for-ua.info Open in urlscan Pro
2a01:4f8:1c17:5761::1  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://counter.yadro.ru/hit?t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967 HTTP 302
• https://counter.yadro.ru/hit?q;t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967

Request Chain 36

• https://top-fwz1.mail.ru/counter?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4193dd0e98e09653;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1646061957407%3A1646061957421%3A1%3A04de896587a80ede2a478b803cad86e6;opts=jst-ga;visible=true;_=0.2736662560568477 HTTP 302
• https://top-fwz1.mail.ru/counter2?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4193dd0e98e09653;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1646061957407%3A1646061957421%3A1%3A04de896587a80ede2a478b803cad86e6;opts=jst-ga;visible=true;_=0.2736662560568477

Request Chain 51

• https://sonar.semantiqo.com/dmp/scr.php HTTP 302
• https://counter.yadro.ru/id127/reff-id.gif?sid=57b5b850deae48c090161741ae8fafe7 HTTP 302
• https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=3BA83725AD449E41&sid=57b5b850deae48c090161741ae8fafe7 HTTP 302
• https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=57b5b850deae48c090161741ae8fafe7&spid=3BA83725AD449E41&v= HTTP 302
• https://sync.magnitent.com/fbfli/ct_sync.php?ct=551fa7a2452e4d369d3c30ba4b9200eb&sonar=57b5b850deae48c090161741ae8fafe7&spid=3BA83725AD449E41&v=

Request Chain 53

• https://dmg.digitaltarget.ru/1/119/i/i?i=1646061957 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1646061957 HTTP 307
• https://an.yandex.ru/mapuid/dmpamberdata/Uyd.9TlnEVLFoaw7YmYi

Request Chain 54

• https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/dmpsegmento/C3bnWGnyIKCz?sign=2839582437

Request Chain 55

• https://yandex-sync.rutarget.ru/sync HTTP 302
• https://an.yandex.ru/mapuid/rutargetis/h_OImZT5yfmF

Request Chain 56

• https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
• https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
• https://an.yandex.ru/mapuid/dmpaidatame/VQWW05JJtCjzigKNDAzs4A?sign=1461986042

Request Chain 57

• https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
• https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
• https://an.yandex.ru/mapuid/dmpcleverdata/ba98c880-98aa-11ec-acfd-901b0e8b2a6e?sign=1045899700

Request Chain 58

• https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
• https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1211093590 HTTP 302
• https://an.yandex.ru/mapuid/dmpweborama/XBkN.74NDyUi8S4jk0X6Qu

Request Chain 59

• https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
• https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 60

• https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
• https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=423652&dpuuid=97B2E73D15D92096 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=97B2E73D15D92096

Request Chain 62

• https://cm.tns-counter.ru/yacm HTTP 302
• https://an.yandex.ru/mapuid/mediascope/b2e71be4aaf6c9f27af03698d46783ed3f4ba0638d07570c35a26dd7663b74eb

Request Chain 63

• https://sync.upravel.com/yandex/sync HTTP 302
• https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
• https://3920b4bc-3be3-472f-9a2e-b0a1a6d37654.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
• https://an.yandex.ru/mapuid/upravelis/3920b4bc-3be3-472f-9a2e-b0a1a6d37654

Request Chain 64

• https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
• https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 65

• https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
• https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 66

• https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
• https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
• https://an.yandex.ru/resource/spacer.gif

Request Chain 67

• https://an.yandex.ru/mapuid/operacom/ HTTP 302
• https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
• https://t.adx.opera.com/sync?vendor=60143&uid=DF0007101CBB07E4

Request Chain 68

• https://an.yandex.ru/mapuid/betweenx/ HTTP 302
• https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F182760A353275A1 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F182760A353275A1&crf=1

Request Chain 69

• https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
• https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=0100007F89E91C622500370402966905&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D HTTP 302
• https://an.yandex.ru/mapuid/SAPEis/0100007F89E91C625700571A024C4E96

Request Chain 70

• https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
• https://an.yandex.ru/mapuid/qbitis/b12ef08a-7d02-4238-b927-e84f5ec05972

Request Chain 71

• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
• https://an.yandex.ru/mapuid/betweendigitalis/4a9f9349-2579-533b-af61-5b68cd7db2ee

Request Chain 72

• https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
• https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
• https://tech.rtb.mts.ru/?dsp_uid=09c069e0-a544-424d-9a6a-476a21913ccd&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F09c069e0-a544-424d-9a6a-476a21913ccd HTTP 302
• https://an.yandex.ru/mapuid/mtsdspis/09c069e0-a544-424d-9a6a-476a21913ccd

Request Chain 76

• https://s.uuidksinc.net/match/501 HTTP 302
• https://an.yandex.ru/mapuid/kadamis/CXGvAygeVfIHG8IBVa0O

Request Chain 77

• https://px.adhigh.net/p/cm/yandexssp HTTP 302
• https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
• https://an.yandex.ru/mapuid/getintentis/u8s1LLAVpRg2.AikABlF_QPA24g

Request Chain 78

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9563.XV9h8Pq92W1IpoTPvUTRizHtjdWhqMEcQsV9vkniXREHNALVzWxCyeBFWHUcLxG5.PBeWWTk4NmpkHvkKJP9-h_2WNj0%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9563.jj9RytBWl1Qgafh7J5jpXCvyqu3r2FgwhijoTc5HaNXn19VxvJNv7nYmcmvRo2LENkucCdKWlyWCWZjyauSykkFPVkxtPelg2NmLCPsz1So%2C.OQBoDyYBg9_JHB7DO2vvN3b_WF0%2C

Request Chain 80

• https://mc.yandex.com/watch/449479?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A59505114%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)mc(p-1)aw(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/449479/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A59505114%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29aw%281%29ti%282%29

Request Chain 81

• https://mc.yandex.com/watch/25977589?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1141016261404%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A398725116%3Arqn%3A1%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Ads%3A0%2C25%2C475%2C1%2C0%2C0%2C%2C132%2C0%2C%2C%2C%2C634%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)aw(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/25977589/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1141016261404%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A398725116%3Arqn%3A1%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Ads%3A0%2C25%2C475%2C1%2C0%2C0%2C%2C132%2C0%2C%2C%2C%2C634%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 99

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iOkcYpOjEYGD9fgP79aG4Ao&random=901054923&sscte=1&crd=CNGksQI HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=350809611 HTTP 302
• https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=350809611&ipr=y

Request Chain 100

• https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iOkcYtWkEczxbLiyhJAF&random=2141533602&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014 HTTP 302
• https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014&ipr=y

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response for-ua.info/	72 KB 14 KB	500ms 474ms	Document text/html	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash b86a8c49c6e89d4315e0994175817fbbf8798c1e7201f1f45250c18a5ea655b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx/1.20.1 date Mon, 28 Feb 2022 15:25:57 GMT content-type text/html; charset=UTF-8 cache-control private, no-cache="set-cookie" expires 0 pragma no-cache strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	39ms 16ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 28 Feb 2022 15:21:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 28 Feb 2022 15:25:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 28 Feb 2022 15:25:57 GMT
GET H2	200	stylesheet.css for-ua.info/styles/subsilver2/theme/	12 KB 3 KB	13ms 12ms	Stylesheet text/css	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://for-ua.info/styles/subsilver2/theme/stylesheet.css Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash ae8810bff3e1f8eec49b41654de7b76ff3cea9b11823b4c2c6e8ba28d574edf8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip last-modified Tue, 07 Jun 2016 16:27:37 GMT server nginx/1.20.1 etag W/"5756f5f9-2ea7" strict-transport-security max-age=31536000; includeSubDomains content-type text/css
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	153 KB 53 KB	77ms 55ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c50dd99ead9ecb82f2264892f95f622c189636f6a0018629e4efff3e93052b30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53803 x-xss-protection 0 server cafe etag 11118768233438790036 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 28 Feb 2022 15:25:57 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 30 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:07:15 GMT content-encoding gzip x-content-type-options nosniff age 281922 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30089 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 25 Feb 2023 09:07:15 GMT
GET H2	200	jquery.jcarousellite.min.js Show response for-ua.info/styles/subsilver2/template/	2 KB 1 KB	12ms 11ms	Script application/javascript	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://for-ua.info/styles/subsilver2/template/jquery.jcarousellite.min.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash e6eb6e44c4f457323652f6d34f693e86c3fccde8831ea19d2342540a2a99971e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip last-modified Wed, 30 Mar 2016 17:45:45 GMT server nginx/1.20.1 etag W/"56fc10c9-9cc" strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8
GET H2	200	site_logo8.png for-ua.info/styles/subsilver2/imageset/	84 KB 84 KB	16ms 12ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/imageset/site_logo8.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash bf597034ff2d14dfc4f6e598dad7e32572cd333f39297046998a37b71ceaedc1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Sun, 17 Apr 2016 19:51:06 GMT server nginx/1.20.1 etag "5713e92a-1505b" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 86107
GET H2	200	icon_mini_register.gif for-ua.info/styles/subsilver2/theme/images/	224 B 395 B	27ms 23ms	Image image/gif	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/theme/images/icon_mini_register.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash bfaaaa15baef873aec367889e0210f4d6eb117200f1d7e6471ac7bc9a36af824 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 27 Sep 2013 17:20:52 GMT server nginx/1.20.1 etag "5245be74-e0" strict-transport-security max-age=31536000; includeSubDomains content-type image/gif accept-ranges bytes content-length 224
GET H2	200	icon_topic_attach.gif for-ua.info/styles/subsilver2/imageset/	217 B 388 B	27ms 24ms	Image image/gif	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/imageset/icon_topic_attach.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 750de2e59202b0482409814b044fac8ca640f38713cab6c2cf6de4d28d99d68b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 27 Sep 2013 17:20:52 GMT server nginx/1.20.1 etag "5245be74-d9" strict-transport-security max-age=31536000; includeSubDomains content-type image/gif accept-ranges bytes content-length 217
GET H2	200	fico1.png for-ua.info//images/icons/misc/	1 KB 2 KB	27ms 24ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info//images/icons/misc/fico1.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 90d42d07e30b242d331c0c335c25b4e0230e548268a4cf43102d79e28f80d51a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 25 Mar 2016 15:28:17 GMT server nginx/1.20.1 etag "56f55911-5e3" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1507
GET H2	200	fico6.png for-ua.info//images/icons/misc/	1 KB 2 KB	27ms 24ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info//images/icons/misc/fico6.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 5a90cfd3cefe61147d08a8ce98e523cd0dcc77a1f52feaa14b9df20fc26517bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 25 Mar 2016 15:28:22 GMT server nginx/1.20.1 etag "56f55916-580" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1408
GET H2	200	fico7.png for-ua.info//images/icons/misc/	752 B 924 B	27ms 24ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info//images/icons/misc/fico7.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash c230e692ecc33353f638dd2fee242baf6f4eb7ae2becd3f45981240b969e0708 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 25 Mar 2016 15:28:22 GMT server nginx/1.20.1 etag "56f55916-2f0" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 752
GET H2	200	fico8.png for-ua.info//images/icons/misc/	1 KB 1 KB	28ms 25ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info//images/icons/misc/fico8.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash adbab6cafb58322d38bce033bf7065c45399b97482d99b0087f5d0971767d440 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 25 Mar 2016 15:28:22 GMT server nginx/1.20.1 etag "56f55916-4e6" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1254
GET H2	200	fico4.png for-ua.info//images/icons/misc/	487 B 659 B	28ms 25ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info//images/icons/misc/fico4.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 8a08fb330ce65219810eb3780cea67abc05e90b866958d8a2f43623edf4d3f53 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 25 Mar 2016 15:28:21 GMT server nginx/1.20.1 etag "56f55915-1e7" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 487
GET H2	200	whosonline.gif for-ua.info/styles/subsilver2/theme/images/	929 B 1 KB	28ms 25ms	Image image/gif	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/theme/images/whosonline.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 5fbd958d1b2233321c680b5aefb5e89acf72cd57767d74674079afd2f5c0e38d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 27 Sep 2013 17:20:52 GMT server nginx/1.20.1 etag "5245be74-3a1" strict-transport-security max-age=31536000; includeSubDomains content-type image/gif accept-ranges bytes content-length 929
GET H2	200	whosonline.png for-ua.info/styles/subsilver2/theme/images/	2 KB 2 KB	28ms 25ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/theme/images/whosonline.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 041da8fdbe877e2cc0b42d26a6ec75c17e8cf9b26cc32adda42233580f6eb751 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 31 Oct 2014 21:18:10 GMT server nginx/1.20.1 etag "5453fc92-6f9" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1785
GET H2	200	dayonline.gif for-ua.info/styles/subsilver2/theme/images/	1 KB 2 KB	28ms 26ms	Image image/gif	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/theme/images/dayonline.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 12370f869ce7d98f460ecafd5631d8de12faf73e4b506baadf44db04982fae8c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Fri, 31 Oct 2014 21:18:10 GMT server nginx/1.20.1 etag "5453fc92-5af" strict-transport-security max-age=31536000; includeSubDomains content-type image/gif accept-ranges bytes content-length 1455
GET H2	200	z_vk.png for-ua.info/styles/subsilver2/template/rot/	1 KB 1 KB	28ms 26ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/template/rot/z_vk.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 9f17a70172621be7fd3b2dde08764c71b7312b0019b36cd01bbb0f0882deb90f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Sat, 09 Apr 2016 16:18:14 GMT server nginx/1.20.1 etag "57092b46-540" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1344
GET H2	200	z_twitter.png for-ua.info/styles/subsilver2/template/rot/	1 KB 2 KB	29ms 26ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/template/rot/z_twitter.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 7cee04de5701fee3ace54765b4dae2c9bb89c04b93709b08909a1d8696d34f50 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Sat, 09 Apr 2016 16:18:14 GMT server nginx/1.20.1 etag "57092b46-55f" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 1375
GET H2	200	z_facebook.png for-ua.info/styles/subsilver2/template/rot/	883 B 1 KB	29ms 26ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/styles/subsilver2/template/rot/z_facebook.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash 2a9cc58944dda5e44b8b4e98a015519dfdad84ce43394cc74f2f2909f37684d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Sat, 09 Apr 2016 16:18:14 GMT server nginx/1.20.1 etag "57092b46-373" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 883
GET H2	200	ym1.png for-ua.info/images/	6 KB 6 KB	29ms 27ms	Image image/png	2a01:4f8:1c17:5761::1 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://for-ua.info/images/ym1.png Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:1c17:5761::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.20.1 / Resource Hash cfe33f20cdf8b14f8cb1cb46de8c4be2f435a3e93d0ef163a4423e4520010f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT last-modified Sat, 26 Mar 2016 00:57:39 GMT server nginx/1.20.1 etag "56f5de83-176c" strict-transport-security max-age=31536000; includeSubDomains content-type image/png accept-ranges bytes content-length 5996
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	39ms 6ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6664 date Mon, 28 Feb 2022 13:34:53 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 28 Feb 2022 15:34:53 GMT
GET H/1.1	200 OK	code-fb.js Show response mytopf.com/js/	27 KB 12 KB	218ms 95ms	Script application/javascript	79.137.156.169 CYMRG-AS
General Check archive.org Show headers Download Go to Full URL https://mytopf.com/js/code-fb.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 79.137.156.169 , Russian Federation, ASN205830 (CYMRG-AS, CY), Reverse DNS Software nginx / Resource Hash 2e93daab0cc0829f0c3b8325a2f6ca1fad4e2ef2dfe1bcfecc283b56e87bdc8d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 28 Feb 2022 15:25:57 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked P3P CP="NOI DSP COR NID CUR PSA OUR NOR" Connection keep-alive AMP-Access-Control-Allow-Source-Origin * Last-Modified Wed, 22 Dec 2021 12:22:53 GMT Server nginx ETag W/"61c3189d-6b41" Access-Control-Allow-Methods GET, POST, HEAD, PUT, OPTIONS Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers AMP-Access-Control-Allow-Source-Origin Cache-Control max-age=3600, private Access-Control-Allow-Credentials true Accept-CH-Lifetime 86400 Accept-CH DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version Timing-Allow-Origin * Access-Control-Allow-Headers * Expires Mon, 28 Feb 2022 16:25:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	39ms 7ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 17:56:19 GMT x-content-type-options nosniff age 422978 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 23 Feb 2023 17:56:19 GMT
GET H2	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v29/	9 KB 10 KB	49ms 17ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 04:11:53 GMT x-content-type-options nosniff age 299644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 25 Feb 2023 04:11:53 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 15 KB	42ms 10ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 25 Feb 2022 09:48:03 GMT x-content-type-options nosniff age 279474 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 25 Feb 2023 09:48:03 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 fonts.gstatic.com/s/roboto/v29/	9 KB 9 KB	39ms 19ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&subset=latin,cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Wed, 23 Feb 2022 18:07:18 GMT x-content-type-options nosniff age 422319 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9544 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:33 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 23 Feb 2023 18:07:18 GMT
GET H2	200	context.js Show response an.yandex.ru/system/	277 KB 76 KB	153ms 65ms	Script text/javascript	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/system/context.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash b8c89900c1e5e98c48b45ceaa0fe8c8b888b91dbb9f8043018be61da5c604f73 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * strict-transport-security max-age=31536000 content-encoding br x-yandex-req-id 1646061957318445-120601962098661371000239-production-app-host-vla-pcode-100 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 x-robots-tag noindex, noarchive, nofollow expires Mon, 28 Feb 2022 16:25:57 GMT
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967 https://counter.yadro.ru/hit?q;t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967	207 B 693 B	84ms 83ms	Image image/gif	88.212.201.198 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Server 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS host198.rax.ru Software nginx/1.17.9 / Resource Hash d6edd0443a1d06992866cc3ae9efbef56bd2173c60cfb8e5c716f923bcbf9bf3 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Feb 2022 15:26:11 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Type image/gif Content-Length 207 Expires Sat, 27 Feb 2021 21:00:00 GMT Redirect headers Pragma no-cache Date Mon, 28 Feb 2022 15:26:11 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Location https://counter.yadro.ru/hit?q;t17.12;r;s1600*1200*24;uhttps%3A//for-ua.info/;0.5883108485301967 Cache-control no-cache Connection keep-alive Content-Type text/html Content-Length 32 Expires Sat, 27 Feb 2021 21:00:00 GMT
GET		watch_ua.js d31j93rd8oukbv.cloudfront.net/metrika/	0 0
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 204 B	19ms 19ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1386259854&t=pageview&_s=1&dl=https%3A%2F%2Ffor-ua.info%2F&ul=en-us&de=UTF-8&dt=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=246269150&gjid=251227814&cid=673163088.1646061957&tid=UA-54119957-1&_gid=1034097668.1646061957&_r=1&_slc=1&z=590338018 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://for-ua.info cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/	290 KB 104 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b7ea24747712484c1c05b0337f5538e246fb01a18b8d14ddd2de428f444ea92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 106770 x-xss-protection 0 server cafe etag 8686337993692154243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 28 Feb 2022 15:25:57 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame 435A	10 KB 5 KB	35ms 8ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4502 x-xss-protection 0 date Mon, 28 Feb 2022 04:58:03 GMT expires Mon, 14 Mar 2022 04:58:03 GMT cache-control public, max-age=1209600 age 37674 etag 4044455266028820542 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	215 B 646 B	91ms 38ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=for-ua.info&callback=_gfp_s_&client=ca-pub-7357359709395640 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash f261dda37c01e3459046f346eb699635236de99699b2c381cdec8d4ed8a803a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 202 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	94ms 42ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=for-ua.info Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	93ms 42ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=for-ua.info Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 224B	0 18 B	96ms 67ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7357359709395640&output=html&adk=1812271804&adf=3025194257&lmt=1646061957&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffor-ua.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646061957294&bpp=2&bdt=182&idt=88&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6133543497572&frm=20&pv=2&ga_vid=673163088.1646061957&ga_sid=1646061957&ga_hid=1386259854&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C31065251&oid=2&pvsid=2655752109250722&pem=679&tmod=1822682442&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=100 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 28 Feb 2022 15:25:57 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	counter2 top-fwz1.mail.ru/ Redirect Chain https://top-fwz1.mail.ru/counter?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20... https://top-fwz1.mail.ru/counter2?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%2...	43 B 957 B	106ms 105ms	Image image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter2?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4193dd0e98e09653;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1646061957407%3A1646061957421%3A1%3A04de896587a80ede2a478b803cad86e6;opts=jst-ga;visible=true;_=0.2736662560568477 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers * Redirect headers date Mon, 28 Feb 2022 15:25:57 GMT x-content-type-options nosniff access-control-allow-origin * p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 0 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS location https://top-fwz1.mail.ru/counter2?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;title=For-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4193dd0e98e09653;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.1//4g/0/0/;lvid=1646061957407%3A1646061957421%3A1%3A04de896587a80ede2a478b803cad86e6;opts=jst-ga;visible=true;_=0.2736662560568477 access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers *
GET H2	200	dffcb97a49be36ce6438.js Show response yastatic.net/partner-code-bundles/55324/	13 KB 5 KB	179ms 68ms	Script text/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/55324/dffcb97a49be36ce6438.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 6aa9fc68c202481d8ade84a5c62a6e96e7dc2866f19fa7da81e480da323d64b6 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://for-ua.info/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 4464 last-modified Mon, 28 Feb 2022 09:36:09 GMT server nginx/1.17.9 etag "e5a29ccde1face7392f2027b913e53a6" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Wed, 28 Feb 2052 21:59:29 GMT
GET H2	200	b685c346fd0fcd45f0c7.js Show response yastatic.net/partner-code-bundles/55324/	80 KB 17 KB	261ms 151ms	Script text/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/55324/b685c346fd0fcd45f0c7.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 539d7e1131eb759f9029e970b0d8e9cfe811a5f4fd2239295a72b8b5b374a9bc Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://for-ua.info/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 17003 last-modified Mon, 28 Feb 2022 09:36:09 GMT server nginx/1.17.9 etag "e3775f6f8e00d93262f4e53fb66c47a6" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Wed, 28 Feb 2052 21:59:30 GMT
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	366ms 256ms	Script text/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://for-ua.info/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 8878 last-modified Wed, 03 Nov 2021 13:42:58 GMT server nginx/1.17.9 etag "f80882bf67cf261aa08d636da095149a" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Wed, 28 Feb 2052 22:00:58 GMT
GET H2	200	449479 Show response an.yandex.ru/meta/	113 KB 32 KB	274ms 273ms	XHR application/json	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/meta/449479?target-ref=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&pcode-test-ids=503304%2C0%2C88%3B518751%2C0%2C70%3B521133%2C0%2C66%3B520958%2C0%2C60%3B528040%2C0%2C36%3B519043%2C0%2C94%3B520728%2C0%2C38%3B524735%2C0%2C56%3B522217%2C0%2C56%3B488525%2C0%2C88%3B406668%2C0%2C44%3B526153%2C0%2C88&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22504231%22%7D%5D%2C%22LOOP_ZEN_VIDEO_IN_TGO_AFTER_PLAYBACK%22%3A%5B%7B%22value%22%3A%22true%22%2C%22testId%22%3A%22524305%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22525557%22%2C%22testId%22%3A%22527156%22%7D%5D%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22527323%22%7D%5D%2C%22SHOW_LABEL_ON_SMALL_BUTTON%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22530109%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%2C257448%5D%2C%22testId%22%3A%22479101%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22COUNT_TO_XHR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22487824%22%7D%5D%2C%22WIDGET_OLD_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22504902%22%7D%5D%2C%22YANDEX_RU_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22507236%22%7D%5D%2C%22VIDEO_IN_COMBO_FULLSCREEN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22513230%22%7D%5D%2C%22FIX_BROKEN_NTP_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22517586%22%7D%5D%2C%22YANDEX_RU_DOMAIN_DISTRIB%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22521064%22%7D%5D%2C%22VAS_LOAD_GR_ON_SMALL_PERCENT%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22503304%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22518751%22%7D%5D%2C%22SMART_BANNER_SMART_CENTER%22%3A%5B%7B%22value%22%3A%22all%22%2C%22testId%22%3A%22521133%22%7D%5D%2C%22SMART_BANNER_ADAPTIVE_INCREASE_FONT_SIZE%22%3A%5B%7B%22value%22%3A11%2C%22testId%22%3A%22520958%22%7D%5D%2C%22CAROUSEL_ON_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22528040%22%7D%5D%2C%22ENABLE_MEDIA_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22519043%22%7D%5D%2C%22I18N_SPLIT_CHUNKS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22520728%22%7D%5D%2C%22LEARN_MORE_VARIANT%22%3A%5B%7B%22value%22%3A%222%22%2C%22testId%22%3A%22524735%22%7D%5D%2C%22NEW_WIDGET_CLICK_CONFIRM%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22522217%22%7D%5D%2C%22PP_INTENT_URL%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22488525%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2254909%22%2C%22testId%22%3A%22526153%22%7D%5D%7D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=eCt0K4eNcEU4LIlaBDbZ%2FNmxvz9p7mGatua%2F7CWqApwLvGfaStpT0uNq86fVMXin%2FqYyYScsJ4yKnJ4ybeb0BFGP374%3D&imp-id=12&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=15444702396418&ad-session-id=3756951646061957508&target-id=47236619&tga-with-creatives=1&top-ancestor=https%3A%2F%2Ffor-ua.info&top-ancestor-undetermined=0&pcode-version=55324&pcodever=55324&flash-ver=0&available-width=542&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A542.5%2C%22h%22%3A0%2C%22width%22%3A543%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1033%2C%22top%22%3A132%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=252&grab=dEZvci1VQS5pbmZvIOKAoiBGb3ItVUEgLSDQpNC-0YDRg9C8INCy0YHQtdGPINCS0LXQu9C40LrQuNGPINC4INCc0LDQu9GL0Y8g0Lgg0JHQtdC70YvRjyDQoNC-0YHRgdC40LgKMUZvci1VQSAtINCk0L7RgNGD0Lwg0LLRgdC10Y8g0JLQtdC70LjQutC40Y8g0Lgg0JzQsNC70YvRjyDQuCDQkdC10LvRi9GPINCg0L7RgdGB0LjQuCAK&uniformat=true&callback=Ya%5B7627334102471%5D Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 25f7cba8a13ccef78d64220f74304562df2f4a95026e01c6f34067ac25e351bd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding gzip ssr true x-yandex-req-id 1646061957564297-171155587860751535500199-production-app-host-sas-pcode-26 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" uniformat-product-type Direct x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 28 Feb 2022 15:25:57 GMT strict-transport-security max-age=31536000 content-type application/json access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * uniformat true expires Mon, 28 Feb 2022 15:25:57 GMT
GET H2	200	2e1b0d3e7a5d9bf94b86.js Show response yastatic.net/partner-code-bundles/55324/	630 KB 128 KB	259ms 170ms	Script text/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/55324/2e1b0d3e7a5d9bf94b86.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 6bceba7b5edf7024de09bff9dab5736246cefa62d410c0351bc472280ab95122 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Referer https://for-ua.info/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:57 GMT content-encoding br vary Accept-Encoding nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} content-length 130065 last-modified Mon, 28 Feb 2022 09:36:09 GMT server nginx/1.17.9 etag "3351fdeafb53ad027d56ced82e05570e" x-robots-tag noindex, noarchive, nofollow strict-transport-security max-age=43200000; includeSubDomains; report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes timing-allow-origin * expires Wed, 28 Feb 2052 21:59:29 GMT
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	255ms 98ms	Preflight	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://for-ua.info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers timing-allow-origin * access-control-allow-methods GET, POST, OPTIONS date Mon, 28 Feb 2022 15:25:58 GMT access-control-max-age 1728000 access-control-allow-headers content-type access-control-allow-origin https://for-ua.info access-control-allow-credentials true x-xss-protection 1; mode=block p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-encoding gzip strict-transport-security max-age=31536000
POST H2	200	event_confirmation Show response an.yandex.ru/	0 51 B	83ms 83ms	XHR text/plain	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/	138 KB 49 KB	302ms 140ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://for-ua.info/ Origin https://for-ua.info Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT content-encoding br last-modified Fri, 18 Feb 2022 11:36:57 GMT etag "620f5aa9-c3d1" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 50129 expires Mon, 28 Feb 2022 16:25:58 GMT
GET H2	200	x300 avatars.mds.yandex.net/get-direct/2398261/3uWjIG_gyqQ5yhT0QhxSeA/	21 KB 22 KB	296ms 121ms	Image image/webp	2a02:6b8::184 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/2398261/3uWjIG_gyqQ5yhT0QhxSeA/x300 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx / Resource Hash c22ed3537dc89d48b9fc1924f90ccf81b845ccb9bb7aa36a32b8c6d9b3c15ae0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT last-modified Fri, 03 Apr 2020 08:08:27 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true timing-allow-origin * content-length 21696 x-request-id 53525b968d5b6db4
GET H2	200	y300 avatars.mds.yandex.net/get-direct/2798850/6xQAxggRT_pEd_mbpP-Rqg/	38 KB 39 KB	296ms 121ms	Image image/webp	2a02:6b8::184 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://avatars.mds.yandex.net/get-direct/2798850/6xQAxggRT_pEd_mbpP-Rqg/y300 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx / Resource Hash bc625eed07b0b28d36356d18afa015e88edf1a8730b8f1f5f5308e67fc4f8f59 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 05 Oct 2020 13:07:01 GMT server nginx nel {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01} report-to {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]} content-type image/webp access-control-allow-origin * cache-control max-age=31536000,immutable access-control-allow-credentials true timing-allow-origin * content-length 39312 x-request-id 3c1eab25b48f8488
GET H2	200	render.html Show response yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame DC9A	24 KB 7 KB	222ms 65ms	Document text/html	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html Requested by Host: yastatic.net URL: https://yastatic.net/safeframe-bundles/0.83/host.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ Response headers server nginx/1.17.9 date Mon, 28 Feb 2022 15:25:58 GMT content-type text/html content-length 6262 access-control-allow-origin * cache-control public, max-age=946708560 content-encoding br etag "eb77de48712912aadc9aa8171ac75ede" expires Wed, 28 Feb 2052 22:00:26 GMT last-modified Wed, 03 Nov 2021 13:42:58 GMT nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * vary Accept-Encoding x-robots-tag noindex, noarchive, nofollow accept-ranges bytes
OPTIONS H2	200	event_confirmation an.yandex.ru/ Frame	0 0	75ms 74ms	Preflight	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://for-ua.info User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Sec-Fetch-Mode cors Response headers timing-allow-origin * access-control-allow-methods GET, POST, OPTIONS date Mon, 28 Feb 2022 15:25:58 GMT access-control-max-age 1728000 access-control-allow-headers content-type access-control-allow-origin https://for-ua.info access-control-allow-credentials true x-xss-protection 1; mode=block p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-encoding gzip strict-transport-security max-age=31536000
POST H2	200	event_confirmation Show response an.yandex.ru/	0 291 B	64ms 64ms	XHR text/plain	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/event_confirmation Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT
GET H/1.1	200 Ok	d.png ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame DC9A	95 B 400 B	205ms 72ms	Image image/png	2a02:6b8::5:114 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.14.2 / Resource Hash 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 28 Feb 2022 15:25:58 GMT Server nginx/1.14.2 Strict-Transport-Security max-age=315360000; includeSubDomains X-RT-IH 0.0002 Content-Type image/png Cache-Control private Connection close X-RT-IQ 0.0001 Content-Length 95 Expires Tue, 01 Mar 2022 15:25:58 GMT
GET		ct_sync.php sync.magnitent.com/fbfli/ Frame DC9A Redirect Chain https://sonar.semantiqo.com/dmp/scr.php https://counter.yadro.ru/id127/reff-id.gif?sid=57b5b850deae48c090161741ae8fafe7 https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=3BA83725AD449E41&sid=57b5b850deae48c090161741ae8fafe7 https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=57b5b850deae48c090161741ae8fafe7&spid=3BA83725AD449E41&v= https://sync.magnitent.com/fbfli/ct_sync.php?ct=551fa7a2452e4d369d3c30ba4b9200eb&sonar=57b5b850deae48c090161741ae8fafe7&spid=3BA83725AD449E41&v=	0 0
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame DC9A	42 B 201 B	382ms 90ms	Image image/gif	81.222.128.216 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad16.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 28 Feb 2022 15:25:58 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	Uyd.9TlnEVLFoaw7YmYi an.yandex.ru/mapuid/dmpamberdata/ Frame DC9A Redirect Chain https://dmg.digitaltarget.ru/1/119/i/i?i=1646061957 https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1646061957 https://an.yandex.ru/mapuid/dmpamberdata/Uyd.9TlnEVLFoaw7YmYi	43 B 80 B	96ms 96ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpamberdata/Uyd.9TlnEVLFoaw7YmYi Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers Date Mon, 28 Feb 2022 15:25:58 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://an.yandex.ru/mapuid/dmpamberdata/Uyd.9TlnEVLFoaw7YmYi X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 11 Content-Length 0 X-Content-Type-Options nosniff
GET H2	200	C3bnWGnyIKCz an.yandex.ru/mapuid/dmpsegmento/ Frame DC9A Redirect Chain https://yandex-dmp-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/dmpsegmento/C3bnWGnyIKCz?sign=2839582437	43 B 80 B	84ms 84ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpsegmento/C3bnWGnyIKCz?sign=2839582437 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers location https://an.yandex.ru/mapuid/dmpsegmento/C3bnWGnyIKCz?sign=2839582437 date Mon, 28 Feb 2022 15:25:58 GMT server nginx content-length 0 p3p CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	h_OImZT5yfmF an.yandex.ru/mapuid/rutargetis/ Frame DC9A Redirect Chain https://yandex-sync.rutarget.ru/sync https://an.yandex.ru/mapuid/rutargetis/h_OImZT5yfmF	43 B 80 B	82ms 82ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/rutargetis/h_OImZT5yfmF Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers location https://an.yandex.ru/mapuid/rutargetis/h_OImZT5yfmF date Mon, 28 Feb 2022 15:25:58 GMT server nginx content-length 0 p3p CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
GET H2	200	VQWW05JJtCjzigKNDAzs4A an.yandex.ru/mapuid/dmpaidatame/ Frame DC9A Redirect Chain https://x01.aidata.io/0.gif?pid=YANDEX https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 https://an.yandex.ru/mapuid/dmpaidatame/VQWW05JJtCjzigKNDAzs4A?sign=1461986042	43 B 80 B	95ms 95ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpaidatame/VQWW05JJtCjzigKNDAzs4A?sign=1461986042 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28 Feb 2022 15:25:57 GMT server nginx access-control-allow-methods GET, POST p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' location https://an.yandex.ru/mapuid/dmpaidatame/VQWW05JJtCjzigKNDAzs4A?sign=1461986042 cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 content-length 0 expires Mon, 28 Feb 2022 15:25:57 GMT
GET H2	200	ba98c880-98aa-11ec-acfd-901b0e8b2a6e an.yandex.ru/mapuid/dmpcleverdata/ Frame DC9A Redirect Chain https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 https://an.yandex.ru/mapuid/dmpcleverdata/ba98c880-98aa-11ec-acfd-901b0e8b2a6e?sign=1045899700	43 B 108 B	80ms 79ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpcleverdata/ba98c880-98aa-11ec-acfd-901b0e8b2a6e?sign=1045899700 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers location https://an.yandex.ru/mapuid/dmpcleverdata/ba98c880-98aa-11ec-acfd-901b0e8b2a6e?sign=1045899700 date Mon, 28 Feb 2022 15:25:58 GMT cache-control private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate server nginx content-length 0 expires 0, 0
GET H2	200	XBkN.74NDyUi8S4jk0X6Qu an.yandex.ru/mapuid/dmpweborama/ Frame DC9A Redirect Chain https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1211093590 https://an.yandex.ru/mapuid/dmpweborama/XBkN.74NDyUi8S4jk0X6Qu	43 B 80 B	73ms 73ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/dmpweborama/XBkN.74NDyUi8S4jk0X6Qu Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT via 1.1 google last-modified Mon, 28 Feb 2022 15:25:58 GMT server nginx/1.18.0 location https://an.yandex.ru/mapuid/dmpweborama/XBkN.74NDyUi8S4jk0X6Qu p3p CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Tue, 03 Jul 2001 06:00:00 GMT
GET H2	200	/ an.yandex.ru/mapuid/ramblerssp/ Frame DC9A Redirect Chain https://profile.ssp.rambler.ru/sync3.302?pid=188 https://an.yandex.ru/mapuid/ramblerssp/	43 B 80 B	102ms 101ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/ramblerssp/ Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers date Mon, 28 Feb 2022 15:25:58 GMT server nginx strict-transport-security max-age=0 p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" location //an.yandex.ru/mapuid/ramblerssp/ x-passed 2bal1 content-type application/x-javascript; charset=Windows-1251 content-length 0
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/adobedmp/ https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 https://dpm.demdex.net/ibs:dpid=423652&dpuuid=97B2E73D15D92096 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=97B2E73D15D92096	42 B 945 B	54ms 54ms	Image image/gif	34.248.142.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=97B2E73D15D92096 Protocol HTTP/1.1 Server 34.248.142.13 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-248-142-13.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v028-020c7aa3d.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID xTMNBAT5Tq4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-2-v028-001b7a975.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID wuEO5b40RjY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=97B2E73D15D92096 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	204	yandexdmp-match dm.hybrid.ai/ Frame DC9A	0 238 B	232ms 74ms	Image text/plain	37.18.16.16 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/yandexdmp-match Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 121 x-xss-protection 1; mode=block expires -1
GET H2	200	b2e71be4aaf6c9f27af03698d46783ed3f4ba0638d07570c35a26dd7663b74eb an.yandex.ru/mapuid/mediascope/ Frame DC9A Redirect Chain https://cm.tns-counter.ru/yacm https://an.yandex.ru/mapuid/mediascope/b2e71be4aaf6c9f27af03698d46783ed3f4ba0638d07570c35a26dd7663b74eb	43 B 80 B	59ms 59ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mediascope/b2e71be4aaf6c9f27af03698d46783ed3f4ba0638d07570c35a26dd7663b74eb Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server ms-counter-3.2.15/1.20.1 content-type text/html location https://an.yandex.ru/mapuid/mediascope/b2e71be4aaf6c9f27af03698d46783ed3f4ba0638d07570c35a26dd7663b74eb cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	3920b4bc-3be3-472f-9a2e-b0a1a6d37654 an.yandex.ru/mapuid/upravelis/ Frame DC9A Redirect Chain https://sync.upravel.com/yandex/sync https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ https://3920b4bc-3be3-472f-9a2e-b0a1a6d37654.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ https://an.yandex.ru/mapuid/upravelis/3920b4bc-3be3-472f-9a2e-b0a1a6d37654	43 B 80 B	57ms 57ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/upravelis/3920b4bc-3be3-472f-9a2e-b0a1a6d37654 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers date Mon, 28 Feb 2022 15:25:58 GMT server nginx location https://an.yandex.ru/mapuid/upravelis/3920b4bc-3be3-472f-9a2e-b0a1a6d37654 access-control-allow-methods GET, POST, OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials false content-type image/png access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range content-length 0
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 78 B	95ms 95ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Wed, 18 Apr 2001 10:28:03 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif x-xss-protection 1; mode=block expires Mon, 13 Feb 2023 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://an.yandex.ru/resource/spacer.gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 78 B	94ms 94ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Wed, 18 Apr 2001 10:28:03 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif x-xss-protection 1; mode=block expires Mon, 13 Feb 2023 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://an.yandex.ru/resource/spacer.gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	spacer.gif an.yandex.ru/resource/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/google/?partner-tag=yandexru https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3947EC2B499F1BC4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif https://an.yandex.ru/resource/spacer.gif	43 B 135 B	74ms 73ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/resource/spacer.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Wed, 18 Apr 2001 10:28:03 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" content-type image/gif x-xss-protection 1; mode=block expires Mon, 13 Feb 2023 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://an.yandex.ru/resource/spacer.gif cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 237 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync t.adx.opera.com/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/operacom/ https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 https://t.adx.opera.com/sync?vendor=60143&uid=DF0007101CBB07E4	0 409 B	407ms 296ms	Image text/plain	82.145.213.8 NO-OPERA
General Check archive.org Show headers Download Go to Show image Full URL https://t.adx.opera.com/sync?vendor=60143&uid=DF0007101CBB07E4 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO), Reverse DNS n-sysadmin-jumpbox-03.feednews.opera.technology Software Tengine / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server Tengine access-control-allow-methods POST, GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 0 expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://t.adx.opera.com/sync?vendor=60143&uid=DF0007101CBB07E4 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT
GET H2	200	match ads.betweendigital.com/ Frame DC9A Redirect Chain https://an.yandex.ru/mapuid/betweenx/ https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F182760A353275A1 https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F182760A353275A1&crf=1	68 B 607 B	103ms 103ms	Image image/png	96.46.186.59 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://ads.betweendigital.com/match?bidder_id=161&external_user_id=F182760A353275A1&crf=1 Protocol H2 Server 96.46.186.59 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-length 68 content-type image/png Redirect headers location /match?bidder_id=161&external_user_id=F182760A353275A1&crf=1 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	404	0100007F89E91C625700571A024C4E96 an.yandex.ru/mapuid/SAPEis/ Frame DC9A Redirect Chain https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D&dp=151&tc=1 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252FSAPEis%252F$%257BUSER_ID%257D&dp=14 https://acint.net/rmatch?dp=14&euid=0100007F89E91C622500370402966905&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F$%7BUSER_ID%7D https://an.yandex.ru/mapuid/SAPEis/0100007F89E91C625700571A024C4E96	43 B 152 B	56ms 56ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/SAPEis/0100007F89E91C625700571A024C4E96 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:01 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:26:01 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:26:01 GMT Redirect headers date Mon, 28 Feb 2022 15:26:01 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://an.yandex.ru/mapuid/SAPEis/0100007F89E91C625700571A024C4E96 cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type text/html content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	b12ef08a-7d02-4238-b927-e84f5ec05972 an.yandex.ru/mapuid/qbitis/ Frame DC9A Redirect Chain https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D https://an.yandex.ru/mapuid/qbitis/b12ef08a-7d02-4238-b927-e84f5ec05972	43 B 80 B	80ms 80ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/qbitis/b12ef08a-7d02-4238-b927-e84f5ec05972 Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers Date Mon, 28 Feb 2022 15:25:58 GMT Server nginx/1.21.0 Location https://an.yandex.ru/mapuid/qbitis/b12ef08a-7d02-4238-b927-e84f5ec05972 Access-Control-Max-Age 3628800 Access-Control-Allow-Methods GET, DELETE, OPTIONS, POST, PUT Access-Control-Allow-Origin Access-Control-Expose-Headers Content-Length,Content-Range Access-Control-Allow-Credentials true Connection Keep-Alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId Content-Length 0
GET H2	200	4a9f9349-2579-533b-af61-5b68cd7db2ee an.yandex.ru/mapuid/betweendigitalis/ Frame DC9A Redirect Chain https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 https://an.yandex.ru/mapuid/betweendigitalis/4a9f9349-2579-533b-af61-5b68cd7db2ee	43 B 80 B	57ms 56ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/betweendigitalis/4a9f9349-2579-533b-af61-5b68cd7db2ee Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers location https://an.yandex.ru/mapuid/betweendigitalis/4a9f9349-2579-533b-af61-5b68cd7db2ee cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET H2	200	09c069e0-a544-424d-9a6a-476a21913ccd an.yandex.ru/mapuid/mtsdspis/ Frame DC9A Redirect Chain https://sm.rtb.mts.ru/p?ssp=yandex&id=map https://sm.rtb.mts.ru/match/second?ssp=55&exu=map https://tech.rtb.mts.ru/?dsp_uid=09c069e0-a544-424d-9a6a-476a21913ccd&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F09c069e0-a544-424d-9a6a-476a21913ccd https://an.yandex.ru/mapuid/mtsdspis/09c069e0-a544-424d-9a6a-476a21913ccd	43 B 152 B	61ms 61ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/mtsdspis/09c069e0-a544-424d-9a6a-476a21913ccd Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:59 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:59 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:59 GMT Redirect headers Date Mon, 28 Feb 2022 15:25:58 GMT Server nginx/1.13.12 Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=utf-8 Location https://an.yandex.ru/mapuid/mtsdspis/09c069e0-a544-424d-9a6a-476a21913ccd Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H/1.1	200 OK	/ sync.bumlam.com/ Frame DC9A	43 B 390 B	94ms 13ms	Image image/gif	31.172.81.159 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync.bumlam.com/?src=yandex Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 28 Feb 2022 15:25:58 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type image/gif Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	204	match dm.hybrid.ai/ Frame DC9A	0 237 B	66ms 65ms	Image text/plain	37.18.16.16 HYBRID-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=182 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, RU), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin * cache-control no-cache, no-store x-mode 108 x-xss-protection 1; mode=block expires -1
GET H/1.1	200 OK	sync.cgi ssp.adriver.ru/cgi-bin/ Frame DC9A	42 B 201 B	103ms 103ms	Image image/gif	81.222.128.216 ELTEL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU), Reverse DNS ad16.adriver.ru Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Mon, 28 Feb 2022 15:25:58 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	CXGvAygeVfIHG8IBVa0O an.yandex.ru/mapuid/kadamis/ Frame DC9A Redirect Chain https://s.uuidksinc.net/match/501 https://an.yandex.ru/mapuid/kadamis/CXGvAygeVfIHG8IBVa0O	43 B 80 B	80ms 79ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/kadamis/CXGvAygeVfIHG8IBVa0O Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers location https://an.yandex.ru/mapuid/kadamis/CXGvAygeVfIHG8IBVa0O date Mon, 28 Feb 2022 15:25:58 GMT server nginx/1.19.0 content-length 0
GET H2	200	u8s1LLAVpRg2.AikABlF_QPA24g an.yandex.ru/mapuid/getintentis/ Frame DC9A Redirect Chain https://px.adhigh.net/p/cm/yandexssp https://px.adhigh.net/p/cm/yandexssp?bounced=1 https://an.yandex.ru/mapuid/getintentis/u8s1LLAVpRg2.AikABlF_QPA24g	43 B 80 B	56ms 56ms	Image image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/getintentis/u8s1LLAVpRg2.AikABlF_QPA24g Protocol H2 Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:25:58 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT server nginx access-control-allow-origin * x-backend-id f9-ru p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://an.yandex.ru/mapuid/getintentis/u8s1LLAVpRg2.AikABlF_QPA24g cache-control no-cache, no-store access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9563.XV9h8Pq92W1IpoTPvUTRizHtjdWhqMEcQsV9vkniXREHNALVzWxCyeBFWHUcLxG5.PBeWWTk4NmpkHvkKJP9-h_2WNj0%2C https://mc.yandex.com/sync_cookie_image_decide?token=9563.jj9RytBWl1Qgafh7J5jpXCvyqu3r2FgwhijoTc5HaNXn19VxvJNv7nYmcmvRo2LENkucCdKWlyWCWZjyauSykkFPVkxtPelg2NmLCPsz1So%2C.OQBoDyYBg9_JHB7DO2vvN3b_WF0%2C	43 B 334 B	46ms 46ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9563.jj9RytBWl1Qgafh7J5jpXCvyqu3r2FgwhijoTc5HaNXn19VxvJNv7nYmcmvRo2LENkucCdKWlyWCWZjyauSykkFPVkxtPelg2NmLCPsz1So%2C.OQBoDyYBg9_JHB7DO2vvN3b_WF0%2C Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9563.jj9RytBWl1Qgafh7J5jpXCvyqu3r2FgwhijoTc5HaNXn19VxvJNv7nYmcmvRo2LENkucCdKWlyWCWZjyauSykkFPVkxtPelg2NmLCPsz1So%2C.OQBoDyYBg9_JHB7DO2vvN3b_WF0%2C date Mon, 28 Feb 2022 15:25:58 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 228 B	182ms 60ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT last-modified Fri, 18 Feb 2022 11:36:57 GMT etag "620f5aa9-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Mon, 28 Feb 2022 16:25:58 GMT
GET H2	200	1 Show response mc.yandex.com/watch/449479/ Redirect Chain https://mc.yandex.com/watch/449479?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3A... https://mc.yandex.com/watch/449479/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%...	302 B 687 B	54ms 54ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/449479/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A59505114%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29aw%281%29ti%282%29 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 939982d910f141e28d3a09c8b7ae8d4df9eb0d9963333cbbcc28844415c93685 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT x-content-type-options nosniff last-modified Mon, 28-Feb-2022 15:25:58 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 302 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28-Feb-2022 15:25:58 GMT location /watch/449479/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A59505114%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29mc%28p-1%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT
GET H2	200	1 Show response mc.yandex.com/watch/25977589/ Redirect Chain https://mc.yandex.com/watch/25977589?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen... https://mc.yandex.com/watch/25977589/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...	338 B 376 B	54ms 54ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/25977589/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1141016261404%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A398725116%3Arqn%3A1%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Ads%3A0%2C25%2C475%2C1%2C0%2C0%2C%2C132%2C0%2C%2C%2C%2C634%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 52090315c53966db7d44057761262173e6aefcf9ab35d70dbd7c02868fb790b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT x-content-type-options nosniff last-modified Mon, 28-Feb-2022 15:25:58 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 338 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28-Feb-2022 15:25:58 GMT location /watch/25977589/1?wmode=7&page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1141016261404%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061958%3Ac%3A1%3Arn%3A398725116%3Arqn%3A1%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1646061956608%3Ads%3A0%2C25%2C475%2C1%2C0%2C0%2C%2C132%2C0%2C%2C%2C%2C634%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr%2814%29aw%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 10 KB	95ms 54ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220223&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 84a0bfbca8a290274b07596d94dc189d08d7e167bf2b00d7122c9df78b6f881b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10649 x-xss-protection 0
GET H2	200	tracker top-fwz1.mail.ru/	43 B 872 B	79ms 79ms	Image image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/tracker?js=13;id=1859845;u=https%3A//for-ua.info/;st=1646061957242;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4193dd0e98e09653;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1646061956608/////0/1/1/1/26/12/26/501/502/504/634/634/634/2008/2008/;ni=9.1//4g/0/0/;lvid=1646061957407%3A1646061958618%3A2%3A04de896587a80ede2a478b803cad86e6;opts=jst-ga;visible=true;_=0.11830013377911208;e=RT/load;et=1646061958617 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin * server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers *
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	77ms 30ms	Script text/javascript	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7357359709395640&plah=for-ua.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 28 Feb 2022 15:25:58 GMT
POST H2	200	1 mc.yandex.com/watch/449479/	43 B 85 B	43ms 43ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/449479/1?page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A601%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A1%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061959%3Ac%3A1%3Arn%3A10367721%3Arqn%3A1%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1646061956608%3Ads%3A0%2C25%2C475%2C1%2C0%2C0%2C%2C132%2C0%2C2008%2C2008%2C3%2C634%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959&t=gdpr(14)mc(p-2-h-1)lt(5300)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%223756951646061957508%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28-Feb-2022 15:25:58 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT
GET H2	200	449479 Show response mc.yandex.com/watch/	43 B 73 B	44ms 44ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/449479?page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A1%3Als%3A615151238712%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061959%3Ac%3A1%3Arn%3A635581072%3Arqn%3A2%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1646061956608%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959%3At%3AFor-UA.info%20%E2%80%A2%20For-UA%20-%20%D0%A4%D0%BE%D1%80%D1%83%D0%BC%20%D0%B2%D1%81%D0%B5%D1%8F%20%D0%92%D0%B5%D0%BB%D0%B8%D0%BA%D0%B8%D1%8F%20%D0%B8%20%D0%9C%D0%B0%D0%BB%D1%8B%D1%8F%20%D0%B8%20%D0%91%D0%B5%D0%BB%D1%8B%D1%8F%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&t=gdpr(14)mc(p-2-h-1)lt(5300)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28-Feb-2022 15:25:58 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT
POST H2	200	1 mc.yandex.com/watch/25977589/	43 B 73 B	44ms 44ms	Ping image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/25977589/1?page-url=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A1%3Als%3A1141016261404%3Ahid%3A107194215%3Az%3A0%3Ai%3A20220228152558%3Aet%3A1646061959%3Ac%3A1%3Arn%3A671226894%3Arqn%3A2%3Au%3A1646061958458144022%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1646061956608%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2008%2C2008%2C3%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061959&t=gdpr(14)mc(p-2-h-1)lt(5300)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%223756951646061957508%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:58 GMT last-modified Mon, 28-Feb-2022 15:25:58 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:25:58 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame D060	13 KB 5 KB	23ms 7ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Mon, 28 Feb 2022 15:10:54 GMT expires Tue, 28 Feb 2023 15:10:54 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 904 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 9715	783 B 1 KB	40ms 17ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 66b3eab901830ed1202bc64f5c545cd6c581b2522ed01850dce2f4b8ba6355e0 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2gh6+HqzWhbIevpzEK48qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 28 Feb 2022 15:25:58 GMT date Mon, 28 Feb 2022 15:25:58 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-2gh6+HqzWhbIevpzEK48qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js Show response pagead2.googlesyndication.com/bg/ Frame D060	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iRu7R9Kt0H3UwF1-zQK7LLgwIl8DaRlhr3qpKTHCDIY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 891bbb47d2add07dd4c05d7ecd02bb2cb830225f03691961af7aa92931c20c86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 05:26:53 GMT content-encoding br x-content-type-options nosniff age 35945 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13728 x-xss-protection 0 last-modified Wed, 23 Feb 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Feb 2023 05:26:53 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 9715	0 0	60ms 60ms	Image text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220223&jk=2655752109250722&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame D060	0 9 B	8ms 8ms	Image text/plain	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?XN-1PQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	33ms 33ms	Image image/gif	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220223&jk=2655752109250722&bg=!0tGl0ZXNAAas2QJZrNk7ACkAdvg8WlKFhGh72xnXaW8fh_MIcCIdbrLLMcpT5ALKfkzIRpzt8r57mwIAAABKUgAAAAJoAQcKACADDmymUMIx7rx8ltbz0ivNIZ8N-4u5p4RyW_oeCEfPoJkC12seIa3OKJO5xS3KE6kCuL-5sbMqx9eBs2C5oP_fji7qz1L67Ivb-E3rLl6pS2cF_L4E4KE_LJoyE46UiIi50eG-MxNWUvMfGx5sNdmqhFkJmOvT4fMCfuCanNqW4fw0P19bBL0oqgTZ5Y91O9s1q4B5RUTPr4owda6abKpTiJlba8G-UYWANhrZC4FSo9H3QE4frWxKoHzi7HLSfWpe22KDaDGvp_EyFkOqt_rnU0S5jZUzTVzU5w_dPgbCrr3JwOykrCzPxAoEyj8_2lBOXclr9Ep9jcHTIZI4DpV9gJZQYylamm5pJvN-f1qngclfLptSMviAjApFtWPxR3npaesnhmPqgl_QYSUwyRenntYHqcJyK29H78N1GjeOny_X-_xe9-ylFY5ZPhBo3OE3qUbCi6ZzkEJ_9F7p_BHrHpuDs-ZOBIurDVch1PaHniE1mNXEMXdqnVcYJ2igvNdvFFthVQqpUTUCS0yTvcMPsZO4EFDnv8kOXUxVkspbXS5GXYBE5pI5x0iEI2ZWr_EMTxJ6KaD8bTnkl7TFr4iIBshmFJdnt1YSAnGxR1ZlbzHnRlBvXIgM5uEYZmftucVAeVbVdC38VgtAigWR8eRlKpc_R3ZolV3EbB4-wUyCM_QkQnlzDDRcajEySdtyYTkeL9aVORZTo_ApiPQCuClN3GLW2nPsjX93ChM_RZoZzVfReUSxIgNxJBH0JMO765JMucs4EJcCZ75fk_Z_-hddLtmcHlBN_BMovwIERna9GpTcXjkOaLB0ixU-H4E2SG5v1WmOUG0Tk_VAIJ5jGxKefxXt_nrXFsqIJ7K-5kYKiezKs4Vntqq0p6hxSVWPCp6SOUVepgYifZVkwlWRnY1Yvm9-b9LK4nlOCZnUP6iWsk5RBZ51uhFOT_BdGduAEZ0WzS3EucWGtEdUMBUtLuS-y7EpjcZmx5_zra8uJN7XifqwNhevw-ptnIE Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://for-ua.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:25:59 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bundle.js Show response yastatic.net/q/set/s/rsya-tag-users/ Frame DC9A	105 KB 37 KB	63ms 62ms	Script application/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Requested by Host: for-ua.info URL: https://for-ua.info/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:25:59 GMT content-encoding br last-modified Fri, 29 Oct 2021 11:19:01 GMT server nginx/1.17.9 etag W/"82bdc8db563d3e71c35534315f8a9fd5" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript access-control-allow-origin * expires Thu, 03 Mar 2022 03:21:00 GMT cache-control public, max-age=31556952 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * x-nginx-request-id 050fe464146271fe
GET H2	200	watch.js Show response mc.yandex.ru/metrika/ Frame DC9A	138 KB 49 KB	64ms 63ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:26:00 GMT content-encoding br last-modified Fri, 18 Feb 2022 11:36:57 GMT etag "620f5aa9-c3d1" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 50129 expires Mon, 28 Feb 2022 16:26:00 GMT
GET H2	200	data Show response yandex.ru/set/s/rsya-tag-users/ Frame DC9A	403 B 1 KB	174ms 96ms	Fetch application/json	2a02:6b8:a::a YNDX
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ffor-ua.info%2F Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 327a4aa2d3ab4404bca5f890a8ed12cddf8abe31dd450bf8ab692a589f7700d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1} report-to { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control public,max-age=300 access-control-allow-credentials true x-xss-protection 1; mode=block
GET H2	200	1Splh9o00SK100000000U9nJR4rShlzsgwQIuVQxA_ADtvRoMBQ-b4bY009Fc4XeVr2wLkpnssmCgOn0ySpjTtUaWyHBUO2ysXGWqSe88Zj1ia30n32JyV9n27iXeqKkXBMIqIS9mjhBkBf2bE4ec7-M4QJfAfYyoyWWmy3qbt4M4mF3N2QGo58c7I2rbkaBa3pBz... Show response an.yandex.ru/rtbcount/	43 B 216 B	56ms 56ms	XHR image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/rtbcount/1Splh9o00SK100000000U9nJR4rShlzsgwQIuVQxA_ADtvRoMBQ-b4bY009Fc4XeVr2wLkpnssmCgOn0ySpjTtUaWyHBUO2ysXGWqSe88Zj1ia30n32JyV9n27iXeqKkXBMIqIS9mjhBkBf2bE4ec7-M4QJfAfYyoyWWmy3qbt4M4mF3N2QGo58c7I2rbkaBa3pBz1y8NZ49JDyOARFzBWE3JgJJAj6Rh0n_cJX1Jc1c1PAzp8f0SYepIFDSPYQGjSnCZWfWQpSojqoy_dPklBB9IUPMqxJAZySsgLm5gxmB9dyoEpZnGnpDqlVH4CnQmNAvdta32-CE5gO3B4mtMI0U-63_aENi6H1uO_-M1UID1Qoy9rbrvI3IDrbRNsfjUSgtZUKhAyZD7MmDB3FOhXmENi3sv7bdzuulQn_ahMI36N20pUC46_CZDjvW9oShxv22BA_2W0ZpbsmmgtwoXUL6UH---ib-8ZjCR1OxgwcfiP791lO6bXtiJ03znubL?confirmTime=2100000&confirmRatio=1000000&test-tag=15444702396418&format-type=126&actual-format=9&rnd=9321254109597&pcode-active-testids=518751%2C0%2C70&banner-sizes=eyI3MjA1NzYwMjk1OTI5MTcxMyI6IjU0MngyMzEiLCI3MjA1NzYwNTc1MDM1Mzg3MiI6IjU0MngyMzEifQ%3D%3D&width=543&height=469 Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:26:00 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:26:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/ Frame DC9A	39 KB 15 KB	47ms 24ms	Script text/javascript	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: yastatic.net URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software cafe / Resource Hash 083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14879 x-xss-protection 0 server cafe etag 17635014576153706337 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 28 Feb 2022 15:26:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/1014923426/ Frame DC9A Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iOkcYpOjEYGD9fgP79aG4A... https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=350809611 https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=3508096...	42 B 108 B	41ms 34ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=350809611&ipr=y Protocol H2 Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=901054923&crd=CNGksQI&is_vtc=1&random=350809611&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/1014923426/ Frame DC9A Redirect Chain https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iOkcYtWkEczxbLiyhJAF&r... https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014 https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014&ipr=y	42 B 108 B	42ms 34ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014&ipr=y Protocol H2 Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2141533602&crd=&is_vtc=1&random=1993051014&ipr=y cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	3 Show response mc.yandex.com/watch/ Frame DC9A	174 B 273 B	33ms 33ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1550897979360%3Ahid%3A1056353042%3Az%3A0%3Ai%3A20220228152600%3Aet%3A1646061960%3Ac%3A1%3Arn%3A74151950%3Arqn%3A1%3Au%3A1646061960494788560%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1646061958011%3Ads%3A0%2C156%2C66%2C11%2C0%2C0%2C%2C7%2C1%2C242%2C242%2C0%2C241%3Aco%3A0%3Ast%3A1646061960&t=gdpr()aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 5bd1215c2641cd37549c50101197c29da114b10a15315208c34b850a811e0674 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff last-modified Mon, 28-Feb-2022 15:26:00 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 174 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:26:00 GMT
GET H2	200	advert.gif mc.yandex.com/metrika/ Frame DC9A	43 B 100 B	33ms 33ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Mon, 28 Feb 2022 15:26:00 GMT last-modified Fri, 18 Feb 2022 11:36:57 GMT etag "620f5aa9-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Mon, 28 Feb 2022 16:26:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DC9A	3 KB 1 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1646061960307&cv=9&fst=1646061960307&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fffca537acac4d9ddf03afeb00766163e0a99ac77a021229aae8ad7dd574655b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1114 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DC9A	3 KB 1 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1646061960312&cv=9&fst=1646061960312&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ae9fcc45b390426f5f7530a20db51aa83b8c7d37760ff1ba1ecb38ec4b84e70 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1113 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame DC9A	3 KB 1 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1646061960315&cv=9&fst=1646061960315&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e6fcff556e5c593c16a00cba2ea3e9fbadea951b3e03d4d57668a28ca313b4a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1112 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame DC9A	3 KB 1 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1646061960316&cv=9&fst=1646061960316&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f822ef7a903170f1e4d7e72e5bd764bda69031d2732998119e913b4eb6d3401c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1114 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame DC9A	42 B 64 B	29ms 28ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1646061960307&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=2776563259&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/947884341/ Frame DC9A	42 B 108 B	69ms 34ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/947884341/?random=1646061960307&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=2776563259&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame DC9A	42 B 64 B	25ms 25ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1646061960312&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=3447497615&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/693627671/ Frame DC9A	42 B 548 B	67ms 32ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/693627671/?random=1646061960312&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=3447497615&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/947884341/ Frame DC9A	42 B 64 B	27ms 27ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/947884341/?random=1646061960315&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=65414598&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/947884341/ Frame DC9A	42 B 108 B	61ms 33ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/947884341/?random=1646061960315&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=65414598&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/693627671/ Frame DC9A	42 B 64 B	28ms 28ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/693627671/?random=1646061960316&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=3596732868&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/693627671/ Frame DC9A	42 B 108 B	62ms 35ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/693627671/?random=1646061960316&cv=9&fst=1646060400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffor-ua.info%2F&async=1&fmt=3&is_vtc=1&random=3596732868&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	WKOejI_zO8i0vGa0f10gPrAFGyZEDWK0Ym4GW8200J65wHnY000003YExpQ80Wov0jhC3petKee5y0BykuF-mC43y0K1e0R80Sa6XM6dB-srAIAf1xVTk6SpxNKCW0e1Y0gj2OWB6AeB49UnMHottG00B5b2gXNPy0i6u0s2We61W8202AWFjxkZ_RQc-xeCa13tW... Show response an.yandex.ru/count/	43 B 82 B	79ms 79ms	XHR image/gif	2a02:6b8::90 YNDX
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/count/WKOejI_zO8i0vGa0f10gPrAFGyZEDWK0Ym4GW8200J65wHnY000003YExpQ80Wov0jhC3petKee5y0BykuF-mC43y0K1e0R80Sa6XM6dB-srAIAf1xVTk6SpxNKCW0e1Y0gj2OWB6AeB49UnMHottG00B5b2gXNPy0i6u0s2We61W8202AWFjxkZ_RQc-xeCa13tWzRaoOpzafG1-108o17ocgJV4F0I2eZW507O5S6AzkoZZxpyO_395l0_WHUe5msP6D0O8VWOW1cu6V___m706ONJgw7Rt8FR1D8P4tbXOdDVSsLoTcLoBt8sCp8jCJ3e6Py4y1c0mWE270rJGa8wIrHmQafnK5WtwHo07Vz_W22018WW0Wy0U1w03M9srsYWjAxAWqbU2ycOnC1Sjahh6N8czE1rukSWoATs3ZQ4FtQEGobZUm00~1=Wd0ejI_zOEm1DHC0r23LbXtHx0A0rjkuweNCuQS1W07YhhO_Y06kvPR5FP01WjM9lCA0W802c062rOcyGg01hD2e0QpGYRn2k06oqzIU7DW1ef3E6E01fihh3-W1j0IO0kASmXMW0lwhcmMO0y24FR03sHA81ScV3P05y8KPi0NbvWQu1UNc1i05hjqFefq2u0Ltc0QQnv9Og0R80RW7j0Qa3_470022W806u0Z_rSt92dDz9K8AUla_sGkttRXdC-rr3EWBoPyDY0p2hjw-0QaCl1RNbA8-vB_e39i6c0sMeZi_e0x0X3tP3u0GZOoi50ZG4A6Nhr-X4U0HZkF70UWHYllQxvw7xk_bOFheG9D96OQ8gj8_c1C4u1FbvWQ85C2wo87FZhcPIg0KvUO6g1JmXHd850Je58m2s1N1YlRieu-y_6Em5h83oHRG5iAkthu1s1RtWzRaoOpzafG1WHUO5yU5ln2u5m705xKMs1V0X3te5mIP6000y3-W60km6DImyv06k1Wn-1YRvB_guEMIpZc06OaPBHwW6S01k1d___y1u1a4w1cV1F0PWC83WHh__w-6eDAdm8WQm8Gza1g0c820W822G9WQrCDJzHe10000c1kMeZkm6qYu6mFf7F0_W1t_VvaTg1w_SD0Um_wcceNljeeas1xysXwW7usCh1Im7m787v68fmpI7mKrDJCoD80WW0I8808S03Y4I9WfiF0mvcJ0A4OM3kM2q08bhEb0eB4X8L_BlCH4W8698qDaeSB3WsUeGB2f82ms_g0iEG9vaoD6NeiDGYGznrYdmvh7NocThVGPEkVMp3hO9k00~1=WiaejI_zO502_HK0T2RY2jv6K0EUsFwxzelsjVS1W06EsC6omiQBXYg80PcvrQ-70P01eB_heTU0W802c06Wl-kXLw01sBwe0TY-ww5Nk07-vxtn8zW1cjQSem7W0PRBcvG1w06o0w02cjEn6A031B030lqDY0Mhen6G1O3y4h05fUa4k0MbwGJ01UtB9yW5k8WAq0M6s07W1PG1c0QEseFN1wW6o06u1xG6q0S2s0SGu0U62l4700000CA0W0RW2Ctfc0o02W712fCyP_Aokzq_oTaBjzsuPpFjTGpe2wkZ4OWChAxalW7e39i6c0sMeZkmFg0Em8GzW12DwVOXmB0Iu16EuyS1w16A-zhldeVkx-LW-kX07KkF5ZI0uJ-O4mJW4wNf18WKmBh8WS-EkPbAe1IbwGIe583y4h0Kwvln7xWKW8_T2GBG5AFdvK7O5Bo8lP06w1IC0j0Ll8Yza0RO5S6AzkoZZxpyOx0MiWF95j0MhAxalW7O5lU3rkJ9ZFsIb0615vWNgCEKAxWN0S0NjHRG5z260zWNqFW-u1VijVlx1UWN0VWNhj_cXWQP6A0O4x0OrB3pa0Qu607u69lal-hWvPBEEO0PYHaj7g0Pm06u6V___m7W6G7e6Py4y1c0mWE16l__is_b9MNWY1h0X3sG6e20W820W890c1hKmrEu6WFr6W40002O6vQYEx0RIBWR0zWRW0Zf6m000C05fKD1y1kZa-e4-1k_vQq1wHo07Vz_cHtW7Sc_jWAe7W7G7hhtm8Iv-w2QxW7O7lhQ7eWV_m6W7utfzY6m7mB87ushpb7I7mKrDJCoD80WW0I8808S0E68mo7anOoUw96pKGmeTMG7LeRIXkX0oTNE41s8ka6si279Lyji0LDlo12o25w5O8o06WXy1I4vNC38AaP886V0Bd9wZW5J0ai2VuRERsfc66mJHG00~1?stat-id=12&test-tag=15444845066785&banner-sizes=eyI3MjA1NzYwMjk1OTI5MTcxMyI6IjU0MngyMzEiLCI3MjA1NzYwNTc1MDM1Mzg3MiI6IjU0MngyMzEifQ%3D%3D&format-type=126&actual-format=9&pcodever=55324&banner-test-tags=eyI3MjA1NzYwMjk1OTI5MTcxMyI6IjU3MzYxIiwiNzIwNTc2MDU3NTAzNTM4NzIiOiI1NzM2MiJ9&pcode-active-testids=518751%2C0%2C70&width=543&height=469&confirmTime=2100000&confirmRatio=1000000&wmode=0 Requested by Host: an.yandex.ru URL: https://an.yandex.ru/system/context.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://for-ua.info/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 15:26:00 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://for-ua.info cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block expires Mon, 28 Feb 2022 15:26:00 GMT
GET H2	200	37412095 Show response mc.yandex.com/watch/ Frame DC9A	357 B 392 B	35ms 34ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffor-ua.info%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A1%3Als%3A1128605117882%3Ahid%3A1056353042%3Az%3A0%3Ai%3A20220228152600%3Aet%3A1646061960%3Ac%3A1%3Arn%3A757874364%3Arqn%3A1%3Au%3A1646061960494788560%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1646061958011%3Ads%3A0%2C156%2C66%2C11%2C0%2C0%2C%2C7%2C1%2C242%2C242%2C0%2C241%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1646061960%3At%3A&t=gdpr(6)aw(1)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/watch.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 9e7a5764577324de3293ba15d0a1b8710793b4228d05a70fed6d5c5edabfaf6c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://yastatic.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Mon, 28 Feb 2022 15:26:00 GMT x-content-type-options nosniff last-modified Mon, 28-Feb-2022 15:26:00 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://yastatic.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 357 x-xss-protection 1; mode=block expires Mon, 28-Feb-2022 15:26:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d31j93rd8oukbv.cloudfront.net

URL

https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js

Domain

sync.magnitent.com

URL

https://sync.magnitent.com/fbfli/ct_sync.php?ct=551fa7a2452e4d369d3c30ba4b9200eb&sonar=57b5b850deae48c090161741ae8fafe7&spid=3BA83725AD449E41&v=