a-nevsky.ru Open in urlscan Pro
37.46.135.112 Public Scan

URL:
http://a-nevsky.ru/
Submission: On August 10 via api (August 10th 2021, 1:33:58 am UTC) from US

Summary HTTP 176 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 42 IPs in 5 countries across 47 domains to perform 176 HTTP transactions. The main IP is 37.46.135.112, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is a-nevsky.ru.

This is the only time a-nevsky.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	37.46.135.112 37.46.135.112	29182 (THEFIRST-AS) (THEFIRST-AS)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	95.181.171.231 95.181.171.231	50214 (QWARTA) (QWARTA)
8	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2 4	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
6 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3 4	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
5 21	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
1 3	159.69.74.9 159.69.74.9	24940 (HETZNER-AS) (HETZNER-AS)
2 8	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
3	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.160 193.232.148.160	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.48 195.209.108.48	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c03a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
3 5	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 3	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
2 6	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.106.117 195.201.106.117	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.132 188.34.131.132	24940 (HETZNER-AS) (HETZNER-AS)
2 3	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
3 5	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	217.66.147.167 217.66.147.167	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	88.198.31.232 88.198.31.232	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.212.233.108 88.212.233.108	7979 (SERVERS-COM) (SERVERS-COM)
1	92.63.193.64 92.63.193.64	29182 (THEFIRST-AS) (THEFIRST-AS)
1	82.146.33.102 82.146.33.102	29182 (THEFIRST-AS) (THEFIRST-AS)
1	92.63.97.182 92.63.97.182	29182 (THEFIRST-AS) (THEFIRST-AS)
176	42

36 37.46.135.112 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: callhim.virtbox.ru

a-nevsky.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.171.231 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv231.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.163.114.204 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.216 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 46.4.121.26 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.74.9 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1290147.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.160 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp21.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.48 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c03a (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.159 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.130 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.106.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.132 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.132.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.120.68 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.167 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-167-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.31.232 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.108 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.193.64 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1501.ru

meealt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.146.33.102 (Moscow, Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1002.ru

dspco.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.97.182 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: belesta1005.ru

webdsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	627 KB
36	a-nevsky.ru a-nevsky.ru	442 KB
24	acint.net 5 redirects www.acint.net acint.net	17 KB
12	google.com 2 redirects adservice.google.com cse.google.com www.google.com clients1.google.com	164 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	77 KB
10	yandex.ru 4 redirects bs.yandex.ru mc.yandex.ru an.yandex.ru	168 KB
9	yandex.com 4 redirects mc.yandex.com	5 KB
8	uptolike.com w.uptolike.com	32 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	aidata.io 3 redirects x01.aidata.io	2 KB
5	bumlam.com 3 redirects sync.bumlam.com	3 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	yadro.ru 3 redirects counter.yadro.ru	3 KB
4	sape.ru 1 redirects cdn-rtb.sape.ru ssp-rtb.sape.ru	28 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	7 KB
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	com.ru 3 redirects adx.com.ru	1 KB
3	adsniper.ru 3 redirects sync3.adsniper.ru	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	2 KB
3	googletagservices.com www.googletagservices.com	102 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	843 B
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	826 B
1	webdsp.ru webdsp.ru	320 B
1	dspco.ru dspco.ru	322 B
1	meealt.ru meealt.ru	488 B
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	325 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	rktch.com ut.rktch.com	440 B
1	beeline.ru 1 redirects 0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru	636 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	279 B
1	relap.io relap.io	982 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	735 B
1	mail.ru ad.mail.ru	635 B
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	657 B
1	yastatic.net yastatic.net	39 KB
1	ampproject.org cdn.ampproject.org	8 KB
0	tnsis.ru Failed static.tnsis.ru Failed
176	47

	Domain	Requested by
36	a-nevsky.ru	a-nevsky.ru
34	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com a-nevsky.ru pagead2.googlesyndication.com
21	www.acint.net	5 redirects a-nevsky.ru www.acint.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	mc.yandex.com	4 redirects a-nevsky.ru
9	pagead2.googlesyndication.com	a-nevsky.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	www.google.com	2 redirects cse.google.com www.google.com a-nevsky.ru tpc.googlesyndication.com
8	w.uptolike.com	a-nevsky.ru w.uptolike.com
6	mc.yandex.ru	2 redirects a-nevsky.ru yastatic.net cdn-rtb.sape.ru
5	x01.aidata.io	3 redirects www.acint.net
5	sync.bumlam.com	3 redirects www.acint.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	counter.yadro.ru	3 redirects a-nevsky.ru
3	an.yandex.ru	1 redirects www.acint.net
3	sync.1dmp.io	2 redirects www.acint.net
3	adx.com.ru	3 redirects
3	sync3.adsniper.ru	3 redirects
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	cse.google.com	a-nevsky.ru www.google.com
1	webdsp.ru	meealt.ru
1	dspco.ru	w.uptolike.com
1	meealt.ru	w.uptolike.com
1	api.advarkads.com	s3.advarkads.com
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	ut.rktch.com	www.acint.net
1	0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	clients1.google.com	a-nevsky.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bs.yandex.ru	1 redirects
1	yastatic.net	a-nevsky.ru
1	cdn.ampproject.org	a-nevsky.ru
1	cdn-rtb.sape.ru	a-nevsky.ru
0	static.tnsis.ru Failed	w.uptolike.com
176	60

This site contains links to these domains. Also see Links.

Domain
xn----8sbehgsp5ap.xn--p1ai
vk.com
www.facebook.com
connect.ok.ru
t.me
twitter.com
api.whatsapp.com
www.liveinternet.ru
metrika.yandex.ru

Subject Issuer	Validity	Valid
uptolike.com R3	`2021-06-27` - `2021-09-25`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.acint.net R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
*.sape.ru R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.bumlam.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
adlmerge.com R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
ut.rktch.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
new-programmatic.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
dmg.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
meealt.ru R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
dspco.ru R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://a-nevsky.ru/
Frame ID: FB862802E7D15D4B8AB4A77833C0C5BB
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html
Frame ID: 3A28A4598E831B79DFC5D0D47AC55AF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&adk=1812271804&adf=3025194257&lmt=1628559218&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fa-nevsky.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1628559218659&bpp=2&bdt=284&idt=66&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3528565124336&frm=20&pv=2&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: AD6EBF0C8D7CC56589BC85028BD1820A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104
Frame ID: 803A277176E0F7E63F71614E83168F07
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3
Frame ID: 67F1CA8771EE44CF82C847131AF7F49A
Requests: 7 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14
Frame ID: 7816BE58ADD56CCE3D35ADB58410CEEC
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html
Frame ID: 3B806C3FA6CC66134407BD750C9FC1EE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F864F25AC0FFC9A242E927D70E12926C
Requests: 2 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
Frame ID: 1DDCB69CF7E9905DFC4AE929C44B5438
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html
Frame ID: E410B400E7DB4B224145BB0B876CFF78
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5D16990EF78841EA013761EB4B9BA7C7
Requests: 2 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
Frame ID: 3C7C51E237F0A0106CF71C0CA7EB9833
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5357092DCD0B8C8363D390585805CC3D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39DEE5CFE8F42B46BFA982314B87C8B6
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: D26F989E4775E212A39DB69A70BFFE43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Александр Невскийпоиск

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Lightbox (JavaScript Libraries) Expand

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

176
Requests

76 %
HTTPS

29 %
IPv6

47
Domains

60
Subdomains

42
IPs

5
Countries

1740 kB
Transfer

3611 kB
Size

39
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://xn----8sbehgsp5ap.xn--p1ai/
Title: http://www.двери-ока.рф

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=http%3A%2F%2Fa-nevsky.ru%2F&title=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=http%3A%2F%2Fa-nevsky.ru%2F&title=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=http%3A%2F%2Fa-nevsky.ru%2F&title=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=http%3A%2F%2Fa-nevsky.ru%2F&text=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&url=http%3A%2F%2Fa-nevsky.ru%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%20http%3A%2F%2Fa-nevsky.ru%2F&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=24888893&from=informer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://bs.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews HTTP 302
https://mc.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Request Chain 49

http://counter.yadro.ru/hit?t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351 HTTP 302
https://counter.yadro.ru/hit?t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351 HTTP 302
https://counter.yadro.ru/hit?q;t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351

Request Chain 50

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 63

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 78

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9360.ydjltfoThtmy4MdGfsBxPCn5VkXGhSqVuut-7xh53hCiaoAKv0s7qLBNpTl8lpD5.qNGOXMmTRoDXovrGc3ClyOc6jpA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9360.uFWdQ_0qkApPmPl5qLkCB6tGXFTH2Q7ExGeEciOT1muAsp6H-esDUIUGgOk7TFDI2DMfHUu6M_kpmzchznaOwQ%2C%2C.bRxu0qKgNB4x2qfIhH4ZwiU-Ps8%2C

Request Chain 80

http://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14

Request Chain 81

http://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&oE=1&oP=1&dT=2021-08-10T03%3A33%3A39.111&fu=35062f90-ac95-43d7-b8ee-ab07cf8e8439 HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&oE=1&oP=1&dT=2021-08-10T03%3A33%3A39.111&fu=35062f90-ac95-43d7-b8ee-ab07cf8e8439

Request Chain 94

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A681278281269%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A307151002%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9 HTTP 302
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A681278281269%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A307151002%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Request Chain 95

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A3%3Adp%3A0%3Als%3A1097125000904%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A348918329%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9 HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A3%3Adp%3A0%3Als%3A1097125000904%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A348918329%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Request Chain 96

https://mc.yandex.com/watch/24888893?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1475660460180%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A432663215%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9 HTTP 302
https://mc.yandex.com/watch/24888893/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1475660460180%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A432663215%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Request Chain 99

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839&crf=1

Request Chain 100

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F72D71161130056200200D68A

Request Chain 101

https://px.adhigh.net/p/cm/sape?u=0100007F73D711613E0564AB02CC2839 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F73D711613E0564AB02CC2839&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=MAJvcjff5nv.AikABlF7LbGbAQ

Request Chain 103

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4300652087 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AJMdKLE4J6SpBoSrgYzwJng&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F73D711613E0564AB02CC2839

Request Chain 105

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=e86aa4bb-8daf-4a1c-a03a-6d5917e51855 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjzrseIBlIEioaQK2IkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjzrseIBlIEioaQK2IkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3PXEWE-BWSrAswoOQ HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 110

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839

Request Chain 113

https://adx.com.ru/sape-sync?uid=0100007F73D711613E0564AB02CC2839 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F73D711613E0564AB02CC2839 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6111d773a897d8218b9a2569&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D6111d773a897d8218b9a2569%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D6111d773a897d8218b9a2569%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6111d773a897d8218b9a2569%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6111d773a897d8218b9a2569%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6111d773a897d8218b9a2569%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D6111d773a897d8218b9a2569%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=3177382553 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6111d773a897d8218b9a2569%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6111d773a897d8218b9a2569%2526dest%253D&webouid=Uz6CcibbMyWyx2WTHhr2L. HTTP 302
https://prodmp.ru/yabbi.gif?uid=6111d773a897d8218b9a2569&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6111d773a897d8218b9a2569%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest=&bounce=1

Request Chain 114

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839&cs=1

Request Chain 115

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=uys5bhhGTjub

Request Chain 116

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=4b3cc2f4-bee7-52de-8034-a446e1257335

Request Chain 117

https://0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru/p?ssp=sp&id=0100007F73D711613E0564AB02CC2839 HTTP 301
https://www.acint.net/match?dp=111&euid=1b54af86-f65f-45e1-b51b-6166d0df8515

Request Chain 119

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F73D711613E0564AB02CC2839 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&ssp=sape&exu=0100007F73D711613E0564AB02CC2839 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=162bf897-0fbc-48ca-bde5-dbcdb0312f0c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFiv4lw-8SMq95dvNsDEvDA%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253D162bf897-0fbc-48ca-bde5-dbcdb0312f0c%26sign%3D706912196 HTTP 302
https://an.yandex.ru/setud/mts_banner/Fiv4lw-8SMq95dvNsDEvDA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&sign=706912196

Request Chain 120

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=d91c4aad-ad2b-4b7a-488a-621e8582e9b6

Request Chain 121

https://s.uuidksinc.net/match/396/0100007F73D711613E0564AB02CC2839 HTTP 302
https://www.acint.net/match?dp=127&euid=3Z6eTTYcYp8Bqcg7t2oS

Request Chain 124

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F73D711613E0564AB02CC2839 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F73D711613E0564AB02CC2839&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=24D4C0D593E1F9BE1249&back=STOP

Request Chain 125

https://sync.bumlam.com/?src=sap1&uid=0100007F73D711613E0564AB02CC2839 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjzrseIBlIFrbKc-w9iIDAxMDAwMDdGNzNENzExNjEzRTA1NjRBQjAyQ0MyODM5 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQABjzrseIBmIgMDEwMDAwN0Y3M0Q3MTE2MTNFMDU2NEFCMDJDQzI4MzmiARD9Zrsu-XoR66bpACWQyCQ3

Request Chain 126

https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839?redir-setuniq=1

Request Chain 134

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 146

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 166

https://dmg.digitaltarget.ru/1/1093/i/i?i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 167

https://dmg.digitaltarget.ru/1/1093/i/i?i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 184

http://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112

176 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
a-nevsky.ru/ 20 KB
20 KB 226ms
149ms Document
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 / PHP/5.2.6
Resource Hash: 9d37e34c27be76a4a366a11efba22de6f2eeb6ab3a80098d83aefdc88cabc7d9

Request headers

Host: a-nevsky.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Server: nginx/1.6.3
Date: Tue, 10 Aug 2021 01:33:38 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.2.6
Content-Language: ru

GET
H/1.1 200
OK css.css
a-nevsky.ru/css/ 11 KB
12 KB 121ms
107ms Stylesheet
text/css 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/css/css.css
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 759a04f97f38274ed00a71ae94168fc29858cb36ed54ddb183929bf984be89ee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 21 Jun 2019 22:09:20 GMT
Server: nginx/1.6.3
ETag: "6883685-2d05-58bdcb6d48400"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11525

GET
H/1.1 200
OK jquery.min.js Show response
a-nevsky.ru/js/ 56 KB
56 KB 124ms
110ms Script
application/x-javascript 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/js/jquery.min.js
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: */*
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Wed, 02 Jan 2013 18:45:18 GMT
Server: nginx/1.6.3
ETag: "688436a-dfa6-4d252a5d20b80"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57254

GET
H/1.1 200
OK ddaccordion.js Show response
a-nevsky.ru/js/ 15 KB
15 KB 123ms
110ms Script
application/x-javascript 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/js/ddaccordion.js
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: a21a401005a5968dd602372ba1c733b6236efe7bd8147ac0720db5588fcf4a40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: */*
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Wed, 02 Jan 2013 18:40:17 GMT
Server: nginx/1.6.3
ETag: "6884367-3aa5-4d25293e12640"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15013

GET
H/1.1 200
OK jquery.lightbox-0.5.js Show response
a-nevsky.ru/js/ 20 KB
20 KB 124ms
111ms Script
application/x-javascript 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/js/jquery.lightbox-0.5.js
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 0b3e3d2ac9afcd674abadabb06056c0413c36d4c809404fe32287b576affff52

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: */*
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Wed, 02 Jan 2013 18:40:17 GMT
Server: nginx/1.6.3
ETag: "6884368-4e9a-4d25293e12640"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20122

GET
H/1.1 200
OK jquery.lightbox-0.5.css
a-nevsky.ru/css/ 2 KB
2 KB 121ms
108ms Stylesheet
text/css 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/css/jquery.lightbox-0.5.css
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 2478cc879f64eff37951460c34458fbf3035b13c6338d87ea0e96ad2e58aa34e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Wed, 16 Mar 2016 11:43:33 GMT
Server: nginx/1.6.3
ETag: "6883687-8be-52e290603c340"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2238

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba5e6e7c48a613c9e589dc7beaa72f3d4f964cd0d7de648c78e164698d2ed08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 10 Aug 2021 01:33:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13199006002348892689
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49434
X-XSS-Protection: 0
Expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H/1.1 200
OK spacer.gif
a-nevsky.ru/images/ 43 B
278 B 64ms
60ms Image
image/gif 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/spacer.gif
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:41:15 GMT
Server: nginx/1.6.3
ETag: "4dcd430b-2b"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK 78351.js Show response
cdn-rtb.sape.ru/teasers/js/351/2/ 65 KB
27 KB 139ms
121ms Script
application/javascript 95.181.171.231
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn-rtb.sape.ru/teasers/js/351/2/78351.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

HTTP/1.1

Server

95.181.171.231 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv231.qwarta.ru

Software

openresty /

Resource Hash

24ce9973cb07fdebd25102dc5ce9d55d8c1d940d478c6e10ea311402be22741a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 07:36:12 GMT
Server: openresty
X-Amz-Request-Id: 1699813A1628DC60
ETag: W/"64f3230110a2ccdd756f5f5acab8a630"
X-Cache-Status: REVALIDATED
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Content-Security-Policy: block-all-mixed-content
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Expires: Tue, 10 Aug 2021 02:33:38 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 222ms
77ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb284b6ce56d463be4f11f74f724156c275c544b99acd4700a441865a168069e

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 21 KB
8 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb10694288d1e64fd1fd40a7c0560b69f8c3b83e794c1c242e8ca906d4851ddb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6759
x-xss-protection: 0
server: sffe
date: Tue, 10 Aug 2021 01:33:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "f822cd457aefed6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8093ab4d254b73525654ed5a079b92046bb8a1b8ebf5106e6c64fdc783d42c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49427
x-xss-protection: 0
server: cafe
etag: 8704695781698676377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 144 KB
39 KB 167ms
82ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 24 May 2021 12:18:35 GMT
server: nginx/1.17.9
etag: W/"bcd00e6750a3b5b8b79248b4c2e87b60"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:29:24 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 227ms
81ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=1921144
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d84aa72c445c1b62aa1a108ebbf9ddbbea20a5aeef44d1fc65d4a40bc7055202

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8

GET
H2

200

3_0_FFFFFFFF_EFEFEFFF_0_pageviews
mc.yandex.ru/informer/24888893/
Redirect Chain

http://bs.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews
https://mc.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

1 KB
1 KB

138ms
45ms

Image
image/png

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1cdca8e3632f683e48a8efec4788320780f1de927ff5bb783083d4ba0c9cccb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Tue, 10-Aug-2021 01:33:38 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1234
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:38 GMT

Redirect headers

Location: https://mc.yandex.ru/informer/24888893/3_0_FFFFFFFF_EFEFEFFF_0_pageviews
Strict-Transport-Security: max-age=31536000
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found li.jpg
a-nevsky.ru/images/ 570 B
570 B 63ms
61ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/li.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK b1p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 124ms
62ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b1p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: d442eff792cc77c846cd1852099746ee82cd24f37cd00e7128532c323ef47022

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:45 GMT
Server: nginx/1.6.3
ETag: "4dcd42ed-6c5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1733

GET
H/1.1 200
OK b2p.jpg
a-nevsky.ru/images/ 4 KB
4 KB 61ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b2p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 924f2b8d30539cd9bccf2ffc944db5e3ffe0234721ac467a5df40b54a7eb4e3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:45 GMT
Server: nginx/1.6.3
ETag: "4dcd42ed-e81"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3713

GET
H/1.1 200
OK b3p.jpg
a-nevsky.ru/images/ 1 KB
2 KB 61ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b3p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 7aa8cbbba3de33e794f3e50d989aa76431473489cfc506071cb4c0bea28410a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:46 GMT
Server: nginx/1.6.3
ETag: "4dcd42ee-5da"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498

GET
H/1.1 200
OK b4p.jpg
a-nevsky.ru/images/ 2 KB
3 KB 63ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b4p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 2796de25f6fd440e0e5c22083475cbe51373b47d3511b6683cbb450f6a1117cf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:46 GMT
Server: nginx/1.6.3
ETag: "4dcd42ee-981"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2433

GET
H/1.1 200
OK b5p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 60ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b5p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: ec3c5cada1e2adc29cbf088b515c822f60d90438705765aa93d5ad7f3fd89ab2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:46 GMT
Server: nginx/1.6.3
ETag: "4dcd42ee-860"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2144

GET
H/1.1 200
OK b6p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 61ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b6p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 58766fbaa9d2b6f6994eb68db221aee14016bf00f1b74234c4b62191c1af5b9a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:47 GMT
Server: nginx/1.6.3
ETag: "4dcd42ef-8fa"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2298

GET
H/1.1 200
OK b7p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 62ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b7p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 5e273118911a60833593a6f4ccde61b8306bc008f77cac9e08a62968774e6c12

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:47 GMT
Server: nginx/1.6.3
ETag: "4dcd42ef-63c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1596

GET
H/1.1 200
OK b8p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 63ms
63ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b8p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 854d096c59a98a4cf5a58d04a973e365bc079c527708ef6b9ca4a9c60483514e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:48 GMT
Server: nginx/1.6.3
ETag: "4dcd42f0-80a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2058

GET
H/1.1 200
OK b9p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 61ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b9p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 4528e5f79faf6abe0d30c3fecfe095bb240f0a2751ca51ed365fdef1e41cfb03

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:48 GMT
Server: nginx/1.6.3
ETag: "4dcd42f0-62d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1581

GET
H/1.1 200
OK b10p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 59ms
59ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b10p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 97d7de9d8695e6e509be7c0e1a5e43e1ed56f1b23f7a57953a622fc91bcb4230

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:44 GMT
Server: nginx/1.6.3
ETag: "4dcd42ec-6d9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1753

GET
H/1.1 200
OK b11p.jpg
a-nevsky.ru/images/ 1 KB
2 KB 61ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b11p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 8caf94850fd5ed5af6b1a38765292cdcc8d31bd4086b63664ede8689dc6762f5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:44 GMT
Server: nginx/1.6.3
ETag: "4dcd42ec-57e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1406

GET
H/1.1 200
OK b12p.jpg
a-nevsky.ru/images/ 2 KB
2 KB 61ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b12p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 2e64686fdce32a0de742777eaf1379f9bd484a0f0d0930b9b68222e5919abae6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:45 GMT
Server: nginx/1.6.3
ETag: "4dcd42ed-678"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1656

GET
H/1.1 404
Not Found b13p.jpg
a-nevsky.ru/images/ 570 B
570 B 61ms
61ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b13p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 404
Not Found b14p.jpg
a-nevsky.ru/images/ 570 B
570 B 60ms
59ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b14p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 404
Not Found b15p.jpg
a-nevsky.ru/images/ 570 B
570 B 60ms
60ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b15p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 404
Not Found b16p.jpg
a-nevsky.ru/images/ 570 B
570 B 61ms
60ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/b16p.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK bodybg.jpg
a-nevsky.ru/images/ 373 B
611 B 61ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/bodybg.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: d6818233196805813f905869cf6de409a90426818bb8de7cd870bdc9b9903283

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:48 GMT
Server: nginx/1.6.3
ETag: "4dcd42f0-175"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 373

GET
H/1.1 200
OK topbg.jpg
a-nevsky.ru/images/ 1 KB
1 KB 104ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/topbg.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 4a6a298152f2a3ea75674e3a42303847b728b6d7242d5efd40b07de8cb2bd610

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:41:22 GMT
Server: nginx/1.6.3
ETag: "4dcd4312-47f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1151

GET
H/1.1 200
OK top.jpg
a-nevsky.ru/images/ 101 KB
101 KB 105ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/top.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9bdbe7424cbac6b6e92b9d2d57352627b626c80b63e3e51086e64587d400107f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:41:21 GMT
Server: nginx/1.6.3
ETag: "4dcd4311-1928b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103051

GET
H/1.1 200
OK leftbg.jpg
a-nevsky.ru/images/ 961 B
1 KB 59ms
59ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/leftbg.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: a620f61e21f58c093078d14c7aae7c70f97d4cf9857ba801c44c45d6c23b9898

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:53 GMT
Server: nginx/1.6.3
ETag: "4dcd42f5-3c1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 961

GET
H/1.1 200
OK mak2.jpg
a-nevsky.ru/images/ 37 KB
37 KB 121ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/mak2.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: eb88810a5d5b042a09f8c54e4947718e9f03792d6a7ea448645d9c0066bbcba4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:54 GMT
Server: nginx/1.6.3
ETag: "4dcd42f6-9386"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37766

GET
H/1.1 404
Not Found menuli.jpg
a-nevsky.ru/images/ 570 B
570 B 60ms
60ms Image
text/html 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/menuli.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: nginx/1.6.3
Connection: keep-alive
Content-Length: 570
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK cuprum.woff
a-nevsky.ru/css/ 33 KB
33 KB 61ms
61ms Font
application/octet-stream 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://a-nevsky.ru/css/cuprum.woff
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 243d733fc4cb5f675878431ea5a3dd1092be3f291aa3524108df0f4145203d93

Request headers

Pragma: no-cache
Origin: http://a-nevsky.ru
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: */*
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Origin: http://a-nevsky.ru
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Wed, 16 Mar 2016 11:43:33 GMT
Server: nginx/1.6.3
ETag: "6883686-8240-52e290603c340"
Content-Type: text/plain; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33344

GET
H/1.1 200
OK rightbg.jpg
a-nevsky.ru/images/ 700 B
938 B 106ms
60ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/rightbg.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: fea8606479be293623d33f06804e38eef6fea04bbb5bcec883cc948c34f6e4b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:56 GMT
Server: nginx/1.6.3
ETag: "4dcd42f8-2bc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 700

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/ 252 KB
94 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6044271981988239&plah=a-nevsky.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10202b17617d47c2fac56e9c7aea4d46bdfd188cdea095bd04c11fe376662e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95615
x-xss-protection: 0
server: cafe
etag: 9756873598893185015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/ Frame 3A28 10 KB
5 KB 27ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210805/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210805/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 09 Aug 2021 19:45:39 GMT
expires: Mon, 23 Aug 2021 19:45:39 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 20879
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
657 B 93ms
36ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=a-nevsky.ru&callback=_gfp_s_&client=ca-pub-6044271981988239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6044271981988239&plah=a-nevsky.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

637c12ba24b9ae706165ecc077af3bd3ae7dc5dfaeea512100e63cf549945f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 41ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=a-nevsky.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=a-nevsky.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD6E 0
19 B 94ms
79ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&adk=1812271804&adf=3025194257&lmt=1628559218&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fa-nevsky.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1628559218659&bpp=2&bdt=284&idt=66&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3528565124336&frm=20&pv=2&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6044271981988239&output=html&adk=1812271804&adf=3025194257&lmt=1628559218&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fa-nevsky.ru%2F&ea=0&flash=0&pra=5&wgl=1&dt=1628559218659&bpp=2&bdt=284&idt=66&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3528565124336&frm=20&pv=2&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Aug 2021 01:33:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 10-Aug-2021 01:48:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:33:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 803A 103 KB
36 KB 424ms
424ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

868ac8f1ddff855a8e4e3c1ec7e65760dd336052fab8ba05d7a7db16edf7ef8d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjL7O2npfICFcnZEQgdWg4EEQ&gqi=ctcRYZSTL4PO3gOyvIu4BQ&layout=/sadbundle/%24csp%253Der3%24/6419387625966304539/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPjL7O2npfICFcnZEQgdWg4EEQ&gqi=ctcRYZSTL4PO3gOyvIu4BQ&layout=/sadbundle/%24csp%253Der3%24/6419387625966304539/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 10 Aug 2021 01:33:39 GMT
server: cafe
content-length: 36616
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 10-Aug-2021 01:48:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67F1 103 KB
36 KB 336ms
336ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f6dc5b60e6bb42f8fbf77a0534c9a7b9d6b00212723b46ec03d6f87b0de507

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COmW7e2npfICFZZE4Aod0dgGYw&gqi=ctcRYbfYL5i_3gPynqyICw&layout=/sadbundle/%24csp%253Der3%24/6763518655899276271/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COmW7e2npfICFZZE4Aod0dgGYw&gqi=ctcRYbfYL5i_3gPynqyICw&layout=/sadbundle/%24csp%253Der3%24/6763518655899276271/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 10 Aug 2021 01:33:39 GMT
server: cafe
content-length: 36497
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 10-Aug-2021 01:48:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6044271981988239:5788954167

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

8e87b010a098e84d3d9228a70ba5ba2ffa1ca3d4960927ba5e95683fab3911d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2917
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351
https://counter.yadro.ru/hit?t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351
https://counter.yadro.ru/hit?q;t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351

1 KB
2 KB

62ms
62ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a65ca709551706289ec6bddd6a77ada99141faf4d8ee7b234ecd9bd52439756b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1256
Expires: Sun, 09 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t22.3;r;s1600*1200*24;uhttp%3A//a-nevsky.ru/;0.04999025837872351
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 09 Aug 2020 21:00:00 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

132 KB
47 KB

107ms
107ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Tue, 10 Aug 2021 02:33:38 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK bottom.jpg
a-nevsky.ru/images/ 57 KB
57 KB 61ms
61ms Image
image/jpeg 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/bottom.jpg
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: e24000774459c2533e048c4c80d0cc7d2ed08ed143998906acb1709ea14dcbbd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:49 GMT
Server: nginx/1.6.3
ETag: "4dcd42f1-e352"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58194

GET
H/1.1 200
OK armortransp.png
a-nevsky.ru/images/ 9 KB
10 KB 61ms
61ms Image
image/png 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/armortransp.png
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 3eeda384457799a3faec105b102d63a2b2aea04b852c7fd7de0b78063f66235e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:40 GMT
Server: nginx/1.6.3
ETag: "4dcd42e8-25dc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9692

GET
H/1.1 200
OK bottomtransp.png
a-nevsky.ru/images/ 45 KB
45 KB 61ms
61ms Image
image/png 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/bottomtransp.png
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 2dd68541e6b80d4dba7e3c1a2880d622e8dd0c5a4429edc52de270e0162c45f9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:50 GMT
Server: nginx/1.6.3
ETag: "4dcd42f2-b2df"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45791

GET
H/1.1 200
OK botbg.png
a-nevsky.ru/images/ 279 B
516 B 60ms
60ms Image
image/png 37.46.135.112
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a-nevsky.ru/images/botbg.png
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/css/css.css
Protocol: HTTP/1.1
Server: 37.46.135.112 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: callhim.virtbox.ru
Software: nginx/1.6.3 /
Resource Hash: 6adac1f38f8c5c89d27c77b9e702d71c4eab938e6d3a4ce14c7fecb5cffebacb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a-nevsky.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://a-nevsky.ru/css/css.css
Cookie: __gads=ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a-nevsky.ru/css/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:38 GMT
Last-Modified: Fri, 13 May 2011 14:40:48 GMT
Server: nginx/1.6.3
ETag: "4dcd42f0-117"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 279

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 225 KB
72 KB 90ms
88ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/share2/share.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-11dd4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Tue, 10 Aug 2021 02:33:38 GMT

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

114ms
39ms

Script
application/x-javascript

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:12 GMT
server: openresty
etag: "5ff0bb78-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Tue, 10 Aug 2021 13:33:39 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Tue, 10 Aug 2021 01:33:38 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
543 B 228ms
159ms Script
application/javascript 159.69.74.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6111d772d_42044171&srtbid=78351&scids=163225213&sx=1600&sy=1200&ref=&u=http%3A%2F%2Fa-nevsky.ru%2F&allimps=1&fl=0&v=3&bs_625902=175,600&tz=%2B02%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/teasers/js/351/2/78351.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290147.sapientru.net
Software: openresty /
Resource Hash: 2b63a43001330411299ea3949b123876de9911e1466b39e74b48998083c53fc2

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 132 KB
47 KB 91ms
88ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/teasers/js/351/2/78351.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:38 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Tue, 10 Aug 2021 02:33:38 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
342 B 102ms
58ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A78351%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A648%7D&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 83ms
41ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A78351%2C%22sc%22%3A0%2C%22pl%22%3A625902%2C%22ev%22%3A%22vis0%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
340 B 58ms
41ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=78351.625902.163225213.0.0.68&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
342 B 53ms
40ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A78351%2C%22sc%22%3A0%2C%22pl%22%3A625902%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 69 B
845 B 72ms
72ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_162855921885645
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6860f4c6f5e3096faa4e20c02d7d95dad759de21c2f8ab05d8569a52a2c7b1f8

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 01:33:39 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Wed, 12 May 2021 12:38:08 GMT

GET
H3-29 200 cse_element__ru.js Show response
www.google.com/cse/static/element/b54a745638da8bbb/ 283 KB
92 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6044271981988239:5788954167

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c93d2cccd89dedde4708d853325bf14b8a5a90e387d1dd80f2bd58ac1083b29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 10:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94599
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 10:16:47 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/b54a745638da8bbb/ 41 KB
9 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6044271981988239:5788954167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 17:07:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 07:32:09 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6044271981988239:5788954167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Tue, 10 Aug 2021 02:03:41 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 148 KB
55 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/cse_element__ru.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00ba7c7dd4bf0796ff563536b63615cefa0bfdeae9c8a7629364dc184820619b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: sffe
X-Content-Type-Options: nosniff
ETag: "9951413014432588993"
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Tue, 10 Aug 2021 01:33:39 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/b54a745638da8bbb/default+ru.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 04:00:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 595962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Wed, 03 Aug 2022 04:00:57 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 11:34:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 568741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
expires: Wed, 03 Aug 2022 11:34:38 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 12ms
5ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Content-Length: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9360.ydjltfoThtmy4MdGfsBxPCn5VkXGhSqVuut-7xh53hCiaoAKv0s7qLBNpTl8lpD5.qNGOXMmTRoDXovrGc3ClyOc6jpA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9360.uFWdQ_0qkApPmPl5qLkCB6tGXFTH2Q7ExGeEciOT1muAsp6H-esDUIUGgOk7TFDI2DMfHUu6M_kpmzchznaOwQ%2C%2C.bRxu0qKgNB4x2qfIhH4ZwiU-Ps8%2C

75 B
75 B

44ms
44ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9360.uFWdQ_0qkApPmPl5qLkCB6tGXFTH2Q7ExGeEciOT1muAsp6H-esDUIUGgOk7TFDI2DMfHUu6M_kpmzchznaOwQ%2C%2C.bRxu0qKgNB4x2qfIhH4ZwiU-Ps8%2C

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9360.uFWdQ_0qkApPmPl5qLkCB6tGXFTH2Q7ExGeEciOT1muAsp6H-esDUIUGgOk7TFDI2DMfHUu6M_kpmzchznaOwQ%2C%2C.bRxu0qKgNB4x2qfIhH4ZwiU-Ps8%2C
date: Tue, 10 Aug 2021 01:33:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
159 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 09 Aug 2021 13:26:46 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 Aug 2021 02:33:39 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 7816
Redirect Chain

http://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14

3 KB
4 KB

38ms
37ms

Document
text/html

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: 1b41190b21e316eaee073fedc2eab43b6c11e0ce72437eb566f4730af41440ca

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aid=fwAAAWER13OrZAU+OSjMAorNUWUwnrVPmQKELjV8wq7OYWRn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

server: openresty
date: Tue, 10 Aug 2021 01:33:39 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1628559219; expires=Wed, 11-Aug-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1628559219; expires=Tue, 24-Aug-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1628559219; expires=Tue, 24-Aug-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1628559219; expires=Tue, 24-Aug-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1628559219; expires=Thu, 09-Sep-21 01:33:39 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

Server: openresty
Date: Tue, 10 Aug 2021 01:33:39 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
Location: https://www.acint.net/mc/?dp=14

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD...
https://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%B...

43 B
224 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&oE=1&oP=1&dT=2021-08-10T03%3A33%3A39.111&fu=35062f90-ac95-43d7-b8ee-ab07cf8e8439
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=29402338&u=http%3A%2F%2Fa-nevsky.ru%2F&r=&rs=1600x1200&t=%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9&oE=1&oP=1&dT=2021-08-10T03%3A33%3A39.111&fu=35062f90-ac95-43d7-b8ee-ab07cf8e8439
Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
381 B 35ms
34ms Script
application/javascript 159.69.74.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_6111d7732_97493009&srtbid=78351&scids=163225213&sx=1600&sy=1200&ref=&u=http%3A%2F%2Fa-nevsky.ru%2F&allimps=0&fl=0&v=3&deal=9&bs_625902=160,600&tz=%2B02%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/teasers/js/351/2/78351.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.74.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1290147.sapientru.net
Software: openresty /
Resource Hash: 3acacaa9a457e486716c78af40312b2eb1e68e9ad5f10a48f82c83cb94f160a2

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 37ms
37ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=78351.625902.163225213.0.0.68&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 38ms
37ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A78351%2C%22sc%22%3A0%2C%22pl%22%3A625902%2C%22ev%22%3A%22vis50%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 38ms
37ms Image
image/gif 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A78351%2C%22sc%22%3A0%2C%22pl%22%3A625902%2C%22ev%22%3A%22cheap%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A0%7D&sid=6111d772-d53f-7caa-f0pc-muikpw0yr020&ref=http%3A%2F%2Fa-nevsky.ru%2F&r=1628559219
Requested by: Host: a-nevsky.ru
URL: http://a-nevsky.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame 67F1 18 KB
8 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:27:20 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 67F1 2 KB
1 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:16:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67F1 124 KB
37 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 67F1 14 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:04:24 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 73 KB
19 KB 27ms
12ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d44fb4dccffb93f08f8477a8d5d5c8e59c0beb0ebbadecbc0d38928aeadf5673

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6763518655899276271/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 03 Aug 2021 11:14:57 GMT
expires: Wed, 03 Aug 2022 11:14:57 GMT
last-modified: Thu, 20 May 2021 11:54:36 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18114
age: 569922
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 67F1 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwEqrctcRYemVMJaJgQfRsZuYBpThl5dj-K3alp0O5KesrZ0lEAEg-ZKCBmCVAqABzIfq4gHIAQmpAlfAguO30n4-qAMByANIqgSzAU_QVyDwX-6Lz-OH48gLiy19AVbAi6iTLmnuyHkDMtC8A_Fk_FnuKO3jsi7J8Mo09lGHZSfqjQb1Eor7bZOUCMVw5s9-IvzdLFTRZBFk6-6NkX-nAJaLXN9aU4qQqGXBThp1Pw_SiJnQo2HtDmtx-gK6ptz3oH5Gu_x7gDBSb-90e9K2HoQyXFxJvigvHCM_KJmsbpJl28J8_H-SJi_U30-T6WEh36YutMZCTnrs-_4cy0fAwASdrreXxwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHnPiVnQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQg-ieAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXGgoYCAASFHB1Yi02MDQ0MjcxOTgxOTg4MjM5&sigh=9zbHPug45xE&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 10 Aug 2021 01:33:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:39 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F864 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknExgF_n-jsEgCLMsRCEMoSrgg7RqpSKPfYznE49nWVZpQaXXGJKbl9Q7GHYg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=4082413674&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218771&bpp=1&bdt=396&idt=1&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=2541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=bMRuHkUpZB&p=http%3A//a-nevsky.ru&dtd=3

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 10 Aug 2021 01:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 67F1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f32a55b1a4cd26554d9fef9267a9e0c84218f7389570868ff35a745d59162ff2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.com/watch/71281900/
Redirect Chain

https://mc.yandex.com/watch/71281900?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3...
https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp...

316 B
347 B

49ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A681278281269%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A307151002%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

030c059e100dc57aacae35b49c49825cc3760ba4d052bdd0d9a32da6e16dc9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A78351%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A681278281269%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A307151002%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9
strict-transport-security: max-age=31536000
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3A...

316 B
347 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A3%3Adp%3A0%3Als%3A1097125000904%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A348918329%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b845a0e5c7f9a6bc8f8911540deaa4254cc1f4be8f5182484dd119621d881024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A3%3Adp%3A0%3Als%3A1097125000904%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A348918329%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9
strict-transport-security: max-age=31536000
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/24888893/
Redirect Chain

https://mc.yandex.com/watch/24888893?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
https://mc.yandex.com/watch/24888893/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3A...

316 B
451 B

46ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24888893/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1475660460180%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A432663215%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

35c6fb80cc506c8a8268d1816c10ccbe62b54360810c100be31da6fd49c442f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Tue, 10-Aug-2021 01:33:39 GMT
location: /watch/24888893/1?wmode=7&page-url=http%3A%2F%2Fa-nevsky.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A490%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1475660460180%3Ahid%3A927925530%3Az%3A120%3Ai%3A202108010033339%3Aet%3A1628559219%3Ac%3A1%3Arn%3A432663215%3Au%3A1628559219954150188%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628559218146%3Ads%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C402%2C12%2C%2C%2C%2C631%3Adsn%3A63%2C13%2C149%2C48%2C0%2C0%2C%2C356%2C12%2C%2C%2C%2C631%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628559219%3At%3A%D0%90%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%20%D0%9D%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9
strict-transport-security: max-age=31536000
access-control-allow-origin: http://a-nevsky.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-Aug-2021 01:33:39 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B80 16 KB
6 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B80 26 KB
10 KB 21ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 12:37:33 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 7816
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839&crf=1

68 B
607 B

34ms
34ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F73D711613E0564AB02CC2839&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 7816
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F72D71161130056200200D68A

43 B
270 B

97ms
31ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F72D71161130056200200D68A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F72D71161130056200200D68A
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 7816
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F73D711613E0564AB02CC2839
https://px.adhigh.net/p/cm/sape?u=0100007F73D711613E0564AB02CC2839&bounced=1
https://acint.net/match?dp=17&euid=MAJvcjff5nv.AikABlF7LbGbAQ

43 B
269 B

32ms
31ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=MAJvcjff5nv.AikABlF7LbGbAQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f21-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=MAJvcjff5nv.AikABlF7LbGbAQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 7816 43 B
635 B 133ms
44ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Last-Modified: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 10 Aug 2021 07:33:39 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7816
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4300652087
https://www.acint.net/rmatch?dp=45&euid=AJMdKLE4J6SpBoSrgYzwJng&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F73D711613E0564AB02CC2839

42 B
201 B

176ms
75ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 10 Aug 2021 01:33:39 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F73D711613E0564AB02CC2839
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 7816 0
735 B 37ms
16ms Image
text/plain 2606:4700:3039::6815:c03a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c03a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgsNzbuHGG7C%2FMSpl4YmZ85XaxnyS2lNdyVxqT6xHKi00q8boa7JjQhbUsANk%2BwbHtucAwzDhR9z3x7N8nYo4Obtcpv8WIBU7iE2V0h9m85jBxE6aZm%2B%2FYPFr6qgsQtvwmT7BdrBksiozQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 67c57a309b204401-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 7816
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=e86aa4bb-8daf-4a1c-a03a-6d5917e51855
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjzrseIBlIEioaQK2IkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjzrseIBlIEioaQK2IkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**

43 B
552 B

25ms
24ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
ETag: fd66bb2e-f97a-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARjzrseIBmIkZTg2YWE0YmItOGRhZi00YTFjLWEwM2EtNmQ1OTE3ZTUxODU1ogEQ_Wa7Lvl6Eeum6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 7816 0
238 B 212ms
69ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F73D711613E0564AB02CC2839

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 101
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 7816 3 KB
3 KB 210ms
67ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Last-Modified: Thu, 05 Aug 2021 13:04:27 GMT
Server: nginx
ETag: "610be1db-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 7816 0
69 B 110ms
34ms Image
text/plain 195.201.106.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.106.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.106.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx/1.15.9

GET
H2

200

match
www.acint.net/ Frame 7816
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf3PXEWE-BWSrAswoOQ
https://www.acint.net/match?dp=77&euid=

43 B
269 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 7816
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839

43 B
115 B

83ms
27ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Tue, 10 Aug 2021 01:33:39 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F73D711613E0564AB02CC2839
date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7816 42 B
201 B 305ms
75ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 7816 43 B
982 B 206ms
71ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F73D711613E0564AB02CC2839

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web10
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame 7816
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F73D711613E0564AB02CC2839
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F73D711613E0564AB02CC2839
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=6111d773a897d8218b9a2569&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6111d773a897d8218b9a2569%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D6111d773a897d8218b9a2569%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D6111d773a897d8218b9a2569%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D6111d773a8...
https://prodmp.ru/yabbi.gif?uid=6111d773a897d8218b9a2569&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D6111d773a897d8218b9a2569%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest=
https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest=&bounce=1

0
433 B

66ms
66ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:40 GMT
last-modified: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 10 Aug 2021 01:33:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Tue, 10 Aug 2021 01:33:38 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=9712851&id=6111d773a897d8218b9a2569&dest=&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Tue, 10 Aug 2021 01:33:38 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 7816
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839&cs=1

35 B
378 B

32ms
32ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F73D711613E0564AB02CC2839&cs=1
date: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 7816
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=uys5bhhGTjub

43 B
269 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=uys5bhhGTjub
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=uys5bhhGTjub
Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 7816
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=4b3cc2f4-bee7-52de-8034-a446e1257335

43 B
269 B

32ms
32ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=4b3cc2f4-bee7-52de-8034-a446e1257335
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=4b3cc2f4-bee7-52de-8034-a446e1257335
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 7816
Redirect Chain

https://0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru/p?ssp=sp&id=0100007F73D711613E0564AB02CC2839
https://www.acint.net/match?dp=111&euid=1b54af86-f65f-45e1-b51b-6166d0df8515

43 B
269 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=1b54af86-f65f-45e1-b51b-6166d0df8515
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 10 Aug 2021 01:33:39 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=1b54af86-f65f-45e1-b51b-6166d0df8515
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.34
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ Frame 7816 0
440 B 244ms
82ms Image
text/plain 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

Fiv4lw-8SMq95dvNsDEvDA
an.yandex.ru/setud/mts_banner/ Frame 7816
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F73D711613E0564AB02CC2839
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&ssp=sape&exu=0100007F73D711613E0564AB02CC2839
https://tech.rtb.mts.ru/?dsp_uid=162bf897-0fbc-48ca-bde5-dbcdb0312f0c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FFiv4lw-8SMq95dvNsDEvDA%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/Fiv4lw-8SMq95dvNsDEvDA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&sign=706912196

43 B
176 B

57ms
57ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/Fiv4lw-8SMq95dvNsDEvDA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&sign=706912196

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:40 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 01:33:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 01:33:40 GMT

Redirect headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/Fiv4lw-8SMq95dvNsDEvDA?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3D162bf897-0fbc-48ca-bde5-dbcdb0312f0c&sign=706912196
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 7816
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=d91c4aad-ad2b-4b7a-488a-621e8582e9b6

43 B
269 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=d91c4aad-ad2b-4b7a-488a-621e8582e9b6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=d91c4aad-ad2b-4b7a-488a-621e8582e9b6
date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 7816
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F73D711613E0564AB02CC2839
https://www.acint.net/match?dp=127&euid=3Z6eTTYcYp8Bqcg7t2oS

43 B
269 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=3Z6eTTYcYp8Bqcg7t2oS
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=3Z6eTTYcYp8Bqcg7t2oS
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 7816 0
215 B 213ms
70ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Aug 2021 01:33:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F73D711613E0564AB02CC2839
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 7816 0
189 B 204ms
68ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 7816
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F73D711613E0564AB02CC2839
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F73D711613E0564AB02CC2839&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=24D4C0D593E1F9BE1249&back=STOP

0
433 B

66ms
66ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=24D4C0D593E1F9BE1249&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:40 GMT
last-modified: Tue, 10 Aug 2021 01:33:39 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 10 Aug 2021 01:33:39 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=24D4C0D593E1F9BE1249&back=STOP
Date: Tue, 10 Aug 2021 01:33:40 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 7816
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F73D711613E0564AB02CC2839
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjzrseIBlIFrbKc-w9iIDAxMDAwMDdGNzNENzExNjEzRTA1NjRBQjAyQ0MyODM5
https://sync.bumlam.com/?src=sap1&s_data=CAIQABjzrseIBmIgMDEwMDAwN0Y3M0Q3MTE2MTNFMDU2NEFCMDJDQzI4MzmiARD9Zrsu-XoR66bpACWQyCQ3

0
523 B

32ms
24ms

Image
text/html

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQABjzrseIBmIgMDEwMDAwN0Y3M0Q3MTE2MTNFMDU2NEFCMDJDQzI4MzmiARD9Zrsu-XoR66bpACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx
ETag: fd66bb2e-f97a-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQABjzrseIBmIgMDEwMDAwN0Y3M0Q3MTE2MTNFMDU2NEFCMDJDQzI4MzmiARD9Zrsu-XoR66bpACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0100007F73D711613E0564AB02CC2839
an.yandex.ru/mapuid/sapeis/ Frame 7816
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839
https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839?redir-setuniq=1

43 B
108 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 01:33:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 01:33:39 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 01:33:39 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F73D711613E0564AB02CC2839?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 10 Aug 2021 01:33:39 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 1DDC 187 B
403 B 120ms
94ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://www.acint.net/

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67c57a30aecc16ee-FRA
content-encoding: gzip

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame 803A 18 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:27:20 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 803A 2 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:16:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 803A 124 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508775336984"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38212
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:39 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 803A 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Aug 2021 01:04:24 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 70 KB
17 KB 9ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39b3b808e5d98c22ea2824f281cd20135885ce996c30b1417ea45326dabe9676

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6419387625966304539/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 05 Aug 2021 22:02:40 GMT
expires: Fri, 05 Aug 2022 22:02:40 GMT
last-modified: Wed, 12 May 2021 19:45:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 17240
age: 358259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 803A 0
0 20ms
17ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQuHictcRYfjKL8mzx_AP2pyQiAGb1vifZNWw24XZDZ_VmM_aGRABIPmSggZglQKgAZ_n0vkCyAEJqQIygr0nc7CzPqgDAcgDSKoEqgFP0KtU-To3QJMP_nwIQXQF5uKxgOOQoklv3Bu1EFpfzSzt82cR6uXEEMGsSoiyW0llFaX7s2E16f8deIe7ZUJ7O_G9K63uEgZSI5Lcc7q8c9oTUGwF0IuW0BH9jYxheQWRKSZ-Kmp0Mt2-RNPJuwQqtrvdQltR6amBq54_p0zTQoF4dLijEyq1WyENDauE6eWpH38PsT0AKDo_cs_g-m5hNAX7LpwRY7giNcAE6-WNr74DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8mYrYYBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKyvCtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi02MDQ0MjcxOTgxOTg4MjM5&sigh=d7NLmM6p4iU&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 10 Aug 2021 01:33:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F864
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknExgF_n-jsEgCLMsRCEMoSrgg7RqpSKPfYznE49nWVZpQaXXGJKbl9Q7GHYg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Aug 2021 01:33:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 10-Aug-2021 02:33:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Aug 2021 01:33:39 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D16 143 B
163 B 5ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknExgF_n-jsEgCLMsRCEMoSrgg7RqpSKPfYznE49nWVZpQaXXGJKbl9Q7GHYg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 10 Aug 2021 01:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E410 16 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 18:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 18:13:47 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E410 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 12:37:33 GMT

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B80 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 431771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:37:28 GMT

GET
DATA 200
OK truncated
/ Frame 803A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1e746227831715ab67232b4c45c86d71a18c4f80254c7b7edb6ba343e7a3848

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 h3_white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 3 KB
1 KB 9ms
7ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/h3_white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0079db41cc000d526e0357da416cfca906858e9c9830a1e6369bb61553632ea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 570027
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1224
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Tue, 03 Aug 2021 11:13:12 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 11:13:12 GMT

GET
H3-29 200 h2_white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 2 KB
1 KB 11ms
9ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/h2_white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da709f524afe27e2623518d3198b5c164aa08aa60f44f039b8a97a9498cf0a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 545662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1110
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Tue, 03 Aug 2021 17:59:17 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 17:59:17 GMT

GET
H3-29 200 h1_white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 2 KB
753 B 10ms
8ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/h1_white.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53aab2045fac269fc55e0f07012ff8a79ecf2654876e9a84e972ab0ff0047d05

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 579833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 725
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Tue, 03 Aug 2021 08:29:46 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:29:46 GMT

GET
H3-29 200 sendify_logo_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 14 KB
14 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/sendify_logo_white.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa28d2585de8bf4801b1f999e60ca8888d03833e7a795283142cc7a7cfd6823f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 490223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14555
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Wed, 04 Aug 2021 09:23:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 09:23:16 GMT

GET
H3-29 200 CTA_bold.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 2 KB
984 B 11ms
9ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/CTA_bold.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887b4df5196c39c137eb85a0b30f3dcb3e0b9fdf45515ad098b57b2135665a8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 474320
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 956
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Wed, 04 Aug 2021 13:48:19 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:48:19 GMT

GET
H3-29 200 hovering-boxes_mbqy7y.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/ Frame 3B80 32 KB
32 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6763518655899276271/hovering-boxes_mbqy7y.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc6697bd88faa9239202c9f4f64307c5a36cada1bb63aded91af9e1dc7050508

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 19363
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32413
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:54:36 GMT
server: sffe
date: Mon, 09 Aug 2021 20:10:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 20:10:56 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5D16
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6044271981988239&output=html&h=90&slotname=5638541248&adk=590872440&adf=2804348774&pi=t.ma~as.5638541248&w=728&lmt=1628559218&psa=0&format=728x90&url=http%3A%2F%2Fa-nevsky.ru%2F&flash=0&wgl=1&dt=1628559218662&bpp=1&bdt=287&idt=93&shv=r20210805&mjsv=m202108090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3528565124336&frm=20&pv=1&ga_vid=380726167.1628559219&ga_sid=1628559219&ga_hid=1991954337&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=520&ady=244&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062165&oid=3&pvsid=1673782320766115&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=JJTJ1Z4xKJ&p=http%3A//a-nevsky.ru&dtd=104

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknExgF_n-jsEgCLMsRCEMoSrgg7RqpSKPfYznE49nWVZpQaXXGJKbl9Q7GHYg; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Aug 2021 01:33:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 10-Aug-2021 02:33:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 10 Aug 2021 01:33:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Aug 2021 01:33:39 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame E410 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 431771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:37:28 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 8 KB
8 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/CANCELACION_DE.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 10 KB
10 KB 11ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/CTA_DE_GRANDE.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 TEXTO3JUNIOR_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 9 KB
9 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO3JUNIOR_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2112b0b55830855010fe88c287e7f015dc6d7619a1a320121fbcf10583145b83

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8894
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 TEXTO2_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 10 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO2_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04066b81cb329adf67cc6dc06de907c3c473b231b4389895ffd0086770423df3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 271883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9765
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Fri, 06 Aug 2021 22:02:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 22:02:16 GMT

GET
H3-29 200 TEXTO1_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 9 KB
9 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO1_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

556e892e1ce7f140f4d85555813102ef56a3dac0765138d5ff5ebae287ee615a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8918
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 LETRAS_JUNIOR_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 14 KB
14 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/LETRAS_JUNIOR_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3702ae4875f4ab97aafba3c4e2e5736fb08cf8943c8ef11c69b271fe1eca093f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14487
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 fondo728x90_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 55 KB
55 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/fondo728x90_1.jpg

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ac8a1279fad0b77318be5af52f3be6e0ba11eef73430758e28640e3f33fcc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55866
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 1DDC 20 KB
7 KB 14ms
13ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac8dad499b9f1e485ffad223897351b5700dbc86ccefd3a86d75d1f13f8eed47

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 13:34:34 GMT
server: cloudflare
age: 48
etag: "05132763589d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 67c57a316f6c16ee-FRA
content-length: 6677

GET
DATA 200
OK truncated
/ Frame E410 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 1DDC 43 B
389 B 235ms
87ms Image
image/gif 88.212.233.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F73D711613E0564AB02CC2839
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.108 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 01:33:39 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H3-29 200 fondo728x90_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 55 KB
55 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/fondo728x90_1.jpg

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58ac8a1279fad0b77318be5af52f3be6e0ba11eef73430758e28640e3f33fcc7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55866
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 LETRAS_JUNIOR_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 14 KB
14 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/LETRAS_JUNIOR_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3702ae4875f4ab97aafba3c4e2e5736fb08cf8943c8ef11c69b271fe1eca093f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14487
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 TEXTO1_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 9 KB
9 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO1_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

556e892e1ce7f140f4d85555813102ef56a3dac0765138d5ff5ebae287ee615a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8918
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 TEXTO2_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 10 KB
10 KB 8ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO2_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04066b81cb329adf67cc6dc06de907c3c473b231b4389895ffd0086770423df3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 271883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9765
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Fri, 06 Aug 2021 22:02:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 22:02:16 GMT

GET
H3-29 200 TEXTO3JUNIOR_DE_728.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 9 KB
9 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/TEXTO3JUNIOR_DE_728.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2112b0b55830855010fe88c287e7f015dc6d7619a1a320121fbcf10583145b83

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8894
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 10 KB
10 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/CTA_DE_GRANDE.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/ Frame E410 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6419387625966304539/CANCELACION_DE.png

Requested by

Host: a-nevsky.ru
URL: http://a-nevsky.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 358259
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:16 GMT
server: sffe
date: Thu, 05 Aug 2021 22:02:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 22:02:40 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 7816 15 KB
16 KB 119ms
118ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=710826517787671
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:39 GMT
Last-Modified: Thu, 05 Aug 2021 13:04:27 GMT
Server: nginx
ETag: "610be1db-3db4"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15796

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 7816
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711...

49 B
602 B

80ms
80ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 9
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.858939256887268&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 7816
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711...

49 B
603 B

97ms
97ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 24
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=422528007526474.581174874845946&a=77&e=0100007F73D711613E0564AB02CC2839&pref=http%3A%2F%2Fa-nevsky.ru%2F&c=ss:77.up:0100007F73D711613E0564AB02CC2839.sync:up.xdua:duBDesDZNnnOcjUJKbz56q2i.xps:xpsOjkVQTctVFEfSVwMgSTyGF.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 803A 42 B
64 B 29ms
16ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuw5T3MXz0VNtBnhAo3CMkD9SlPrdnBW65f-h3E1O2orYpvQSfQKmFHiIcyglWMhSRqdUgX3mkREDKH7npy3qOzJ_UCYWkDzIsYvsEwMCSRtSLESva19rs5PHMjsw&sai=AMfl-YScHIpJjzQmQMkB_GsnU5SPAhy6AZs3DBl_WWBX1aoEUi_dlLus2fE8TMULGQV696wba88GWbQfL955&sig=Cg0ArKJSzL-utOWQbUg5EAE&id=lidar2&mcvt=1000&p=244,520,334,1248&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=590872440&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1628559218767&dlt=359&rpt=59&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 3C7C 1023 B
914 B 67ms
67ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://a-nevsky.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utl_id2=23026709013; utl_dat="COqwxu2yLxAAIOqBkfayLyjqgZH2si8wACdc6CA5ClZqFGJoEPAhqNQ="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

Server: nginx
Date: Tue, 10 Aug 2021 01:33:40 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 10 Aug 2021 02:03:40 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 74ms
73ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.878781293938186
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4937790945a8a9eb3ba036f8926f57bb843cc345f2d6976d2bfaad07a64a136f

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Aug 2021 01:33:40 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Wed, 12 May 2021 12:38:08 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210805&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

026f068ab92a8d1a66bdf21e09886a4f678e27f1c13dea432e1a37de5de7689d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Aug 2021 01:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8640
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 10 Aug 2021 01:33:40 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5357 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 23:04:56 GMT
expires: Tue, 09 Aug 2022 23:04:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 39DE 783 B
532 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4664784898494ed9ca726303b2164f2c8a0c539880c9c21d2b9a4ac9a5d3ba11

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8OZc3snyRYacOB9JDxd89Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://a-nevsky.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

expires: Tue, 10 Aug 2021 01:33:40 GMT
date: Tue, 10 Aug 2021 01:33:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8OZc3snyRYacOB9JDxd89Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame 5357 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 01:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 431772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 01:37:28 GMT

GET
H/1.1 200
OK / Show response
meealt.ru/bcn/ 164 B
488 B 213ms
70ms Script
text/html 92.63.193.64
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://meealt.ru/bcn/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.878781293938186

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.193.64 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta1501.ru

Software

nginx/1.13.12 /

Resource Hash

1b1bf906160a6c0e4edeeeedebc32fc19b7bf32098627f90070e4bff977d1fe4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Last-Modified: Tuesday, 10-Aug-2021 01:33:40 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 164

GET
H/1.1 200
OK / Show response
dspco.ru/tab/ 0
322 B 268ms
125ms Script
text/html 82.146.33.102
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dspco.ru/tab/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.878781293938186

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

82.146.33.102 Moscow, Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta1002.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Last-Modified: Tuesday, 10-Aug-2021 01:33:40 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET smart.js
static.tnsis.ru/c82up/ 0
0

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/zp/ Frame 3C7C 0
154 B 89ms
88ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/zp/imp?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=6265b833-2ab3-4b25-ad95-0ba4a2846d80&ttl=JUQwJTkwJUQwJUJCJUQwJUI1JUQwJUJBJUQxJTgxJUQwJUIwJUQwJUJEJUQwJUI0JUQxJTgwJTIwJUQwJTlEJUQwJUI1JUQwJUIyJUQxJTgxJUQwJUJBJUQwJUI4JUQwJUI5&url=http%3A%2F%2Fa-nevsky.ru%2F&rnd=0.4783432009342601
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Aug 2021 01:33:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/zp/ Frame 3C7C 0
154 B 86ms
85ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/zp/imp?pid=1921144&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=6265b833-2ab3-4b25-ad95-0ba4a2846d80&ttl=JUQwJTkwJUQwJUJCJUQwJUI1JUQwJUJBJUQxJTgxJUQwJUIwJUQwJUJEJUQwJUI0JUQxJTgwJTIwJUQwJTlEJUQwJUI1JUQwJUIyJUQxJTgxJUQwJUJBJUQwJUI4JUQwJUI5&url=http%3A%2F%2Fa-nevsky.ru%2F&rnd=0.41023303001188904
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w.uptolike.com/widgets/v1/impression.html?15829e745500233396b7bd90b8f92114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 10 Aug 2021 01:33:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210805&jk=1673782320766115&bg=!mZqlmt7NAAbOj6irzo87ACkAdvg8WoFxcaP7YW5MIslrv08wIlbz0jEXGYoknFKPziT8tjfoKFTQLwIAAABLUgAAAAhoAQeZAne0GS93dySpE_LzXHTTOQngFlTt8At4OxqIyIej5D-F05nMJu7I8Ng_IXFkeQZ3fCyCWUlGKdBU4JR1DnMhKUloDTCGWqjSqbLSREeVPOyHu5xiW--GlSnRUhbQr6fa67cnRJsEarMUdjzORH63O2TJALvM-c-TOqz8Dap85_DSdCooylIRNbyEtUq4cAfhg8H3tjSZ6bXqd_lw11c6FwApXua0wnKnG_c9wrZpbP9cA6nIid3lg38-m4vzq5_h5d6_uYZbLQuU0fun-jvXwK8Hk2I6nF0wx6mo9xiuVR6VefuOYEqW3WjFh9cI01G1xBu-rhf53BAziQpq_46Bm85h_-m5c7t2UG6QVup5lR5kvtBCW7xaxBQM_2HJxkTOf-aBrWAn3YABGiiET2M4VPNhgT4j9tAGLsPIPsF6MHpb2VHf6kEBVDrcqtDeFUlDr7Smnl8eVM65SFZbeyGunnLgT-P5aqpjpTu_z_X7nH9r3LwEwDqzvguPH7rZtFc2cQqte3XLyMdAkMapYbBGLpmWmeeO-sdfkUtEOvxZ7K01VaVH_8ycbjQf7AwUg0Fy5P8CGcONKTupN_kjsr5MzgDz0LhgipQY9n-0KAJIFenguuaGnlHKMue3IUEVWpGqnaTdmQSbXQnkQP6-LwEB111s-UcrSObZDCXBvKsbG7TbbYhwmjQLGWDlTRevCBGEBBQkCzJ3rLJPqITwRVeHSR_MIxQCAd3tzh11vc-qsjWkN6IslGIcnDRFw9kSx5g9J75hR29-3xfu4u_rYhZGKdAO6RhxDynbll0hcR66oLBASBaSKl4i4Sdu5jehHPo__JWn7eCxbKvU

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Aug 2021 01:33:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
webdsp.ru/fut/ 0
320 B 208ms
150ms Script
application/javascript 92.63.97.182
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://webdsp.ru/fut/

Requested by

Host: meealt.ru
URL: https://meealt.ru/bcn/

Protocol

HTTP/1.1

Server

92.63.97.182 , Russian Federation, ASN29182 (THEFIRST-AS, RU),

Reverse DNS

belesta1005.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Tue, 10 Aug 2021 01:33:40 GMT
Last-Modified: Tuesday, 10-Aug-2021 01:33:40 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame D26F 14 KB
4 KB 73ms
72ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=lffeb60e68ab03946edfde6a939fd72c16b41e3ec2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Host: w.uptolike.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://a-nevsky.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: utl_id2=23026709013; utl_dat="COqwxu2yLxAAIOqBkfayLyjqgZH2si8wACdc6CA5ClZqFGJoEPAhqNQ="
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: http://a-nevsky.ru/

Response headers

Server: nginx
Date: Tue, 10 Aug 2021 01:33:41 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: max-age=1800
Expires: Tue, 10 Aug 2021 02:03:41 GMT
Content-Encoding: gzip

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112
https://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112

43 B
224 B

36ms
36ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://a-nevsky.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 01:33:42 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=05d45bd2-a3ee-4f8f-924a-e6df8f825e27&dp=14&tz=%2B02%3A00&nc=56526881&dT=2021-08-10T03%3A33%3A42.112
Date: Tue, 10 Aug 2021 01:33:42 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.tnsis.ru
URL: https://static.tnsis.ru/c82up/smart.js

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp151 Value: 1628559219
.advarkads.com/	1970-01-20 13:53:51	Name: u Value: EAIJN999JUOBAjQ_YU7iyw
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp146 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp144 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp136 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp138 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp127 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp126 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp125 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp107 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp149 Value: 1628559219
.acint.net/	1970-01-19 20:42:48	Name: cSyncDp104v2 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp95v2 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp88 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp101 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp68 Value: 1628559219
.acint.net/	1970-01-19 20:42:48	Name: cSyncDp111v2 Value: 1628559219
.acint.net/	1970-01-19 20:42:48	Name: cSyncDp77 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp67v2 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp53 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp32 Value: 1628559219
.a-nevsky.ru/	1970-01-20 05:44:15	Name: __gads Value: ID=78602a36497165ae-221422bb9ac900de:T=1628559218:RT=1628559218:S=ALNI_MYxMvHQdTH9dcBzUFsDxRi2zoinRw
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp17 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp7v2 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp62 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp112v2 Value: 1628559219
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWER13OrZAU+OSjMAorNUWUwnrVPmQKELjV8wq7OYWRn
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp14v3 Value: 1628559219
.a-nevsky.ru/	1970-01-19 20:23:51	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 05:44:15	Name: IDE Value: AHWqTUknExgF_n-jsEgCLMsRCEMoSrgg7RqpSKPfYznE49nWVZpQaXXGJKbl9Q7GHYg
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp85 Value: 1628559219
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp54v2 Value: 1628559219
.doubleclick.net/	1970-01-19 20:22:42	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 20:22:40	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-19 21:05:51	Name: cSyncDp84 Value: 1628559219
a-nevsky.ru/	1978-01-11 21:31:40	Name: fid Value: 35062f90-ac95-43d7-b8ee-ab07cf8e8439
.acint.net/	1970-01-19 20:24:05	Name: cSyncDp45v3 Value: 1628559219
.a-nevsky.ru/	1970-01-20 05:08:15	Name: _ym_d Value: 1628559219
.a-nevsky.ru/	1970-01-20 05:08:15	Name: _ym_uid Value: 1628559219954150188

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f73d711613e0564ab02cc2839-sp.ops.beeline.ru
a-nevsky.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
bs.yandex.ru
cdn-rtb.sape.ru
cdn.ampproject.org
clients1.google.com
cm.g.doubleclick.net
counter.yadro.ru
cse.google.com
dm.hybrid.ai
dmg.digitaltarget.ru
dspco.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
meealt.ru
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
static.tnsis.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
w.uptolike.com
webdsp.ru
www.acint.net
www.google.com
www.googletagservices.com
x01.aidata.io
yastatic.net
static.tnsis.ru
109.248.237.37
142.250.184.194
142.250.185.162
159.69.74.9
185.15.175.130
188.34.131.132
188.42.196.115
193.106.93.124
193.232.148.160
194.190.117.93
195.201.106.117
195.201.243.71
195.209.108.48
213.87.44.187
217.65.2.150
217.66.147.167
2606:4700:10::6816:557
2606:4700:3039::6815:c03a
2a00:1148:db00::17
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
31.172.81.159
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.16
37.46.135.112
37.9.245.57
46.4.121.26
78.46.100.125
80.64.106.147
81.222.128.214
82.146.33.102
88.198.31.232
88.212.201.216
88.212.233.108
89.108.120.68
89.108.97.2
92.63.193.64
92.63.97.182
93.95.102.105
95.163.114.204
95.163.37.253
95.181.171.231
95.211.66.35
00ba7c7dd4bf0796ff563536b63615cefa0bfdeae9c8a7629364dc184820619b
023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740
026f068ab92a8d1a66bdf21e09886a4f678e27f1c13dea432e1a37de5de7689d
030c059e100dc57aacae35b49c49825cc3760ba4d052bdd0d9a32da6e16dc9d5
04066b81cb329adf67cc6dc06de907c3c473b231b4389895ffd0086770423df3
06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a
0b3e3d2ac9afcd674abadabb06056c0413c36d4c809404fe32287b576affff52
10202b17617d47c2fac56e9c7aea4d46bdfd188cdea095bd04c11fe376662e50
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1bf906160a6c0e4edeeeedebc32fc19b7bf32098627f90070e4bff977d1fe4
1b41190b21e316eaee073fedc2eab43b6c11e0ce72437eb566f4730af41440ca
1cdca8e3632f683e48a8efec4788320780f1de927ff5bb783083d4ba0c9cccb7
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
2112b0b55830855010fe88c287e7f015dc6d7619a1a320121fbcf10583145b83
243d733fc4cb5f675878431ea5a3dd1092be3f291aa3524108df0f4145203d93
2478cc879f64eff37951460c34458fbf3035b13c6338d87ea0e96ad2e58aa34e
24ce9973cb07fdebd25102dc5ce9d55d8c1d940d478c6e10ea311402be22741a
24f6dc5b60e6bb42f8fbf77a0534c9a7b9d6b00212723b46ec03d6f87b0de507
2751eb32e3720b540ff8210d70e6af4c916a255ff05d96130d0125576b14afa5
2796de25f6fd440e0e5c22083475cbe51373b47d3511b6683cbb450f6a1117cf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b63a43001330411299ea3949b123876de9911e1466b39e74b48998083c53fc2
2ba5e6e7c48a613c9e589dc7beaa72f3d4f964cd0d7de648c78e164698d2ed08
2dd68541e6b80d4dba7e3c1a2880d622e8dd0c5a4429edc52de270e0162c45f9
2e64686fdce32a0de742777eaf1379f9bd484a0f0d0930b9b68222e5919abae6
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
35c6fb80cc506c8a8268d1816c10ccbe62b54360810c100be31da6fd49c442f6
3702ae4875f4ab97aafba3c4e2e5736fb08cf8943c8ef11c69b271fe1eca093f
39b3b808e5d98c22ea2824f281cd20135885ce996c30b1417ea45326dabe9676
3acacaa9a457e486716c78af40312b2eb1e68e9ad5f10a48f82c83cb94f160a2
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c93d2cccd89dedde4708d853325bf14b8a5a90e387d1dd80f2bd58ac1083b29
3eeda384457799a3faec105b102d63a2b2aea04b852c7fd7de0b78063f66235e
4528e5f79faf6abe0d30c3fecfe095bb240f0a2751ca51ed365fdef1e41cfb03
4664784898494ed9ca726303b2164f2c8a0c539880c9c21d2b9a4ac9a5d3ba11
4937790945a8a9eb3ba036f8926f57bb843cc345f2d6976d2bfaad07a64a136f
4a6a298152f2a3ea75674e3a42303847b728b6d7242d5efd40b07de8cb2bd610
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4da709f524afe27e2623518d3198b5c164aa08aa60f44f039b8a97a9498cf0a7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
53aab2045fac269fc55e0f07012ff8a79ecf2654876e9a84e972ab0ff0047d05
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
556e892e1ce7f140f4d85555813102ef56a3dac0765138d5ff5ebae287ee615a
58766fbaa9d2b6f6994eb68db221aee14016bf00f1b74234c4b62191c1af5b9a
58ac8a1279fad0b77318be5af52f3be6e0ba11eef73430758e28640e3f33fcc7
5e273118911a60833593a6f4ccde61b8306bc008f77cac9e08a62968774e6c12
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
637c12ba24b9ae706165ecc077af3bd3ae7dc5dfaeea512100e63cf549945f0b
6860f4c6f5e3096faa4e20c02d7d95dad759de21c2f8ab05d8569a52a2c7b1f8
6adac1f38f8c5c89d27c77b9e702d71c4eab938e6d3a4ce14c7fecb5cffebacb
759a04f97f38274ed00a71ae94168fc29858cb36ed54ddb183929bf984be89ee
7aa8cbbba3de33e794f3e50d989aa76431473489cfc506071cb4c0bea28410a4
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
8093ab4d254b73525654ed5a079b92046bb8a1b8ebf5106e6c64fdc783d42c2a
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
854d096c59a98a4cf5a58d04a973e365bc079c527708ef6b9ca4a9c60483514e
868ac8f1ddff855a8e4e3c1ec7e65760dd336052fab8ba05d7a7db16edf7ef8d
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
887b4df5196c39c137eb85a0b30f3dcb3e0b9fdf45515ad098b57b2135665a8e
8caf94850fd5ed5af6b1a38765292cdcc8d31bd4086b63664ede8689dc6762f5
8e87b010a098e84d3d9228a70ba5ba2ffa1ca3d4960927ba5e95683fab3911d5
8e96268766735ae11a87d1e3bea4e681b0b05e3afa54d79806dc1f550597fa15
8ea8ef6a20a2f7307560b9fee2788613b13492d30582c95b6f57bc53383b68bd
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
924f2b8d30539cd9bccf2ffc944db5e3ffe0234721ac467a5df40b54a7eb4e3a
97d7de9d8695e6e509be7c0e1a5e43e1ed56f1b23f7a57953a622fc91bcb4230
9bdbe7424cbac6b6e92b9d2d57352627b626c80b63e3e51086e64587d400107f
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9d37e34c27be76a4a366a11efba22de6f2eeb6ab3a80098d83aefdc88cabc7d9
9d45ec0385808e2b4c4aabc48f0842fe0d6c87136dc54e690d44ae340bffa243
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e746227831715ab67232b4c45c86d71a18c4f80254c7b7edb6ba343e7a3848
a21a401005a5968dd602372ba1c733b6236efe7bd8147ac0720db5588fcf4a40
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a620f61e21f58c093078d14c7aae7c70f97d4cf9857ba801c44c45d6c23b9898
a65ca709551706289ec6bddd6a77ada99141faf4d8ee7b234ecd9bd52439756b
aa28d2585de8bf4801b1f999e60ca8888d03833e7a795283142cc7a7cfd6823f
ac8dad499b9f1e485ffad223897351b5700dbc86ccefd3a86d75d1f13f8eed47
b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b845a0e5c7f9a6bc8f8911540deaa4254cc1f4be8f5182484dd119621d881024
bc6697bd88faa9239202c9f4f64307c5a36cada1bb63aded91af9e1dc7050508
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cb2b18ff7b82cdbab0ba5f095448f16c159526ff504699042f8069f1a70ae7f4
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d442eff792cc77c846cd1852099746ee82cd24f37cd00e7128532c323ef47022
d44fb4dccffb93f08f8477a8d5d5c8e59c0beb0ebbadecbc0d38928aeadf5673
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6818233196805813f905869cf6de409a90426818bb8de7cd870bdc9b9903283
d84aa72c445c1b62aa1a108ebbf9ddbbea20a5aeef44d1fc65d4a40bc7055202
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e0079db41cc000d526e0357da416cfca906858e9c9830a1e6369bb61553632ea
e24000774459c2533e048c4c80d0cc7d2ed08ed143998906acb1709ea14dcbbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
eb10694288d1e64fd1fd40a7c0560b69f8c3b83e794c1c242e8ca906d4851ddb
eb284b6ce56d463be4f11f74f724156c275c544b99acd4700a441865a168069e
eb88810a5d5b042a09f8c54e4947718e9f03792d6a7ea448645d9c0066bbcba4
ec3c5cada1e2adc29cbf088b515c822f60d90438705765aa93d5ad7f3fd89ab2
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32a55b1a4cd26554d9fef9267a9e0c84218f7389570868ff35a745d59162ff2
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525
fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194
fea8606479be293623d33f06804e38eef6fea04bbb5bcec883cc948c34f6e4b8

a-nevsky.ru Open in urlscan Pro 37.46.135.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

176 Requests

76 %HTTPS

29 %IPv6

47 Domains

60 Subdomains

42 IPs

5 Countries

1740 kBTransfer

3611 kBSize

39 Cookies

9 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

a-nevsky.ru Open in urlscan Pro
37.46.135.112 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

76 %
HTTPS

29 %
IPv6

47
Domains

60
Subdomains

42
IPs

5
Countries

1740 kB
Transfer

3611 kB
Size

39
Cookies

176 HTTP transactions
10 data transactions