7tRcMv3az6UqyDes3z8xubMlANNgik27Ghmiq_ofZjJkYrIx4e8lTcQaxC8v8Vnwhppn-gJTfGumA8UOLKNEVgExoCHAfZNDtCve4Iv24iFOs%3D&p5=gfgly&rand=mjhjiqi&sj=eX7xj4Bwznur_5OvHy7zjXWVM2IJByPzqO1jkHxGoqcrADQ-imHFGG1YUHrGTg%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjig&rqs=FymN4zJv5WAXATdjcRhZPYNjguh1OGZH&rtb-si=b&p2=gatj

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:47 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame DE54 105 KB
37 KB 51ms
51ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: utro.ru
URL: https://utro.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: a9ae38cff32c1a73
timing-allow-origin: *
expires: Mon, 03 Oct 2022 02:44:39 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame DE54 159 KB
56 KB 124ms
124ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1b3dfcfe97d043475a764d9c2f2072aa76cb46141e59eea505f16dd5bc8ab28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-df26"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57126
expires: Fri, 30 Sep 2022 15:45:48 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame DE54 403 B
729 B 71ms
71ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Futro.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0577e2d21dfa73de4172421c8c247ebbe79a0929e487a9bc615d3d38951e9060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame DE54 41 KB
15 KB 54ms
23ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 14:45:48 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame DE54
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HAE3Y-TvGLj0xgKh4oMw&r...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=354307...
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=3543072...

42 B
64 B

29ms
26ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=3543072035&ipr=y

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=114555398&crd=CJqqsQI&is_vtc=1&random=3543072035&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame DE54
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=HAE3Y-LxGIKX1wa_vYD4CQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=34260...
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=342607...

42 B
64 B

24ms
24ms

Image
image/gif

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=3426077701&ipr=y

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2023979350&crd=CJqqsQI&is_vtc=1&random=3426077701&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DE54 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1664549148442&cv=9&fst=1664549148442&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78da3560507e8d9c30fad1ba60e7dd4e847f04b2e50405733e6f67fff1e264a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DE54 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1664549148445&cv=9&fst=1664549148445&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ab8015cd82892bbad17705ea3b417d2a43c6549ca49844fc11d49e1083b47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DE54 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1664549148447&cv=9&fst=1664549148447&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf57dd5fdb346c941fe9cbe8f776e67eca77382bdf798b3ebf2f3c147d88345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DE54 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1664549148448&cv=9&fst=1664549148448&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fbde523d85a740ea8c4245ef66c7153dcad4fd6680d55b69208bcd42556be87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 35ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-FB1GYCCPFP&gtm=2oe9s0&_p=1062934480&cid=1210275934.1664549143&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664549143&sct=1&seg=0&dl=https%3A%2F%2Futro.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0%20%E2%80%93%20%D0%A3%D1%82%D1%80%D0%BE.%D1%80%D1%83%20%E2%80%93%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F&en=scroll&epn.percent_scrolled=90&_et=14
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FB1GYCCPFP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utro.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame DE54 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1664549148442&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=726652153&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame DE54 42 B
548 B 53ms
26ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1664549148442&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=726652153&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame DE54 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1664549148445&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=3683727834&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame DE54 42 B
108 B 53ms
27ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1664549148445&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=3683727834&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame DE54 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1664549148447&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=714386902&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame DE54 42 B
108 B 40ms
27ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1664549148447&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=714386902&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame DE54 256 B
351 B 65ms
65ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Futro.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aasbylctlprmpze3z6p9rs%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A416479448377%3Ahid%3A400238062%3Az%3A0%3Ai%3A20220930144548%3Aet%3A1664549149%3Ac%3A1%3Arn%3A206694935%3Arqn%3A1%3Au%3A1664549149357991454%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C43%2C1%2C0%2C0%2C%2C88%2C0%2C133%2C133%2C0%2C133%3Acpf%3A1%3Ans%3A1664549146329%3Ast%3A1664549149&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8d702af8ed85439f2f4bbca2bf32e0efb53d97c18693c67721b3f03e0f92b00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 30-Sep-2022 14:45:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:48 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame DE54 43 B
100 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 14:45:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Sep 2022 15:45:48 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame DE54 42 B
64 B 61ms
61ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1664549148448&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=2872777678&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame DE54 42 B
64 B 41ms
22ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1664549148448&cv=9&fst=1664546400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Futro.ru%2F&async=1&fmt=3&is_vtc=1&random=2872777678&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame DE54 439 B
470 B 66ms
66ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Futro.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aasbylctlprmpze3z6p9rs%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A2%3Adp%3A1%3Als%3A640490199657%3Ahid%3A400238062%3Az%3A0%3Ai%3A20220930144548%3Aet%3A1664549149%3Ac%3A1%3Arn%3A598410379%3Arqn%3A1%3Au%3A1664549149357991454%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C43%2C1%2C0%2C0%2C%2C88%2C0%2C133%2C133%2C0%2C133%3Acpf%3A1%3Ans%3A1664549146329%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664549149%3At%3A&t=gdpr(6)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

90048baa4ea031d22beb7bf4d2f6777b5242ab9899898c73dcbeec5e89c42fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 30-Sep-2022 14:45:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 14:45:48 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 79ms
79ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=b36c6a39591669d8&pm=bmq&pxo=MiFJ58uFDbpPGJL3upMweUyDYWKUi3FFslscXSHHXRGGIauUP8lP5P_uicGixGbpYrMWlxvyId9OPZqkUz5C-t8v7DZMlwhww-3OwuXwCGPwVPYjOnZwAYAO4aR5D3FLe440ldG5CoYQKwP8mgk8E35mM_xm_iKIhT5YHiZSTME4Fg%3D%3D&p5=gfgmc&rand=drjkyvg&sj=f89rIATjkiQfJAO1daK2Muf78K7pOFV5WyLrBRs6LF7VeBMvbLO-QSCEdhx0SA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjic&rqs=FymN4zJv5WAXATdj743_dPXU5IXeG3_B&rtb-si=b&p2=gatm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:48 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 67ms
66ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=4cddfd215c01e032&pm=bmq&pxo=c387wGdKFDgBYU1F5fLFga-UR2kcWT-OWmfBZheucPiSdKF0rDIs8Y0oW_XX9UCzbrlD8ieqg2zLmOHJifVYVSmwEX31R70ure56W1V7A91Envod4KVWKGONKdq_AomziLgyxMKcvNIzFP4HKpGD-ebhfPrmvEeQ285JHmHCFGM9ZQ%3D%3D&p5=gfgme&rand=ioktedb&sj=zqJ_0LGyFxNx5FrQnEeUUkcU1Igt5Y2vGNsd0TtV6eVhpmPPZ45gYGKWGQ83-A%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjif&rqs=F9VT1eKpIHwXATdjPjBgyd3UeMf5ryYO&rtb-si=b&p2=gato

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:48 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
66 B 68ms
68ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=2a2436be3a8fdbf4&pm=bmq&pxo=1A2kyxBnhhKIZae8FCynMJ5NEAIhqtVc257i8j4CKXnYrT19tMkzBHPn7VoDhRyctOkaPQ5zGko7ldowKzSuKGDw02gjQXPxThmycMnfm3GirQCtWW0ja9whgIfn5W6nddfyPvuXRHwveliaPmiyp-btlRT08xk8fD4nk_z-G_Ei0mQ%3D&p5=gfgmb&rand=jxwrkov&sj=uQHqlcu9K-N_LlVNyb-G9VNXkdaabxym6Pa7ZsOuZKiAVFvW9c_TSDlIwsm_rA%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjid&rqs=F5k30HHhBH8XATdjCNIDRXadIQsO2WYW&rtb-si=b&p2=gatl

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 89ms
89ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?hash=78379e3f980cb74c&pm=bmq&pxo=M4o7pHXr4_8EGL-iUXpqEQrC-MncfUPfzY0DuxTaPo3YnlKjv9QPd6zLMf7DoqpLn5hsxyHDMZBZuEo5SMemb-xa1RbOCFRLc8i8MFY6hpIhmTl3eJ7ZyHuHoFzYDeN7bQZHq36OXE_YqbdsEw76BuFqM9cgY1lSCJBPg79YhXcpVA%3D%3D&p5=gfgma&rand=lcikrzo&sj=HFebaII-_MfrIjFnRJlmjgGlhEr5SFU-cDzEnhiOaisyuYpFuyJi_RfKiqFj&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjii&rqs=FxW3Z7xqMQoXATdjNi7gH--nw7RLJeYz&rtb-si=b&p2=gatq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 204
No Content a
ingestion.contentinsights.com/ 0
88 B 31ms
30ms Image
text/plain 52.209.182.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ingestion.contentinsights.com/a?d=https%3A%2F%2Futro.ru%2F&f=1401&b=&u=1664549143723.661190500.6419448&ul=1664549143723.489414596.840269&at=5&ar=5&ts=1664549149&seq=1&x=0.11723623147345696&err=1&ver=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.182.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-182-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 30 Sep 2022 14:45:49 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 80ms
77ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmq&hash=6dc02f55b0019719&duid=1664549144290028393&pxo=dxQr6PvF5m8nlXikJ8LlGtk3gS7Kdb88J69DaCQxKZSQs1CKWHXE6H-YZxXnCqHpQC7tRcMv3az6UqyDes3z8xubMlANNgik27Ghmiq_ofZjJkYrIx4e8lTcQaxC8v8Vnwhppn-gJTfGumA8UOLKNEVgExoCHAfZNDtCve4Iv24iFOs%3D&p5=gfgly&rand=jqxifjb&sj=eX7xj4Bwznur_5OvHy7zjXWVM2IJByPzqO1jkHxGoqcrADQ-imHFGG1YUHrGTg%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjig&rqs=FymN4zJv5WAXATdjcRhZPYNjguh1OGZH&rtb-si=b&p2=gatj

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/275069/ 0
18 B 71ms
68ms Image
text/plain 2a02:6b8::1be
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/275069/event?pm=bmq&hash=def5239ed5ef94cc&duid=1664549144290028393&pxo=wGv6s1RenjSII4nbx3DPhPBRar4aERCl82T6WaiGQX1BRh9zLn-91JG5fPw6BCQhGUimZnbnaqZUcUGXJxzMeZsgod4XFQAvihMA6ICbBUwEGMNlxzkSfefxWYtULlx3yjtzdF5vC5d61nb0WQSnZUBwNM3Kr1ai0yRhGzWRx-N0Zg%3D%3D&p5=gfglz&rand=ilslvhz&sj=K2UWbGvrwF7NB0AMPTVVAsDSpcxfMVM8TUsSd_nnRyso1RWR1MjzO0LD_9ZPhQ%3D%3D&ad-session-id=2972861664549143580&utg=oxum&lts=fkcnuux&ytt=3300146675717&ybv=0.659462&ylv=0.659462&dl=https%3A%2F%2Futro.ru%2F&pr=bcecblu&p1=cbjih&rqs=FymN4zJv5WAXATdjwRRYiYi-fYqtCFCQ&rtb-si=b&p2=gatp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://utro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 14:45:49 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 14:45:49 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adfox-c2s-ams.creativecdn.com
URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb-e_S-azkR8ebXsrPO4yq7fjvSG-UPH-T4MbgYnMAks0HWx9fsCUITvjT_JtCps68jGnflM_KfZH1J5YFwvzNZHIqP7C-B91W5xFqX3ed4lhlkbmF&sig=Cg0ArKJSzE-Ou8sVe95SEAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220928&bin=7&avms=ns&bs=0,0&mc=0&vu=1&app=0&itpl=19&adk=1553764888&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=2&r=b&rst=1664549145202&ec=0&wmsd=2

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:23:55	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:23:55	Name: pcs3 Value: 1
.utro.ru/	1970-01-20 15:58:29	Name: _ga_FB1GYCCPFP Value: GS1.1.1664549143.1.0.1664549143.0.0.0
.utro.ru/	1970-01-20 15:58:29	Name: _ga Value: GA1.1.1210275934.1664549143
.exchange.buzzoola.com/	1970-01-20 07:05:41	Name: uuid Value: 3e8724bc-176a-47a1-5611-170520cd7481
.rambler.ru/	1970-01-20 15:58:29	Name: ruid Value: 1CIAABcBN2PtY32FAVZYwgB=
.betweendigital.com/	1970-01-20 15:08:05	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:08:05	Name: tuuid Value: 6b4a84eb-d275-5211-a70d-2d08c43a2c1f
.betweendigital.com/	1970-01-20 15:08:05	Name: ss Value: 1
.betweendigital.com/	1970-01-20 15:08:05	Name: unm Value: 1
.exchange.buzzoola.com/	1970-01-20 06:42:38	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.yadro.ru/	1970-01-20 15:07:01	Name: FTID Value: 1ZDm4N0tyQOP1ZDm4N0025l1
.utro.ru/	1970-01-20 15:58:29	Name: __utma Value: 143070705.1210275934.1664549143.1664549144.1664549144.1
.utro.ru/	1969-12-31 23:59:59	Name: __utmc Value: 143070705
.utro.ru/	1970-01-20 10:45:17	Name: __utmz Value: 143070705.1664549144.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.utro.ru/	1970-01-20 06:22:29	Name: __utmt Value: 1
.utro.ru/	1970-01-20 06:22:30	Name: __utmb Value: 143070705.1.10.1664549144
utro.ru/	1970-01-20 06:22:30	Name: _ain_cid Value: 1664549143723.661190500.6419448
utro.ru/	1970-01-20 15:58:29	Name: _ain_uid Value: 1664549143723.489414596.840269
.utro.ru/	1970-01-20 15:08:05	Name: adtech_uid Value: 508818d4-76c5-4eb7-9c44-8ca26c81877f%3Autro.ru
.utro.ru/	1970-01-20 15:08:05	Name: top100_id Value: t1.-1.2088518707.1664549143743
.utro.ru/	1970-01-20 15:58:29	Name: last_visit Value: 1664549143746%3A%3A1664549143746
.utro.ru/	1970-01-20 15:08:05	Name: t3_sid_NaN Value: s1.179925272.1664549143745.1664549143748.1.1.1.1
.utro.ru/	1970-01-20 14:22:00	Name: tmr_lvid Value: 06feab92b64e0bc251865416e8b24e1a
.utro.ru/	1970-01-20 14:22:00	Name: tmr_lvidTS Value: 1664549143765
.yadro.ru/	1970-01-20 15:07:01	Name: VID Value: 1QmxCi1AsnOP1ZDm4N002Rls
.criteo.com/	1970-01-20 15:44:05	Name: uid Value: 2f0dced2-4ed0-4509-9878-14cb72cd5f5b
.utro.ru/	1970-01-20 15:08:05	Name: _ym_uid Value: 1664549144290028393
.utro.ru/	1970-01-20 15:08:05	Name: _ym_d Value: 1664549144
utro.ru/	1969-12-31 23:59:59	Name: _grf_vis Value: 1
.utro.ru/	1970-01-20 15:44:05	Name: cto_bundle Value: 74D_I19URmM5UkZEcVZxVklGaEVCVDdMcnhzbEdQZSUyRnlmUXFsbyUyQlJhdDBqSDRQeWdUNnROaiUyRjBhMU5jdElGU1FsSVVaYVpoVGgyNWhSNDFUbGJudSUyQiUyRkFwb0wyRVF3TGdKSDNqR1d2WmhBNjU4UjNjTEdlJTJCaUppVkJmekQ3M2JiZ0NzZCUyQnEyck5EVyUyRiUyRll6RSUyQjZsazA1N3RWdyUzRCUzRA
.utro.ru/	1970-01-20 06:23:41	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 06:22:29	Name: sync_cookie_csrf Value: 3434093210fake
.mc.yandex.ru/	1970-01-20 06:22:29	Name: sync_cookie_csrf Value: 2524115877fake
.relap.io/	1970-01-20 15:58:29	Name: fsts Value: 1664549144
.relap.io/	1970-01-20 15:58:29	Name: lsts Value: 1664549144
.relap.io/	1970-01-20 06:42:38	Name: rlprp Value: p2XfIg--8c79a78877f50fb8638a757235a3b0fafc9bf653c5fae5ff3f1f5b434981c90f
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.relap.io/	1970-01-20 15:58:29	Name: unique Value: QYEw4t16
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 0d98ff24c3ba3371dbb43f536fd1750b808c5c06--d47de9acfbd2cc43afdba14c4bf8a92aa2d2a9c1b22e55753b55101ff99db0b7
.yandex.com/	1970-01-20 15:08:05	Name: yandexuid Value: 8944335651664549143
.yandex.com/	1970-01-20 15:08:05	Name: yuidss Value: 8944335651664549143
.mc.yandex.com/	1970-01-20 06:23:55	Name: sync_cookie_ok Value: synced
.giraff.io/	1970-01-20 15:08:05	Name: gid Value: XDVA+GM3ARiTHS62luo5Ag==
utro.ru/	1970-01-20 15:08:05	Name: _grf_uid Value: 984535489
utro.ru/	1970-01-20 06:23:55	Name: _grf_cm Value: 1
.yandex.ru/	1970-01-20 15:58:29	Name: yandexuid Value: 6982109061664549143
.stat.media/	1970-01-20 15:08:05	Name: _sm_uid Value: 3886c3cf-6da2-4b64-a06c-7b4177c71bef
.stat.media/	1970-01-20 15:08:05	Name: _sm_udt Value: 1664549144214
.stat.media/	1970-01-20 06:22:30	Name: _sm_sid Value: 1085ccdc-bc0f-40ee-82bc-ee9ce7b2d130
.stat.media/	1970-01-20 07:05:41	Name: _sm_cm Value: 6
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2156927341664549144
.yandex.com/	1970-01-20 15:58:29	Name: i Value: YVwjj/NZhW5T4WYEneBexhRF77q6AhTkZHN2uyztGheXXe6L2a1g8qt9cbcrIsTSTxBgy0BEMfGwYypFl7xBMUEFvYc=
.yandex.ru/	1970-01-20 15:58:29	Name: i Value: KrlME8ld8pw+godnSWBDliuyXk/y93hjXZvVxjSeVpZXO2AhYDLsUVrcBqCDrzQZEdhvmdK1Dws3rbwnmRCtIv//pgc=
.relap.io/	1970-01-20 06:23:55	Name: hllc Value: 2
.relap.io/	1970-01-20 15:08:05	Name: rlpagcs_2 Value: 1664549144:CMAA4_cv_6SqySyG9_tYHANQ==
.gnezdo.ru/	1970-01-20 15:58:29	Name: uid Value: XV9maWM3ARg6ZoY2ejK8Ag==
.vk.com/	1970-01-20 15:15:38	Name: remixlang Value: 6
.vk.com/	1970-01-20 15:08:05	Name: remixstlid Value: 9121418455740465324_q2XrjdTJbuMHm5QtPVZiavuHNq9DZzC83eg6XMjXpIT
.yandex.com/	1970-01-20 15:08:05	Name: ymex Value: 1696085144.yrts.1664549144#1696085144.yrtsi.1664549144
.betweendigital.com/	1970-01-20 15:08:05	Name: ut Value: YzcBGAAFtPAfsag3Kiy2LO2aQukrDut4rTd0xQ==
.uuidksinc.net/	1970-01-20 15:08:05	Name: jcsuuid Value: lngFpDkaLcV2izGDovXP
.utro.ru/	1970-01-20 06:22:30	Name: _ym_visorc Value: b
.directadvert.ru/	1970-01-20 15:08:05	Name: nid Value: Xkvqc2M3ARgcGnpuk1HeAg==
.smi2.ru/	1970-01-20 15:08:05	Name: _sm_uid Value: 3886c3cf-6da2-4b64-a06c-7b4177c71bef
.smi2.ru/	1970-01-20 15:08:05	Name: _sm_udt Value: 1664549144214
.smi2.ru/	1970-01-20 06:22:30	Name: _sm_sid Value: 1085ccdc-bc0f-40ee-82bc-ee9ce7b2d130
.relap.mail.ru/	1970-01-20 15:58:29	Name: unique Value: UAcYsCoA
.relap.mail.ru/	1970-01-20 15:58:29	Name: fsts Value: 1664549144
.relap.mail.ru/	1970-01-20 15:58:29	Name: lsts Value: 1664549144
.relap.mail.ru/	1969-12-31 23:59:59	Name: suid Value: 6d8d7f6ced4600ce73176fddb7373cfd13747111--1fcef8cbfe2565985f10bc0a25401794225b06dcb74c5047f9ababdca9abdc63
.relap.mail.ru/	1970-01-20 06:23:55	Name: hllc Value: 1
dmpprof.com/	1970-01-20 06:23:12	Name: nmatch Value: 17_984535489
dmpprof.com/	1970-01-20 15:58:29	Name: uid Value: 8b9fa695-a1fb-4445-b7bc-411cc57e801c
.relap.io/	1970-01-20 15:08:05	Name: rlpgnzd_2 Value: 1664549144:XV9maWM3ARg6ZoY2ejK8Ag%3D%3D
.casalemedia.com/	1970-01-20 15:08:05	Name: CMID Value: YzcBGM6U0yihWtXkIrlWbAAA
.casalemedia.com/	1970-01-20 08:32:05	Name: CMPS Value: 1198
.casalemedia.com/	1970-01-20 08:32:05	Name: CMPRO Value: 1198
.adnxs.com/	1970-01-20 08:32:05	Name: uuid2 Value: 7838940759678969120
.doubleclick.net/	1970-01-20 15:44:05	Name: IDE Value: AHWqTUm9qNSQKVOsA_90MeUyN10R7rt51xyxH8UwqiLy_twK5B7VKkRtFuR7mFsCZU0
.utro.ru/	1970-01-20 15:44:05	Name: __gads Value: ID=0c6d4ee9d3f6c9a5:T=1664549144:S=ALNI_MZMVIu5w0GStxCh8o1e0cn-KHos1g
.adnxs.com/	1970-01-20 08:32:05	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU^EbNG*!A#FX.TOKKnyW<U1`VROYQM-:PWPN[EzPU8a[SDZa%O2=KBA2nITF97ZI9Xj/X%W#.wL4W1Qw0oSZMLl
.casalemedia.com/	1970-01-20 08:32:05	Name: CMTS Value: 5126
.travelaudience.com/	1970-01-20 15:51:17	Name: _tracker Value: %7B%22UUID%22%3A%2285FDBF7B-CB2E-45ED-B657-60DCBE5C0A0D%22%7D
.adfarm1.adition.com/	1970-01-20 08:32:05	Name: UserID1 Value: 7149184140388530315
.simpli.fi/	1970-01-20 15:09:31	Name: suid Value: BE40E468A434473CAECAF18744D3EB90
.360yield.com/	1970-01-20 08:32:05	Name: tuuid Value: d9e8ca22-e221-4405-8f2d-9064b5f5e3e3
.360yield.com/	1970-01-20 08:32:05	Name: tuuid_lu Value: 1664549145
.yahoo.com/	1970-01-20 15:08:26	Name: A3 Value: d=AQABBBoBN2MCEGb0ZMKSc7-DGhTAqzZqsScFEgEBAQFSOGNAYwAAAAAA_eMAAA&S=AQAAAsyBqHfK4Z85Mk7F1yIZYX8
.mathtag.com/	1970-01-20 15:48:24	Name: uuid Value: 73b46337-0119-4a00-bae4-ce95c44e2605
.mathtag.com/	1970-01-20 07:05:41	Name: mt_mop Value: 4:1664549145
.de17a.com/	1970-01-20 15:00:53	Name: guid Value: 1.5326206496034528527
.turn.com/	1970-01-20 10:41:41	Name: uid Value: 3330029054902153843
.analytics.yahoo.com/	1970-01-20 15:08:05	Name: IDSYNC Value: 18yx~27ge
.utro.ru/	1970-01-20 14:22:00	Name: tmr_reqNum Value: 4
.mail.ru/	1970-01-20 15:09:31	Name: VID Value: 33tAjl3K2PIC00000h1ML4IC:::0-0-0-85159d7:CAASEJzxuBZv-OVUL6Pqrabs7DMaYFyynVEuTjrqqu4-_OLw7yc1fTojHhg3RLvUQQd9SV5JFJSqCQ1JeQVq32Gbpg9WBzOMuki-6kI5xvIn1UwlzjI3RGfuR77K5ncgjo9zG5VK0JZOWvx0tq3m_s4wTS8CVQ
utro.ru/	1970-01-20 06:23:55	Name: tmr_detect Value: 0%7C1664549146649
.yandex.ru/	1970-01-20 15:58:29	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 15:58:29	Name: is_gdpr_b Value: CPe0cBD5jAEYAQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: https://utro.ru/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 11) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

295b4b348b26301a594661e37e0cb2f4.safeframe.googlesyndication.com
305de2aadcfdcbdd7e7c05b345a3db2e.safeframe.googlesyndication.com
3fb007b192c8c7ea732bc7d28bd29ed5.safeframe.googlesyndication.com
657491b7739d207b4fd2ce1335134129.safeframe.googlesyndication.com
a.giraff.io
a1536ed4ffc9e2b1b5ac5645960ea5d4.safeframe.googlesyndication.com
ad.mail.ru
ad.turn.com
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.eu.criteo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
b543a7a960ea9565d4f718529d7c80a7.safeframe.googlesyndication.com
bidder.criteo.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.p.altergeo.ru
code.directadvert.ru
code.giraff.io
connect.ok.ru
counter.rambler.ru
counter.yadro.ru
csm.eu.criteo.net
d5p.de17a.com
d7d3cf2e81d293050033-3dfc0615b0fd7b49143049256703bfce.ssl.cf1.rackcdn.com
data.giraff.io
dmpprof.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
ec7f9507b5a00173e9add18d0284df58.safeframe.googlesyndication.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ia-dmp.com
ib.adnxs.com
ingestion.contentinsights.com
kraken.rambler.ru
likemore-go.imgsmail.ru
match.360yield.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
moevideo.biz
mug.criteo.com
pagead2.googlesyndication.com
pics.utro.ru
pix.eu.criteo.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
r.turn.com
region1.google-analytics.com
relap.io
relap.mail.ru
rtb.nl.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.relap.io
s.uuidksinc.net
s0.2mdn.net
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssl.google-analytics.com
ssp.adriver.ru
stat.media
static.criteo.net
statmedia.ru
sync.mathtag.com
sync.teads.tv
target.smi2.net
top-fwz1.mail.ru
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
utro.ru
vk.com
www.giraff.io
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
z.cdn.adtarget.me
adfox-c2s-ams.creativecdn.com
pagead2.googlesyndication.com
104.111.242.245
104.18.18.126
138.201.139.144
142.250.180.194
146.185.195.90
146.185.195.94
172.217.19.98
172.217.23.98
178.250.0.157
178.250.0.165
178.250.2.135
178.250.2.148
178.250.2.150
18.156.0.31
185.26.97.53
185.29.132.241
188.42.191.196
195.209.111.19
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
212.32.253.229
213.155.156.184
217.20.152.207
217.69.139.14
23.35.236.143
2600:9000:2057:e800:1b:5138:8a40:93a1
2600:9000:214f:f800:1e:a43d:b640:93a1
2606:4700:10::6816:4f7b
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400d:807::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80c::2006
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::1c
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.220.27.134
35.190.0.66
35.204.158.49
35.227.252.103
37.252.172.250
52.209.182.146
54.194.97.68
66.155.71.150
69.173.144.165
81.19.89.16
82.148.14.194
82.202.225.240
85.114.159.118
85.192.12.173
87.240.129.133
88.198.31.232
88.212.201.204
88.212.218.22
92.223.106.22
92.223.99.99
92.53.64.248
93.95.102.105
94.75.234.115
95.163.37.253
95.163.52.67
95.168.170.7
95.213.212.85
0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
032f0d3cd6963f2d3d5c26e8decd6bb97185cdb8264cb19446e8e49250edeb4b
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
045e1917bb843590df1389b1c264246e749f307b1be84cef6e5213545cafa2ce
0577e2d21dfa73de4172421c8c247ebbe79a0929e487a9bc615d3d38951e9060
06c907d04bd419016aef9d4a3a1b5b80f7c15a6a23aedc5035055eca6cc839c2
07dfe967094683a20ef877b702ef747c628b5cc9aed74971a1741bd51672e5e7
07faabe387353b0296c359d78b6ac2eb57d41bbed4b5127c8bc4b6b36a971a87
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b1180a5d7ba4cba353b7db720d6d2ef11acfb0fbbd3eb14e84cafb941365cb
0a577305667e4f77941988707fb29528c3f5a616f264e83d0ae3064c411a635f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0baca6809327a741c1f7b8b3d61e6beaf22ef62308edc8f9d355edefc9778b54
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd315e0ffa8a3acccc6a21e70dccb56bfbf6e436883a7004c35891613ada105
0defd00c3eed246b92206f8c32b116156c1041af1d505bad184d009b03b85ce6
0e57db729289a801356711dba36f8e32f1a36758337cd1c797e3f6641f2e4e50
0ea50a18b3de7d6f22ed1ec6d01279d11a222f439240b0f0163d6f4816b798ba
1099ec07c289ebd84f0514d6e20321df20cb388797ca17e78000bd5678d793d7
1125e2a750a1f63ea7f7d224e66e0f28d0be925bd35036f32c91b0c6e3fb5ef9
11b41a5191e2d4752ae807a610fc04b6413616224f09f44406b7ddfe0ca09282
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13dc84933e4d797b46f63df140ac0238a00a0b2b866c0769e9f39d94fb5976bc
140c5efdf2be3d7bc8e640c2feab36114e381c304867df45bc7dd5d32e51a1b2
165bfa5cef957cafcef9ff654e0f07a81196c10434659beb0c7d2d0915891675
176bde02f666f3f8bb9281f1ff2e92f86f95af0b71986426b27ab9ab65251d83
18155f97f6c738c2a37009c895f85f7691d8f84bdd6e376009505c2393832c34
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19299445b63c280051c6677eabb013cbd94dc198fdd427c540eda90518a8ec98
19a5e22991a4443ea1f845fd0a93ec0d1dba0ac9d2b8578d6fbcd790f245cd2e
1a4d3b7a46538b2b7c0cf06add2173a15f2133a118b9ac2674cdb9f82957c2ae
1b3dfcfe97d043475a764d9c2f2072aa76cb46141e59eea505f16dd5bc8ab28e
1bb217e28c3c2d32e06778d6fe75781bc42ccc40ab03f9ca462d38bb7539ef47
1cfe4f6fd49b85b9d410cd2e1482f17dbbb8cee4fb8173396555b7244d82a9f1
1d3cbf52ac7ca71ab8e167e79e101914061dee9ac497d540e7c7e192dff1a3d5
1dfbb2a9ac43046fc615e83658069ae902f7e9db822aaf0b1d7015164bd13f1a
1fc2732dd1f029e71c6bfca78c04850e0d5a9d0cf81576d70b17a8d7ff554d06
2001cccc51bff71df4be675d0021987dd7d2e8dde052676c8816299485d2b9c3
209960f229774ce962a5d507297686ce7632f821e1444d35438e3a04d045820d
20a4a9f316a0481ab3565f4d53c0e88576678635285c3448182595984615f94b
21350d45dcda28b711f8cc5d96b4be02ca6784a55258059e961a5e37d79d2d40
23978cfea44102f0b0169ca0012b5e3f94bb6cc1f373607f27906b4865a43a4d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25fc06689ea59b051bc19a50b5a1eb5cef9793b301f5a55ec76b892d232c3452
272c8c229749a60d3f58078c46857df83f77f1b258495d699a7deb52cd7e8455
2748db3da3f1cb52153bc9c8ef29f4d17273fb0651e79b516cbbedf360be78b6
2ab5af1eced8600677497aea39fe6549565546768887337642b4d565a590f320
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
2c5f0109b2b7851cc6a9f7c2ef41c9e31be6e8ec4cf2fb64b1d78143f606d78b
2cd18a996bbe88977783eaf37d40c9b531344b2dd21a304f84dffd60ca227114
2d3094584b53b793f7423681a7fec10e7b1bd61ae300f194796d5898b4ac4c7e
2d5c7ee64095341f6a8bb1ec483afeee919abf5262ebce1a2b222857c74fb11f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2fbc468e52116b00ba148221687c812cf4c4234a84349382a1b87bd9db59ff23
30762a1a4fdf9a375400b0eb551a6bd3f6f64305d903ff9e25ee783da3ffdd45
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
347fff02aac4f7feec3b2b50561d77d1cc58ddd3e6bdae8796cd33c99b93d127
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34c9ee51c2dd7fafb4df5f5e0bbb0a2a3508db0692f97b90b44ab89a50a545ef
35280fed87ea7d6b0d895639b5bcc42063ea5b1c5cb4e91ab0c077854ab6b784
357f401c5a50a01c8933002dbf034a79ccfae7889aad12798e0e2e6a7f279d00
35e4d9158070db2da5cb8344c5e08062ada4fd8ff180f4365df41da520109a5c
368a4c343dd077cc461d9b3c7226f187fc6e35940bb4747c0df8fcd9f79d2dd4
3693dee0d553cf0326ac360cea598bb69bf17c900aa87338c3bcca9a783a0948
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5
39586c33e0bfa9e64d4f23e85774bd379650f516c53fde520694d3f76a283124
3a9d0a0301ac6e05a965a4704a05b83e9de4944d009730f2381961ff118335d7
3d2975e1128609a08e08d2160c655f0a56f56a384ed64d11a97674d86cfb103e
3d33f2a9e0c589b5aa9d9c2691dfa2c5f224008b5ad45722514fa4307195f04d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4401aeae8ced32f3503b820eda4fb6bec9cc703ef9a1a42a817fae255f34e716
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d69244ec95ec482df0f4b9ef44ee9a983e1d19c49b660d3b19966cf0b0615f
49424dfe4de89501495887c5a5d6fb991a2fde53fb48433f853859b98465f7c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4d11f725724ffbbd271ab97642636a1e29088d30191bea531d8a2f73f15fd3a4
4d15f8288f97ca5ab9615106e2fb9655e268e2bb1584fd0db4ae5468f6e1fc24
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1bc15effb89761955df18dcdd13d0e00a8d1686944a5ca47473e16c81ab189
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508d6278c96f3db92e59e738df47c13bbf9dec8c7291397c21df350fe02846f2
53e556420cd73a5d8582331da712466c21c5fe9b46931736691f7560730a83a0
543a8b02938856a455b3643dba07de557cb9a5f036748ef8b179097fadc9149b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
584655fd4f60a91cce23b6229f5356e4886ad1423650a6153e49a93e4b49ef96
589733b054fe0761d3496b61c896e53714e4b8b73791b9208d0d0bbc4f051feb
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59f5eacb66f0acd853f018e20bb9423843ea7730844e65c72a73df30e229e267
5b70d4870b01782d5ec190f549ced4164ecdf602684760f20b4821aef6e607cd
5c28a7d7efdbda85f786679ed2191d4053bfb355077344b70bb76c7b8eebc2bf
5d81781ab85b52a308ead17cd12c06f6b7967c012cf81a7f6d8ad4f997e4321e
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5f38c9c3cc013a00e4b6afe2322a99b203116aaf6ecdcff0ea5cbe0472a4e226
5f9730e9e1e0e3499b8cfec56e8c3df1aa855e0a3969b1d9aed006841adea178
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
63677d2d9ee5ab7fefbb5929b570237eb6cad5c74d9b4dd1ed6ad8b73cfa3de9
65a3f19b8acd7b8969e8f9bdc648f50573eeeb1d5261faea8b513ec24f7e92fd
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
689dfd5efa19909a15e4917dde1ff6886526839abae8ac081c2a77c055116fd6
68f808985f9c9e52072d7175c0a6745c508ac752b610f24812c215732d2b9ff0
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6aaaacf9bc9388d16370fcdabc364fc7b7bfb370d22f3e8f47d76c8e5047b09a
6b15a2950b25f9038c9924a3e0033176ffc625d851cf1d61a588843d9eaa3b51
6b58c013d6c6e77c34ac7675e3179b568b8086b43e4083e8d6a4554ab80ac889
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6e9bd47586317a1b3ebcadd69906e456421cf9551f694b1483a29c60770ef6e7
6eae6b8af299da9bb7fc41d221e16068d3869070cfe9e68f4e5444f554f0f562
6fbde523d85a740ea8c4245ef66c7153dcad4fd6680d55b69208bcd42556be87
70be92e9b48e93df20fd4f071e3e4f16c83de8b83275c400fbe4277bd7cac296
712032c539b05bdf589a064f3e851e67aebd52bbaf2680245fc687caa2946812
71533350c02f8b842f2fb80b248252092bc4396e7dc4e7e38169015685ac40ec
71970ab429bdaed0de1355bfabec79005912d77d19e02cae01dfb723c25262ac
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73a0637ecd46853ea81690f9c4dde8e4744fe6caa3d50e4f43cbf95b9b148f01
7663d50ec16cabda9c9694d8cafcf9fdc9d61fc2d17fc516fbb2cbd6ead556a8
78da3560507e8d9c30fad1ba60e7dd4e847f04b2e50405733e6f67fff1e264a9
7c320bb579481f64c79399f5e2ac10e50194acb33c41041d2efc0c3bab9b6eaa
7cf3f301af4dd7f8b4df8746214bcd79257a9684152046c796cb79cf8d25b614
7f13df0b1c8d0b6fdd59d71e7d86c77150c0a6b8436baa295220b54029a2c8e0
821987f424fcec84bc5d367e181844a883b9b0cbff93b16ca4e486a15c111c12
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84267cb03358986b6d450eb1b76fa8abea21b67d212869a8ceb1deb35fbe3399
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
87b33d5cedfcdde87d6fd8610c33eef870c860b4745bd3d0e977b9d47ef9954d
8850112af1c3a02f2b6ff69c80d1e6e1b9e1dd71b18b52630df247d62da879df
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8acd0b07d9be489aa245f546749d9bb7a0372e44cdb62f18bd0aca41e713058d
8d702af8ed85439f2f4bbca2bf32e0efb53d97c18693c67721b3f03e0f92b00e
8ec3da1b250f95999c24d9b0edc921d040d54cf40e1195d9c9394fb4285cc113
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f76b934568d510d4abdfcd81dddeb822ecd4249218af1b2885850e61cdfbb0f
8fcaefc86e136654f7a6d9ac280844f82f37fea09039e7d36bdc42d7f7d2083a
90048baa4ea031d22beb7bf4d2f6777b5242ab9899898c73dcbeec5e89c42fdf
9057beeea4c492533d4d376d1d07e8b5222b3095e8ec395b6690c3779a09161d
90bbcb9db7c9cb053c19be00501d286e22046a098a831cbfcd88f03a02c19836
937ac91fbf47c81ac15a1810edd83c253e8aec980dbe158d74258f2b023b6a4f
95363508b190297c32b321d95b5d149f2053def4a6e204bb389814357a385521
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97885cbc3d80d69e9bc1ba84164e159e8d04e1295e9120169dfc0dd10a9abb4a
9884796361f3f2c3bcf41bf72263bb081266876937d249a7b4164e1ef87665c1
98e2c8c733b1d56cf71b8af61ae88da73c4c781e243a89e51e10b1a490652909
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc
99c6fbf64438f41cb5eb3bee9c1ade01622af8815adca9e3d7eac3727998432c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abd82303f2efad2568049da7b78d113fd4a2ee90fd927697428a5cb6e1ec700
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9f0e47ed50335948cb6124f257dd75caa6b01fa9d2f0a5176c4de5f6392c2e9d
9f1c9fa1ee74b9fa5faff99944dabe170499b29feed819483a7e4fdffcff8087
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0189f0e694682454695fe1b182c0bc26425760bb03e14969e34cb424686a6dd
a023320ddad7be72780c15f370154d4e532dc7459dba529c30c899ad8ea3f5d0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0fb157aba4b8f06aa680e50d3fe02951b3cff186a96bd99c76b02072ff10f49
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a509a2d527bd8c22a21a1bd4ee460d72e9ed3c70b55948a6e547d91b5bcaf6d4
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a909e6040703f472c817757f38b1a1587454809c1ffb73c88c1ada686e9ebb91
a94a11067e3a537402ffa959797dcc7b0f9d5c45e7aa0c8be08d38bc7f605003
aa084d3968ab19898ebbed807ebc134b622fab78a888e7b36ae8386841636801
aa2fd0f7b2e3e7cf40af23d2e2426274cee9facac073b5c6058f560da3260784
ab63a95f954b06fab67ea2fafd99e696cb97b69c12270a80b72dca3ac0a66740
abb678fe36372859f49939d9699c8be35f1da360cbe98d0e08d2600f050778ff
ae66a471041f4132884bdf23e6a3bc8ac7a698305e7b3bbf840d8394d88d2e0f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3591c592a8ecd0eca6d0e02920e260e025a7fda6e0d595293dcb5456c47ae9d
b434efe81061c42188488b1b06ec0a2c44e47037649aa53602c76025fdfa56c2
b5df375fbe267d104e57cc2bc652259afbf5b9abf4ee2747f83f0b05dfbd5ea8
b6e6171b7e205d47ff3ada395499e07961ab6f5769feb9f877351a0c83337bc0
b7157aa7c4579db7103e9338385ec8644caba74337303b3a82f24520a0d68490
b7558d470b00a5a187435d8bd2c5383856ccc8ec315792ef9b09cd8e46090aa2
b9893a76d9a1cb1e7c76752f90ba9539b433841c080676d09a7438c65380494f
b9d965c892b782e66a44c9bf9a2d5922f1cdbcceada7e90002e753a86bc15130
babd9729f52441a13bb2c40b861669da826821125a4175c697dd665fe47cbb0f
bc0a06f8e0f8385f13d5e96e94b3f9fdee6e06b40144a17a79e628e297e9de34
bc31dd1668b538cb276b888ece7b1bc77aa3ef5fda2652aa92501e0502f3587f
bc34b600d52143b16b8684d087a67c44910ddfa98d028f524312adb4e89366d1
bc7b3b96a0dac7fc8afd9d05460c61c9984a93e47c4fc264e39baa9e8ca80b00
bcaa367e2f29ae72fc19909e53b5399e8af88181b7a9f2d175297f9419b8be19
bf01b44e7a857c65e3532d07c5ba7f41a6617e0455884e6c2de75f40f4c8aa16
bfc1ac4af72e74cf770d41007e61f892e25cb5efdc67b349f5253087ce61520a
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c38b423255f4265dade1bdb34cf64affaabcf794e79f3ef8aa3adfe7dd3a1c47
c4bb65f619f09b9d4f0c9e25826f10eb47e9445eec8da10825c6d5f656b747a1
c78831ed358a59b734f7949681849692ba2ddf205b0236681e44173082f7ae8a
c802737a07b63d21d688042cf024558dd0e249fbafccce929d801b23e328218a
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cadfcaca4a9c47625fb8672234a17a72a7f3c1d1142ddd659bde24221d208c10
cc8e2fc23137b2acebac963a0b4d2ce022066c55335e292cdc7bbbabb4fff9db
cebdf07b17721c086eeb3135a9367f97f17da9650cafd06f5b10e9d5eaff2315
cecc74d5fbe492316a508b646f4a0eba83d717cc0a65c92be7a138849d5c7ca6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8cba3407cfd61e32909519485540d77f17f23274852c9acb404f3f9f564e3c
cfd91d8ff48aea2adea7719b47c73eb7fa29790f077153e496ff8877ac6dd88c
d03057abcffb7f2a02c1c29808334101074c103fa5c49c15069e13add2df4721
d195585a352009773b6084ed09581257b4f62c1e9a9a02f2b1fc659e55e8183c
d327306dae0975c815213df7587d5159825185a749b7ca91d992857688486e27
d44b594adcd71f3f00af4cc3f68541288520539383cfe25423b57d08c511f275
d539670aae1ed0b7e7e2336d383c83246cde2af363e362ff92e3d9cf273fde7e
d59371e3f0a6e74cfb0198ad2da8f09b154eecd86d134870e534f5266bc8e51c
d5ab8015cd82892bbad17705ea3b417d2a43c6549ca49844fc11d49e1083b47b
d618e8165698ad5a2887ae3b1515569db70082794db9c913c5ea536041792895
d849690fe5bfb4638b1dea171184cfa3adae1a051ad6fff555acc2a63042be4f
d86f3c3baecdbb9ce3be42bc9474af56136ea185412a8c7c6c396310059d75ac
d8edaf27ebc9b9ebef5d2708d22b30bf2509517b2ffe3fc6bdc51c85e1f2b1f3
d8f20a61f8c55d681ad93cc4066ea562302ee8cbeeb75f1b61ac212b0313b7c1
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
daf57dd5fdb346c941fe9cbe8f776e67eca77382bdf798b3ebf2f3c147d88345
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd2dca0b73e6585089b6a37f391d642fe0b96459f3ce6feaad7dcb346bac21e5
deee137a6dfa1f234d7ac0a3e2a41ad36e4351c4f24df0be7bd608332d969dd1
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1b8aeee78dec43e4d68073c7618092d4af1278bd22be89b1e0eef970479d90a
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e298122711026c8ff05294ac8879e5ece5f6a23a112a451cdbe6f891485b53f1
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30ef4ff037d0e6fd36093cb017e58ad2e7cb1b3f2d7191d45167a402d819b55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4f6b20923b98ec202a723449876a7df142acad7cc91337477a897a3d68d8ad2
e5b8d2d1ee19091fe12abe606093e8eab838c0716e3c8e152a01f61f597a91f2
e7362a543eeaa82303048c1b56956cb7bd71de927e33453c5cea2a6504bbe042
e74b9be0700c64b6d8ab9e584803370ae0f2685e79ae4404bd3c5c3a7fccb613
e78c5380563a8a078ca08254718d91472579bdcd61e6b34b1dfacb0f786ed213
e8337cb3957638890d01c49832f1256a4ce45f61a79a41fbacaa31bd274ff7ef
ec4a0b8473e771b632edf4c515bec167f974fe6461b43ec02e52995f4dc89c50
ecb1db3dbd557e4a05a2f6394b0dc555f96169272ff56aef2339ca2cf38b2f3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff
f03f34a896200ac3d36794a86a5b23d054f1982d05740b454078c8526a33b631
f0c22505ea8920792ec430dcf70d668fd80f7bda29b21974a5e310150c6b9d44
f3dd4bf99321fbc802e13b50f9d5925fb98953002a8ad7798c92e17178ce7889
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f58ac8310c580f38177c71c590d8dcdcfbdebf980badf4fa533c75845bb1c11b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f919a723162a8ce8c6180d41b1b938e952c65a5f06c7711c567b12f57655b8cd
f9bc2af159f56f6373d66177e46c98091dd63f5ccd06ae805fd3feac847fbe0f
fef6d5b54da0d9e0479a9560e9236c70713eab51dbeca880a78ac30067bcceba
ffe9cfd09a050ac09c1d29b54e40b91065642b308b63f61130ea1e31eaac7520

utro.ru Open in urlscan Pro 95.213.212.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

515 Requests

94 %HTTPS

40 %IPv6

62 Domains

97 Subdomains

73 IPs

10 Countries

4748 kBTransfer

12519 kBSize

99 Cookies

7 Outgoing links

Page URL History

Redirected requests

515 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

utro.ru Open in urlscan Pro
95.213.212.85 Public Scan

Screenshot
Live screenshot

Full Image

515
Requests

94 %
HTTPS

40 %
IPv6

62
Domains

97
Subdomains

73
IPs

10
Countries

4748 kB
Transfer

12519 kB
Size

99
Cookies

515 HTTP transactions
13 data transactions