autoteka.ru Open in urlscan Pro
146.158.48.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rG...
Submission: On September 23 via manual (September 23rd 2022, 6:28:39 am UTC) from NZ — Scanned from DE

Summary HTTP 169 Redirects Behaviour Indicators

Summary

This website contacted 77 IPs in 14 countries across 64 domains to perform 169 HTTP transactions. The main IP is 146.158.48.32, located in Czech Republic and belongs to AVITO, RU. The main domain is autoteka.ru. The Cisco Umbrella rank of the primary domain is 811657.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 10th 2021. Valid for: a year.

This is the only time autoteka.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	146.158.48.32 146.158.48.32	201012 (AVITO) (AVITO)
5	52.51.157.173 52.51.157.173	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
3	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:16d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	212.41.26.238 212.41.26.238	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	147.75.40.150 147.75.40.150	54825 (PACKET) (PACKET)
1	2a05:d014:275... 2a05:d014:275:cb01:2ef6:2f8a:9434:a758	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	88.212.240.204 88.212.240.204	39134 (UNITEDNET) (UNITEDNET)
1	176.9.0.57 176.9.0.57	24940 (HETZNER-AS) (HETZNER-AS)
2	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
9	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
3 4	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1 4	188.72.107.156 188.72.107.156	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4 5	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	146.158.54.32 146.158.54.32	201012 (AVITO) (AVITO)
9	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	83.222.14.88 83.222.14.88	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
1 3	195.209.108.36 195.209.108.36	52007 (ADRIVER-AS) (ADRIVER-AS)
2	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
5	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	138.201.230.88 138.201.230.88	24940 (HETZNER-AS) (HETZNER-AS)
2	95.213.212.138 95.213.212.138	49505 (SELECTEL) (SELECTEL)
3	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.158.52.24 146.158.52.24	44546 (ALFATELECOM) (ALFATELECOM)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	88.198.31.232 88.198.31.232	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.117.176.229 34.117.176.229	15169 (GOOGLE) (GOOGLE)
3	159.69.11.17 159.69.11.17	24940 (HETZNER-AS) (HETZNER-AS)
2	52.54.253.41 52.54.253.41	14618 (AMAZON-AES) (AMAZON-AES)
2	159.89.241.163 159.89.241.163	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 2	3.122.47.104 3.122.47.104	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.67.144.31 3.67.144.31	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.159.43.206 35.159.43.206	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.194.140.105 18.194.140.105	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.96.128.226 104.96.128.226	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	52.209.70.49 52.209.70.49	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	54.155.44.87 54.155.44.87	16509 (AMAZON-02) (AMAZON-02)
1	62.138.6.193 62.138.6.193	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	52.213.108.198 52.213.108.198	16509 (AMAZON-02) (AMAZON-02)
1	104.248.36.113 104.248.36.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	85.25.203.29 85.25.203.29	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1	3.15.245.229 3.15.245.229	16509 (AMAZON-02) (AMAZON-02)
1	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
2	146.158.52.2 146.158.52.2	201012 (AVITO) (AVITO)
169	77

17 146.158.48.32 (Czech Republic)

ASN201012 (AVITO, RU)

autoteka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.autoteka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.51.157.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-157-173.eu-west-1.compute.amazonaws.com

api.flocktory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:16d (United States)

ASN13335 (CLOUDFLARENET, US)

www.artfut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.41.26.238 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

code.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

8732814.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.40.150 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:275:cb01:2ef6:2f8a:9434:a758 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.240.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)

tags.soloway.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.0.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz-s-fr52.rutarget.ru

cdn.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.232.148.141 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.72.107.156 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr09.segmento.ru

tag.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.158.54.32 (Czech Republic)

ASN201012 (AVITO, RU)

api.autoteka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.14.88 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.36 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.230.88 (Aachen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de

x.cnt.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.213.212.138 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: joyce57.poptobox.com

gdeslon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clicks.gdeslon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

static.indoleads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.158.52.24 (Czech Republic)

ASN44546 (ALFATELECOM, CZ)

www.avito.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.31.232 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.176.229 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 229.176.117.34.bc.googleusercontent.com

wf.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.11.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.11.69.159.clients.your-server.de

webecyzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.webecyzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.webecyzo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.253.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-253-41.compute-1.amazonaws.com

cdn.dsspn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.241.163 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: kylebarfuss.com

tags.fulllab.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.47.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.144.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-144-31.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.159.43.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-43-206.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.140.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-140-105.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.70.49 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-70-49.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.44.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.138.6.193 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: astra4639.startdedicated.com

citydsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.108.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-108-198.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.36.113 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

stikilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.25.203.29 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: static-ip-85-25-203-29.inaddr.ip-pool.com

retagro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.15.245.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-245-229.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

04.img.avito.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.158.52.2 (Czech Republic)

ASN201012 (AVITO, RU)

cs.avito.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	autoteka.ru autoteka.ru — Cisco Umbrella Rank: 811657 api.autoteka.ru	4 MB
12	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7835 newassets.hcaptcha.com — Cisco Umbrella Rank: 12497	837 KB
11	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10388 ad.mail.ru — Cisco Umbrella Rank: 10391	22 KB
9	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876 sslwidget.criteo.com — Cisco Umbrella Rank: 1922 dis.criteo.com — Cisco Umbrella Rank: 688	13 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	61 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 75	25 KB
6	adriver.ru 1 redirects content.adriver.ru — Cisco Umbrella Rank: 37397 ad.adriver.ru — Cisco Umbrella Rank: 19647	29 KB
6	doubleclick.net 2 redirects 8732814.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	4 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	369 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	283 B
5	rutarget.ru 1 redirects cdn.rutarget.ru — Cisco Umbrella Rank: 69438 tag.rutarget.ru — Cisco Umbrella Rank: 65058	6 KB
5	flocktory.com api.flocktory.com — Cisco Umbrella Rank: 65045	95 KB
4	avito.ru www.avito.ru — Cisco Umbrella Rank: 36553 cs.avito.ru — Cisco Umbrella Rank: 97567	1 KB
4	cnt.my 1 redirects x.cnt.my — Cisco Umbrella Rank: 115918	4 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6352 adservice.google.de — Cisco Umbrella Rank: 9081	1 KB
4	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 16620	2 KB
3	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1581	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	13 KB
3	webecyzo.com webecyzo.com — Cisco Umbrella Rank: 553440 m.webecyzo.com — Cisco Umbrella Rank: 614650 c.webecyzo.com — Cisco Umbrella Rank: 622440	4 KB
3	indoleads.com static.indoleads.com — Cisco Umbrella Rank: 188369	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	195 KB
3	artfut.com www.artfut.com — Cisco Umbrella Rank: 28689	17 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	509 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 683	852 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 849	2 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	1 KB
2	fulllab.com.br tags.fulllab.com.br — Cisco Umbrella Rank: 238781	2 KB
2	dsspn.com cdn.dsspn.com — Cisco Umbrella Rank: 103307	2 KB
2	weborama.fr 1 redirects wf.frontend.weborama.fr — Cisco Umbrella Rank: 37956	590 B
2	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2092	1 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 2536	653 B
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18940	524 B
2	gdeslon.ru gdeslon.ru — Cisco Umbrella Rank: 219416 clicks.gdeslon.ru — Cisco Umbrella Rank: 241551	3 KB
2	vk.com vk.com — Cisco Umbrella Rank: 5949	24 KB
2	fullstory.com 1 redirects fullstory.com — Cisco Umbrella Rank: 1696 www.fullstory.com — Cisco Umbrella Rank: 22655	260 B
2	acstat.com code.acstat.com — Cisco Umbrella Rank: 180463 hit.acstat.com — Cisco Umbrella Rank: 118733	25 KB
1	avito.st 04.img.avito.st — Cisco Umbrella Rank: 111271	38 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1426	268 B
1	retagro.com retagro.com — Cisco Umbrella Rank: 151978	294 B
1	stikilo.com stikilo.com — Cisco Umbrella Rank: 299005	294 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 513	338 B
1	citydsp.com citydsp.com — Cisco Umbrella Rank: 123225	696 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2185	220 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 463	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1057	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1589	162 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 407	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1712	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1309	99 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 549	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 335	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 690	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 823	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1283	885 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 559	800 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	34 KB
1	mts.ru tech.rtb.mts.ru — Cisco Umbrella Rank: 31665	652 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 29142	413 B
1	soloway.ru tags.soloway.ru — Cisco Umbrella Rank: 114777	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	66 KB
169	64

	Domain	Requested by
12	autoteka.ru	autoteka.ru
10	api.autoteka.ru	autoteka.ru
9	newassets.hcaptcha.com	hcaptcha.com autoteka.ru newassets.hcaptcha.com
9	top-fwz1.mail.ru	autoteka.ru api.flocktory.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com autoteka.ru
6	www.google.com	autoteka.ru www.gstatic.com www.google.com
5	www.facebook.com	autoteka.ru
5	gum.criteo.com	4 redirects static.criteo.net
5	api.flocktory.com	autoteka.ru api.flocktory.com
4	x.cnt.my	1 redirects code.acstat.com x.cnt.my autoteka.ru
4	tag.rutarget.ru	1 redirects cdn.rutarget.ru tag.rutarget.ru api.flocktory.com
4	px.adhigh.net	3 redirects autoteka.ru
4	www.gstatic.com	www.google.com www.gstatic.com
3	ad.yieldlab.net
3	cdnjs.cloudflare.com	tags.fulllab.com.br
3	static.indoleads.com	code.acstat.com autoteka.ru
3	ad.adriver.ru	1 redirects autoteka.ru
3	content.adriver.ru	tags.soloway.ru ad.adriver.ru content.adriver.ru
3	www.google.de	autoteka.ru
3	connect.facebook.net	autoteka.ru connect.facebook.net
3	www.artfut.com	autoteka.ru www.artfut.com
3	hcaptcha.com	autoteka.ru newassets.hcaptcha.com
2	cs.avito.ru	autoteka.ru
2	dpm.demdex.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	tags.fulllab.com.br	autoteka.ru tags.fulllab.com.br
2	cdn.dsspn.com	autoteka.ru cdn.dsspn.com
2	wf.frontend.weborama.fr	1 redirects api.flocktory.com
2	ads.betweendigital.com	1 redirects tag.rutarget.ru
2	an.yandex.ru	1 redirects tag.rutarget.ru
2	exchange.buzzoola.com	1 redirects tag.rutarget.ru
2	www.avito.ru	autoteka.ru
2	ad.mail.ru	autoteka.ru tag.rutarget.ru
2	fonts.gstatic.com	www.google.com
2	stats.g.doubleclick.net	www.google-analytics.com autoteka.ru
2	vk.com	autoteka.ru
2	8732814.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	04.img.avito.st
1	s.thebrighttag.com
1	retagro.com	citydsp.com
1	stikilo.com	citydsp.com
1	beacon.krxd.net
1	citydsp.com	x.cnt.my
1	sync-criteo.ads.yieldmo.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cm.g.doubleclick.net	1 redirects
1	ajax.googleapis.com	x.cnt.my
1	c.webecyzo.com	m.webecyzo.com
1	m.webecyzo.com	webecyzo.com
1	webecyzo.com	autoteka.ru
1	clicks.gdeslon.ru	gdeslon.ru
1	sslwidget.criteo.com	static.criteo.net
1	tech.rtb.mts.ru	tag.rutarget.ru
1	adservice.google.de	adservice.google.com
1	mug.criteo.com	autoteka.ru
1	hit.acstat.com	autoteka.ru
1	gdeslon.ru	code.acstat.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	adservice.google.com	8732814.fls.doubleclick.net
1	ssp.bidvol.com	autoteka.ru
1	cdn.rutarget.ru	autoteka.ru
1	tags.soloway.ru	autoteka.ru
1	static.criteo.net	www.googletagmanager.com
1	www.fullstory.com	autoteka.ru
1	fullstory.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	autoteka.ru
1	code.acstat.com	autoteka.ru
169	84

This site contains no links.

Subject Issuer	Validity	Valid
*.autoteka.ru GeoTrust RSA CA 2018	`2021-11-10` - `2022-12-01`	a year	crt.sh
*.flocktory.com Go Daddy Secure Certificate Authority - G2	`2022-06-09` - `2023-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.acstat.com R3	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.soloway.ru R3	`2022-08-04` - `2022-11-02`	3 months	crt.sh
*.rutarget.ru RU-CENTER High Assurance Services CA 2	`2022-02-28` - `2023-02-28`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.x.cnt.my R3	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.gdeslon.ru R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.avito.ru GlobalSign RSA OV SSL CA 2018	`2022-05-04` - `2023-05-02`	a year	crt.sh
*.rtb.mts.ru Thawte RSA CA 2018	`2021-12-21` - `2023-01-19`	a year	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2022-02-22` - `2023-03-26`	a year	crt.sh
webecyzo.com R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
dsspn.com Amazon	`2022-07-23` - `2023-08-21`	a year	crt.sh
tags.fulllab.com.br R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
citydsp.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
akimilo.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
adprety.com R3	`2022-07-28` - `2022-10-26`	3 months	crt.sh
*.img.avito.st GeoTrust RSA CA 2018	`2022-02-21` - `2023-03-07`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Frame ID: 9AA8B50761E99E9F2631488DC7A2652F
Requests: 107 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4&co=aHR0cHM6Ly9hdXRvdGVrYS5ydTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=1186nj3pho5
Frame ID: 87BCBC8F38502084B26E9DA96DEDF97C
Requests: 7 HTTP requests in this frame

Frame: https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Frame ID: 0F59ED8A5A34DA30D5B049258AF81B30
Requests: 1 HTTP requests in this frame

Frame: https://api.flocktory.com/v2/provider/provider.html
Frame ID: C880AC911C8E9BC52100C0484AF7DD88
Requests: 2 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true
Frame ID: C32A97D4889AFEAB509AEFABC49C697F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=autoteka.ru&origin=onetag
Frame ID: D73BDC860FB99C798239568D095541A8
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: 9B1414FD6320664FE47C836220BAA039
Requests: 6 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Frame ID: A67E3F38052CCD831E28A0413D5282C8
Requests: 4 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Frame ID: 6B4FFC9E7D400DFD75956F2B8A9AC929
Requests: 1 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Frame ID: 7945EC4ECDA98932C4C302A722129634
Requests: 6 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Frame ID: 38F90E7ACE539D1F1AE5BA657D3A9222
Requests: 1 HTTP requests in this frame

Frame: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&998517&0&0&182&81.95.5.44&counter&1
Frame ID: 3E61BD6D5440DF25B80F996255BA28C0
Requests: 2 HTTP requests in this frame

Frame: https://top-fwz1.mail.ru/counter?id=2951107;pid=f8f5dcd1-bd92-4f7a-a6950849231b8439
Frame ID: 5399DDC9ECF1A9FD6D37FEA8B7F33193
Requests: 1 HTTP requests in this frame

Frame: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369&bounce=1&random=1108205457
Frame ID: 1C7B671079E86C1E5895F2A8FCB471A1
Requests: 1 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=f8f5dcd1-bd92-4f7a-a6950849231b8439
Frame ID: 2FCD9B1737C35D91A847446445D3DAD2
Requests: 1 HTTP requests in this frame

Frame: https://tags.fulllab.com.br/safeframe
Frame ID: F31E4EDBBA4EC7C2C5B9AFFB30F18B86
Requests: 4 HTTP requests in this frame

Frame: https://cdn.dsspn.com/trk/img.gif?px=fqj&trp=0&cb=4a922da1081836908ab0e&w=1600&h=1200&sq=false&ut=https://autoteka.ru/report_by_ad/2547034876&pop=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&popParent=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Frame ID: A973804E814AC891FB53DF8A173196DB
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30
Frame ID: A00EC798484CB9C420D61330D29FB3A2
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Автотека - сервис проверки истории автомобиля по VIN

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

169
Requests

89 %
HTTPS

27 %
IPv6

64
Domains

84
Subdomains

77
IPs

14
Countries

5705 kB
Transfer

11754 kB
Size

99
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://8732814.fls.doubleclick.net/activityi;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA-- HTTP 302
https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Request Chain 20

https://fullstory.com/s/fs.js HTTP 301
https://www.fullstory.com/s/fs.js

Request Chain 26

https://px.adhigh.net/p/tracking.gif?syncs=default&site_id=5934&pixel_id=avto HTTP 302
https://px.adhigh.net/p/tracking.gif?syncs=default&site_id=5934&pixel_id=avto&bounced=1 HTTP 302
https://ssp.bidvol.com/usersync?id=P1VY5iUAZ7f.AikABlGDaQiQGQ&dspcsid=142

Request Chain 27

https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true HTTP 302
https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true&bounced=1

Request Chain 36

https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0 HTTP 302
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true

Request Chain 67

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown HTTP 302
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown&tuid=-4906028394

Request Chain 93

https://gum.criteo.com/sid/json?origin=onetag&domain=autoteka.ru&sn=ChromeSyncframe&so=0&topUrl=autoteka.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8ddNY3wybGlzUU4rUU9XL1c5cjMyR1N4UmpYYkRhcDdDZnVrN3Q3QWtiSVg4eHAya2NaeUFJUXl4NmVpUUw4dEhlYng1dnpZTkZaRmdBbnkvZW5yaSs2YldHN05BTVlpV1lyKytrRkdDaDAzL0puMjFuWEVyZ1gxeDNCRWhVdHF5M080WE9jV1g2Tng5aUNkTFI3WTJNODlCYzRlSzFCM3o1dUNKQUZUOVhUWktEWlpDeXlETDVRVzQrVDNUdXI1WDhzTEZvMEtYZ2UrSkpMeFlOWWpLV2NYNVpnc2JmWFZNNmlrSlp4dHJRc1NDcURsd3VoZ2hla3llZHR3Q01qMDZZaFYxajBSaGFxOU4xTGJ3aXJvMElDQTMyZz09fA&cppv=2

Request Chain 96

https://x.cnt.my/px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876 HTTP 301
https://x.cnt.my/px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rand=0.5507809137831052&xtmp=1

Request Chain 100

https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=TiEuc1IoezyU HTTP 307
https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=TiEuc1IoezyU

Request Chain 101

https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU HTTP 302
https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU?redir-setuniq=1

Request Chain 104

https://ads.betweendigital.com/match?bidder_id=12&external_user_id=TiEuc1IoezyU HTTP 302
https://ads.betweendigital.com/match?bidder_id=12&external_user_id=TiEuc1IoezyU&crf=1

Request Chain 116

https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369 HTTP 302
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369&bounce=1&random=1108205457

Request Chain 140

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_cm&google_hm=ay1temhkUFZFLThiX1NUc1RLQXFGRDlsTXktc190YXYzUGs5UFdTdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_gid=CAESEAjn2Rs2noV6_kzg8KkP56A&google_cver=1&google_ula=913071,0

Request Chain 142

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6018882708767400161

Request Chain 143

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ&C=1

Request Chain 144

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ

Request Chain 154

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg&verify=true

Request Chain 158

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR

Request Chain 163

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vye32frB2Ey7wRuXJzqjhTIbbAsaWOeh

Request Chain 167

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EeUEwrzWhIsYFQFTJlvQU0KMcyhjCU1T

169 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2547034876 Show response
autoteka.ru/report_by_ad/ 14 KB
4 KB 293ms
62ms Document
text/html 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx / Express

Resource Hash

f21c876ba71456aa308e62cd182e4c810aa5e24610a72f7214dd4e3b83240dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 06:28:31 GMT
etag: W/"38af-183650f0eb2"
last-modified: Thu, 22 Sep 2022 11:57:09 GMT
server: nginx
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK loader.js Show response
api.flocktory.com/v2/ 266 KB
79 KB 238ms
71ms Script
application/javascript 52.51.157.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/loader.js?site_id=3506
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.157.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-157-173.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: e5adc8ce948c577670bbaa0c4279054fccb8c377e7e884bb7af780f1c970ae8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:31 GMT
Content-Encoding: br
Last-Modified: Mon, 12 Sep 2022 10:21:02 GMT
Server: openresty
x-amz-meta-s3cmd-attrs: atime:1662978023/ctime:1662978023/gid:0/gname:root/md5:708390b6aacf24ffacc6c880b71d8471/mode:33188/mtime:1662978023/uid:0/uname:root
x-amz-request-id: 27MWJCGF0WEFGVMH
ETag: W/"708390b6aacf24ffacc6c880b71d8471"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 79679
x-amz-id-2: ObaCrSEZTlnoEKXcFbbob9GVylh+dO5R3f7T5nUQIEK5DZKPaWwgELOqLFAgnLH0VjoT0bAMS2k=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 110ms
48ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4dfde90ab9fc788d1932b954f87916fcb01e944eb198daf18ee111481f18447b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 06:28:31 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ 281 KB
79 KB 61ms
30ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?hl=ru&recaptchacompat=off&onload=onHcaptchaLoad

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
x-amz-cf-pop: FRA56-P4
cf-ray: 74f138830d959241-FRA
x-amz-cf-id: ybnGg_HDdwV0RL1lfsjRHumWQ5uQ8cnBF1V5ZnOtgrcXsAWKDff2jQ==

GET
H2 200 tagtag.min.js Show response
www.artfut.com/static/ 3 KB
2 KB 76ms
28ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tagtag.min.js?campaign_code=cdb29d61cd

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1026
pragma: public
last-modified: Mon, 23 May 2022 09:16:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628b50f9-d05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAzfyAvoJkFFdXOlK15voytIxZ36CFz7p3DF2%2Fk95TYQAT57tE%2BLaJriE34T5rY9BxTkKxXb7WQBFguMrjOb%2BsDpEi2wPw1XhvAh4OBLuBx5q3y0Nv6pTi0hFJmIlE%2FQVus5NnNGAuOv%2Fbdf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 74f13883e8f7b778-AMS
expires: Fri, 23 Sep 2022 06:31:26 GMT

GET
H2 200 fingerprint-1.5.1.js Show response
autoteka.ru/libs/ 194 KB
52 KB 245ms
243ms Script
application/javascript 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/libs/fingerprint-1.5.1.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

6b1895f596ca0165013c73cba2d68a9281cc79a14a429f92d008ce87df7aee7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:57:09 GMT
server: nginx
etag: W/"632c4d95-30642"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 7
x-xss-protection: 1; mode=block

GET
H2 200 vendors~index.8fe3f4c63264218a1be2.css
autoteka.ru/assets/ 580 KB
324 KB 69ms
68ms Stylesheet
text/css 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/vendors~index.8fe3f4c63264218a1be2.css

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

8d96fc3098fe72f0eb919c49a0fb7f6ffc5f24c3ea8f7f4d2b6181266a612669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: W/"d859fb4b352c2d52605f0072c098b5c5"
x-frame-options: SAMEORIGIN
content-type: text/css
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H2 200 index.748d500536777df50bf6.css
autoteka.ru/assets/ 1 MB
710 KB 298ms
298ms Stylesheet
text/css 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/index.748d500536777df50bf6.css

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

044fd168bc93267aa053c1be6d3a94431f740a27e77edb8b2e25017418400e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: W/"ebd62c3550e1196608abe32606b5fa82"
x-frame-options: SAMEORIGIN
content-type: text/css
x-envoy-upstream-service-time: 34
x-xss-protection: 1; mode=block

GET
H2 200 vendors~index.e5415b36a4ba3fbe393c.js Show response
autoteka.ru/assets/ 2 MB
776 KB 296ms
295ms Script
application/javascript 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

d00201ae13d8cea6e4a1954cc8702b65d5a741f5cb5cfa81d13444f754c2cb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: W/"929f9447f91c27c1ea9c11dc116fa58f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 75
x-xss-protection: 1; mode=block

GET
H2 200 index.24bfbe141d3f0ee5effb.js Show response
autoteka.ru/assets/ 1 MB
358 KB 242ms
241ms Script
application/javascript 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/index.24bfbe141d3f0ee5effb.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

984e86a3e3cd3a1e31725424167e790fb2fb26a7b646a83fa4a446e128fbe1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: W/"046ca31df5d8448fbe5fea755d512002"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autoteka.ru/
Origin: https://autoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:37:13 GMT

GET
H/1.1 200
OK / Show response
code.acstat.com/ 25 KB
25 KB 464ms
320ms Script
application/javascript 212.41.26.238
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://code.acstat.com/

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.41.26.238 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

e51dfc7c1542fba9c99daefb88e311270c7c295864444f89f693d6b67f8360c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:32 GMT
Server: nginx
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 25297

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
66 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10c6a4b9c87b756f6abfacbea865182bf776c059b119325e6c62b642639adb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67344
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 06:28:31 GMT

GET
DATA 200
OK truncated
/ 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef8c25a61ce9e95b88fb68bf0a2cf22f478ce02a5da92c3708d9bd317add3e08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 477b6b9e4dfe875116e1270260a9b72a9a61dc4aad9fa426b114d6b58aadb5f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 87BC 42 KB
22 KB 57ms
56ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4&co=aHR0cHM6Ly9hdXRvdGVrYS5ydTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=1186nj3pho5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef319448b98ad4c9a0e9a6a8a09f0c2e79ed7479e94a652929bfe6608defd128

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vDHIQSDh6KVcoINWZ9AYHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22408
content-security-policy: script-src 'report-sample' 'nonce-vDHIQSDh6KVcoINWZ9AYHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 104 KB
41 KB 40ms
15ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-NBC75HV

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9de8a7c4eb0310d597c3cbbb76a3e2c53dc4714527f23aae5a9d980fc13da651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41517
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 06:28:32 GMT

GET
H3

200

activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F25470... Show response
8732814.fls.doubleclick.net/ Frame 0F59
Redirect Chain

https://8732814.fls.doubleclick.net/activityi;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F254...
https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%...

608 B
512 B

45ms
26ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

3b3358f61f40aab39fdb13bf6dba1ec04db9943bf2150fa6ce95874fa744fad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 487
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5192
date: Fri, 23 Sep 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 07:02:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 160ms
98ms Script
text/javascript 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 06:28:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: Pl5EEK0kEUjwymBHgSn8dJK4WDcqgompXs1iTyrvv+J8o8W4v3GFkKsgAHe7svAmUh6AHPU7iIK+E2e8wWbZig==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 06:28:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

404

fs.js
www.fullstory.com/s/
Redirect Chain

https://fullstory.com/s/fs.js
https://www.fullstory.com/s/fs.js

0
0

93ms
8ms

Script
text/html

2a05:d014:275:cb01:2ef6:2f8a:9434:a758
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fullstory.com/s/fs.js
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Server: 2a05:d014:275:cb01:2ef6:2f8a:9434:a758 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

x-nf-request-id: 01GDMGH3RD9K7WKJ5WGQV7NX9A
date: Thu, 22 Sep 2022 23:56:07 GMT
referrer-policy: same-origin
server: Netlify
age: 23545
x-frame-options: DENY
content-type: text/plain
location: https://www.fullstory.com/s/fs.js
cache-control: public, max-age=0, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 48
x-xss-protection: 1; mode=block

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 83ms
36ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKNCQ9K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 11:02:07 GMT
server: nginx
etag: W/"630756af-a8d9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 24 Sep 2022 06:28:32 GMT

GET
H2 200 DSPCounter.js Show response
tags.soloway.ru/ 8 KB
8 KB 211ms
42ms Script
application/x-javascript 88.212.240.204
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.soloway.ru/DSPCounter.js
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.240.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b1444be514e20cdb4b0851bede140f21487b5a28738f64184a5433dfa2d51e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
last-modified: Wed, 29 Dec 2021 12:33:45 GMT
server: nginx/1.14.2
etag: "61cc55a9-1e6a"
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7786

GET
H2 200 tag.js Show response
cdn.rutarget.ru/static/tag/ 4 KB
2 KB 37ms
6ms Script
application/x-javascript 176.9.0.57
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/tag/tag.js
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.0.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-s-fr52.rutarget.ru
Software: nginx /
Resource Hash: f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 14:00:14 GMT
server: nginx
etag: W/"60d48fee-f73"
access-control-allow-methods: OPTIONS
content-type: application/x-javascript
cache-control: max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
expires: Fri, 23 Sep 2022 06:30:01 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 178ms
75ms Script
application/x-javascript 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: br
x-frontend: front226206
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Tue, 27 Sep 2022 06:28:32 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 32 KB
14 KB 206ms
97ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
server: nginx
etag: W/"6320beaf-7ecc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 23 Sep 2022 07:28:32 GMT

GET
H2

200

usersync
ssp.bidvol.com/
Redirect Chain

https://px.adhigh.net/p/tracking.gif?syncs=default&site_id=5934&pixel_id=avto
https://px.adhigh.net/p/tracking.gif?syncs=default&site_id=5934&pixel_id=avto&bounced=1
https://ssp.bidvol.com/usersync?id=P1VY5iUAZ7f.AikABlGDaQiQGQ&dspcsid=142

0
413 B

168ms
63ms

Image
text/plain

65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.bidvol.com/usersync?id=P1VY5iUAZ7f.AikABlGDaQiQGQ&dspcsid=142
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876
Protocol: H2
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 04cab02d-0adb-4f2a-ad72-cf34cc8bc2d0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ssp.bidvol.com/usersync?id=P1VY5iUAZ7f.AikABlGDaQiQGQ&dspcsid=142
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

tracking.gif
px.adhigh.net/p/
Redirect Chain

https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true
https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true&bounced=1

49 B
325 B

48ms
48ms

Image
image/gif

193.232.148.141
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true&bounced=1
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Server: 193.232.148.141 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp2.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
server: nginx
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/tracking.gif?syncs=bsw&syncs_only=true&bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tracking.min.js Show response
www.artfut.com/static/ 24 KB
7 KB 36ms
35ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/tracking.min.js?campaign_code=cdb29d61cd

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=cdb29d61cd

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 583
pragma: public
last-modified: Mon, 23 May 2022 09:16:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628b50f9-616e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEo6UsHGcEiQ8UTFLlu1xAg%2FSOkbRVQTzBk5ndjb6YSlyHSC9kfsYPYP8hWE6S0c2lkBRBombd9OYwk3n9en9V%2Fg2rjdwKlSa2cjZs8nqoJrp4V5NQg%2BQ6iYqYnFsuPhyTVj%2FV1XVJmnThYE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 74f138849a5db778-AMS
expires: Fri, 23 Sep 2022 06:38:49 GMT

GET
H2 200 crossdevice.min.js Show response
www.artfut.com/static/ 24 KB
8 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:16d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.artfut.com/static/crossdevice.min.js?campaign_code=cdb29d61cd

Requested by

Host: www.artfut.com
URL: https://www.artfut.com/static/tagtag.min.js?campaign_code=cdb29d61cd

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:16d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 583
pragma: public
last-modified: Mon, 23 May 2022 09:16:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"628b50f4-5f2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XtDvlh%2By2yt74Y9pJnVLCCMoJ2sdQIOixOpaZbD1JUXPO6gElRAsPYXzjPrFwi0LCup7QBKWKIhzYcM4hoZqwwY7bKfS3fYXxSTZm%2BRUATQCFd91DaFVqplALCFlFxuANWB9AUUSUO5yUHYD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1200, public
cf-ray: 74f138849a60b778-AMS
expires: Fri, 23 Sep 2022 06:38:49 GMT

GET
H/1.1 200
OK provider.html Show response
api.flocktory.com/v2/provider/ Frame C880 176 B
965 B 30ms
30ms Document
text/html 52.51.157.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/provider/provider.html
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.157.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-157-173.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 7b2195aeeebb6d9585dcbbc008d73017abe6354a15205c034bc4e9452a8e5d1e

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000 max-age=604800 public, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 176
Content-Type: text/html
Date: Fri, 23 Sep 2022 06:28:32 GMT
ETag: "fa0d23dc4ae114b646672c80aabc3406"
Expires: Wed, 22 Mar 2023 06:28:32 GMT
Last-Modified: Tue, 29 Mar 2022 08:40:38 GMT
Pragma: public
Server: openresty
x-amz-id-2: 1FOYgnfixPksZyq+3w4mOsy7F+9VaO88zYbBh1JP6TooUrDTyRsTXoWdk+tBmQGoETsBiCdYKiU=
x-amz-meta-s3cmd-attrs: atime:1648543146/ctime:1648543236/gid:0/gname:root/md5:fa0d23dc4ae114b646672c80aabc3406/mode:33188/mtime:1648543146/uid:0/uname:root
x-amz-request-id: QX46S0Y81XEVMWWC

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 87BC 52 KB
24 KB 27ms
10ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4&co=aHR0cHM6Ly9hdXRvdGVrYS5ydTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=1186nj3pho5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:09:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 87BC 391 KB
156 KB 30ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:37:13 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 39ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=995535638&t=pageview&_s=1&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABQAAAAC~&jid=933460050&gjid=811987833&cid=404330243.1663914512&tid=UA-2546784-18&_gid=699508282.1663914512&_r=1&gtm=2wg9l0PKNCQ9K&z=532353233

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://autoteka.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 143ms
99ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1677961067&gjid=1017088876&_gid=699508282.1663914512&_u=aGDAgEABQAAAAG~&z=1096425523

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 06:28:32 GMT
content-type: text/plain
access-control-allow-origin: https://autoteka.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=995535638&t=pageview&_s=1&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABQAAAAC~&jid=1677961067&gjid=1017088876&cid=404330243.1663914512&tid=UA-78711947-1&_gid=699508282.1663914512&gtm=2wg9l0PKNCQ9K&cd4=404330243.1663914512&z=1446822549

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29188
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tag Show response
tag.rutarget.ru/ Frame C32A
Redirect Chain

https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.Z...
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.Z...

324 B
807 B

122ms
41ms

Document
text/html

188.72.107.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true
Requested by: Host: cdn.rutarget.ru
URL: https://cdn.rutarget.ru/static/tag/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.107.156 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS: fr09.segmento.ru
Software: nginx /
Resource Hash: ca890ea24699e3b3fc11e8b84c5c3c210d7ce9ba5245cd9dba1d42f13ec7ff07

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 06:28:32 GMT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked

Redirect headers

Connection: close
Content-Length: 0
Date: Fri, 23 Sep 2022 06:28:32 GMT
Location: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server: nginx
Timing-Allow-Origin: *

GET
H3 200 478068143764680 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 149ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478068143764680?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81a72f16e5c0d24e611348bcbf82a36d1068af3bdcd1e718ef8140fc5a76cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85874
x-xss-protection: 0
pragma: public
x-fb-debug: 8crAJS07BfLPx+641CbKnxQkxQTyX+uR/LWVp494CJHQAWBOe7ZhO9wRli2/1tYW/hjR6/GaHEf6cv/gTaInPg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 06:28:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bd03a2cc277bbbc338d464e679fe9942.woff2
autoteka.ru/assets/ 178 KB
179 KB 131ms
125ms Font
font/woff2 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/bd03a2cc277bbbc338d464e679fe9942.woff2

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/index.748d500536777df50bf6.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/assets/index.748d500536777df50bf6.css
Origin: https://autoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: "bd03a2cc277bbbc338d464e679fe9942"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 182708
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK provider.min.js Show response
api.flocktory.com/v2/provider/ Frame C880 38 KB
14 KB 43ms
40ms Script
application/javascript 52.51.157.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flocktory.com/v2/provider/provider.min.js
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/provider/provider.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.157.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-157-173.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 96019c123ff386c5f51cff4120c1d50973af914b57cf31f1157012296e1958ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.flocktory.com/v2/provider/provider.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:32 GMT
Content-Encoding: br
x-amz-request-id: 7G9WK83BH9DV23TQ
Connection: keep-alive
Content-Length: 13882
x-amz-id-2: e/qI44zpj8JfmmJPj4G6RH7rW6lRow7Xx409+B4VY9p7PE8Mah4oosKPHsqwHEn4nW+SCGZpT0Y=
Pragma: public
Last-Modified: Tue, 29 Mar 2022 08:40:38 GMT
Server: openresty
x-amz-meta-s3cmd-attrs: atime:1648543146/ctime:1648543236/gid:0/gname:root/md5:736443f817d49a8b83ea3a1ecc908bec/mode:33188/mtime:1648543146/uid:0/uname:root
ETag: W/"736443f817d49a8b83ea3a1ecc908bec"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000, max-age=604800, public, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Expires: Wed, 22 Mar 2023 06:28:32 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 87BC 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 38903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Sep 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87BC 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 220911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 20 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 87BC 15 KB
15 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 288433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 87BC 102 B
133 B 42ms
42ms Other
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0ltgUAAAAAF2d01bYJA_ukhm7gXn_o3__UQu4&co=aHR0cHM6Ly9hdXRvdGVrYS5ydTo0NDM.&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=1186nj3pho5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 06:28:32 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D73B 15 KB
6 KB 584ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=autoteka.ru&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 817793
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1677961067&_u=aGDAgEABQAAAAG~&z=2040604424

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 43ms
20ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1677961067&_u=aGDAgEABQAAAAG~&z=2040604424

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 init-app
api.autoteka.ru/maintenance/ Frame 0
0 431ms
58ms Preflight
application/octet-stream 146.158.54.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/maintenance/init-app?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.54.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-version,x-release-version
Access-Control-Request-Method: GET
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, X-Request-Unique-Id, X-Client-Version, X-Captcha-Token, X-Release-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/octet-stream
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx

GET
H2 200 init-app Show response
api.autoteka.ru/maintenance/ 385 B
1 KB 100ms
99ms Fetch
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/maintenance/init-app?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash: 59f04170f4de211127f937d1bb8f981af05c84ee439fc5fce416b649ee4d86e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
X-Client-Version: 9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Release-Version: v352
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
server: nginx
x-minimal-client-version: 9
content-type: application/json
access-control-allow-origin: https://autoteka.ru
access-control-expose-headers: X-Request-Unique-Id, X-Minimal-Client-Version, X-Captcha-Token
cache-control: no-cache, private
x-envoy-upstream-service-time: 34
access-control-allow-credentials: true
x-request-id: 86f2c156-46e0-4920-8d56-f61749d7b45d

GET
H2 200 20.bc69f7ef595291bc5749.js Show response
autoteka.ru/assets/ 7 KB
2 KB 61ms
60ms Script
application/javascript 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/20.bc69f7ef595291bc5749.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/index.24bfbe141d3f0ee5effb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

104a835780464f08e74c105f4ebaaf7bb6719c768e7ee88f63aa9ef5cd23cd4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:42 GMT
server: nginx
etag: W/"48260f5235344027c12f8746b5e16526"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame 9B14 2 KB
892 B 36ms
16ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ru&recaptchacompat=off&onload=onHcaptchaLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 534644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 74f13888e88a9241-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 23 Sep 2022 06:28:32 GMT
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id: kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/ Frame A67E 2 KB
1 KB 23ms
15ms Document
text/html 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?hl=ru&recaptchacompat=off&onload=onHcaptchaLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 534644
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 74f13888e88b9241-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 23 Sep 2022 06:28:32 GMT
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id: kCb55F4VMZVEzqdNUl4558nkmjZhdwUMJhSF3x2phOJTeUHlO50QNA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7839bbae6b196e12e70f4c5d8002344445438909d8d6bd1e804fec386a40c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fbacd5457d319e728d6119c483dcc9faf6df9e75a74f8e2fedbdb12c4272414

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3630f131fd4551b71bd7b4f3408c5a622f8b070143b5fcf77dffa91f497371b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 870 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8773c627564a195321c61b6a2fd52735d400d97c0441930676032eb8ee673020

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28851541b3a023a58f28e1efa2c5c9c7026b1f43cf834d1c33186ec97b44948e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 b9852dff26f7e1da3e4de2d4d3440044.woff2
autoteka.ru/assets/ 203 KB
203 KB 63ms
62ms Font
font/woff2 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/b9852dff26f7e1da3e4de2d4d3440044.woff2

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.8fe3f4c63264218a1be2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

81dafe581603f78ca0b9924c62a31577ba7bbaf555ea422e8eb36595d237d26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/assets/vendors~index.8fe3f4c63264218a1be2.css
Origin: https://autoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:44 GMT
server: nginx
etag: "b9852dff26f7e1da3e4de2d4d3440044"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 207676
x-xss-protection: 1; mode=block

OPTIONS
H2 200 init-app
api.autoteka.ru/maintenance/ Frame 0
0 327ms
59ms Preflight
application/octet-stream 146.158.54.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/maintenance/init-app?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.54.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-version,x-release-version
Access-Control-Request-Method: GET
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, X-Request-Unique-Id, X-Client-Version, X-Captcha-Token, X-Release-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/octet-stream
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=995535638&t=pageview&_s=1&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABQAAAAG~&jid=1675624692&gjid=944167653&cid=404330243.1663914512&tid=UA-78711947-1&_gid=699508282.1663914512&_r=1&gtm=2wg9l0PKNCQ9K&z=2050057398

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://autoteka.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init-app Show response
api.autoteka.ru/maintenance/ 385 B
1 KB 104ms
103ms Fetch
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/maintenance/init-app?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash: f891f5cede4cb5c8f7df3c9dc664170ea071212c8547a00c406788f45606b797

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
X-Client-Version: 9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Release-Version: v352
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
server: nginx
x-minimal-client-version: 9
content-type: application/json
access-control-allow-origin: https://autoteka.ru
access-control-expose-headers: X-Request-Unique-Id, X-Minimal-Client-Version, X-Captcha-Token
cache-control: no-cache, private
x-envoy-upstream-service-time: 40
access-control-allow-credentials: true
x-request-id: 9a455522-6e29-4f81-98be-69ae134401ab

GET
H3 200 ru.json Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/i18n/ 11 KB
4 KB 26ms
14ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/i18n/ru.json

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81542b5f3416e9082a5c0d8214a44632de8408e34e371bb7dd73cc28d1127c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62268
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"37fb4cff4ea3ce485697803cf27335d5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P1
cf-ray: 74f138897865bb7a-FRA
x-amz-cf-id: eeeD27Y6AYOl40Kft9p4MqQI3_zfjTDAgixVXIi07QqDi8dtkpfD9g==

GET
H3 200 ru.json Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/static/i18n/ 11 KB
4 KB 26ms
15ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/i18n/ru.json

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81542b5f3416e9082a5c0d8214a44632de8408e34e371bb7dd73cc28d1127c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 62268
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"37fb4cff4ea3ce485697803cf27335d5"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: DUS51-P1
cf-ray: 74f138897863bb7a-FRA
x-amz-cf-id: eeeD27Y6AYOl40Kft9p4MqQI3_zfjTDAgixVXIi07QqDi8dtkpfD9g==

GET
H2 200 dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Fac... Show response
adservice.google.com/ddm/fls/i/ Frame 6B4F 607 B
955 B 305ms
55ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Requested by

Host: 8732814.fls.doubleclick.net
URL: https://8732814.fls.doubleclick.net/activityi;dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c273b2f583a5abb824f667c86a612f687648a9f3cae9b08562fe58f6857ec581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8732814.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 486
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/731887262/ 3 KB
2 KB 120ms
95ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/731887262/?random=1663914512868&cv=9&fst=1663914512868&num=1&label=yE1rCM2lloUDEJ7t_twC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&tiba=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20&auid=1857695860.1663914512&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acb5e50cd57ddb2bdc61c96c7b67be12f9c31c30512302b1f972515f1498f055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1144
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
575 B 47ms
47ms Image
image/gif 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-978836-4nkju&metatag_url=https%3A%2F%2Fautoteka.ru&metatag_title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112244

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
x-frontend: front226206
server: kittenx
x-powered-by: KPHP/7.4.112244
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ 10 KB
10 KB 178ms
44ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: tags.soloway.ru
URL: https://tags.soloway.ru/DSPCounter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 18c79eaee0d752cb9e548825e24077a8253aa5fc01506d98db1a958cea7f3a93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
last-modified: Tue, 13 Sep 2022 14:07:51 GMT
server: nginx
etag: "63208eb7-2848"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 10312
expires: Fri, 23 Sep 2022 07:28:33 GMT

GET
H/1.1

200
OK

erle.cgi Show response
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown&tuid=-4906028394

2 KB
3 KB

57ms
57ms

Script
application/x-javascript

195.209.108.36
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown&tuid=-4906028394
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876
Protocol: HTTP/1.1
Server: 195.209.108.36 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 97f265effdab3ceb6e8927306982e06c89e6e2d0299504939ea114a226011900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:33 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:33 GMT
Location: /cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown&tuid=-4906028394
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
961 B 51ms
50ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3218827;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1663914512993%3A1663914513008%3A1%3Ab64b1193aae86d05044ea8299bc0cde6;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.6903298381635488

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 56ms
55ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3241169;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;pid=USER_ID;title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1663914512993%3A1663914513009%3A2%3Ab64b1193aae86d05044ea8299bc0cde6;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.8183697830833085

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK /
ad.mail.ru/retarget/ 43 B
384 B 238ms
45ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/retarget/?counter=3218827&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.6857154139777419
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:33 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
961 B 57ms
56ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3218827;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1663914512993%3A1663914513011%3A3%3Ab64b1193aae86d05044ea8299bc0cde6;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.48742091785973796;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 846999605738933 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/846999605738933?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6cf0be75ee6b45f74209f67d82bb0e82e385f8fe08202d84c53c70a97b74c40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85909
x-xss-protection: 0
pragma: public
x-fb-debug: GZ10oGCZ0ABl3LC/t7Yj37HTi+DSiAnC8UHWj3dq8f0m0BalAnxPNPn4UkX0LwGunElAhJC1pv37qoJMSGuHrw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 06:28:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 101ms
13ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478068143764680&ev=PageView&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rl=&if=false&ts=1663914513028&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663914513026.1421370283&it=1663914512223&coo=false&rqm=GET

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 101ms
14ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478068143764680&ev=ViewContent&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rl=&if=false&ts=1663914513029&cd[value]=0&cd[currency]=RUB&cd[content_ids]=%5B%22123%22%2C%22456%22%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663914513026.1421370283&it=1663914512223&coo=false&rqm=GET

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
x.cnt.my/async/track/ 3 KB
1 KB 90ms
6ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/track/?r=0.41315916205273373
Requested by: Host: code.acstat.com
URL: https://code.acstat.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: ad2973457e9e9573b2f3de433093041633f2d74ee37657cdc2f1af51a8a383b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 14:03:34 GMT
server: nginx
content-type: application/javascript
etag: W/"62d56836-a11"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 gsp.js Show response
gdeslon.ru/ 4 KB
2 KB 307ms
83ms Script
text/javascript 95.213.212.138
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://gdeslon.ru/gsp.js?mode=card&mid=104464&order_id=&cat_id=&codes=undefined%3A0&deduplication=&perf=1517&gs_uid=undefined&_t=1663914513035&source=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Requested by: Host: code.acstat.com
URL: https://code.acstat.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.213.212.138 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: joyce57.poptobox.com
Software: nginx / Express
Resource Hash: c5f4815aa1b87b678411fa4425452198c3c68e3915b86036d6daacba5e96b822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
etag: W/"11f8-xR+2l20VYm+qC4aZsjWY6kycJuA"
x-upstream-addr: 46.148.230.112:9003
server: nginx
x-powered-by: Express
content-type: text/javascript; charset=utf-8
x-upstream-response-time: 4444206.718
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
x-request-time: 0.021

GET
H2 200 container_v2.min.js Show response
static.indoleads.com/js/platform/ 1 KB
1 KB 307ms
101ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.indoleads.com/js/platform/container_v2.min.js
Requested by: Host: code.acstat.com
URL: https://code.acstat.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e8d694198c9e7b1dcfee6996eb2b4224249768d895cb0d80e3a403bb6b6d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Friday, 23-Sep-2022 03:39:41 GMT
server: cloudflare
age: 6741
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l04dxae417J7g3a0F79m%2F289IbKCLc2VDlgih9HRLZOLkIHPVRRk6QCN3XfoursFSTRm1k79pQ8QHH%2FQlGWkInn5Zl3cK5Cr0n4ww00l6GUhN1yVZNGIbzjUNDxpV1Al2C%2BJtxwzAl0nckyurZVx31vzUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74f1388c0fe55cb3-IAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
hit.acstat.com/autotekaru/ 0
344 B 355ms
206ms Image
text/plain 212.41.26.238
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hit.acstat.com/autotekaru/?sid=f5427969-8e54-4819-3304-06c7ce36e775&t_tid=67dd67f9-7156-102d-a536-2db85b0941ec&t_dp=&wid=&par=&ref=&t_t=&t_if=0&t_s=&if_p=&ih=1200&iw=1600&s_w=1600&s_h=1200&land=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.41.26.238 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 06:28:33 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0
Strict-Transport-Security: max-age=15724800; includeSubDomains

GET
H/1.1 200
OK tag Show response
tag.rutarget.ru/ Frame 7945 751 B
2 KB 152ms
51ms Document
text/html 188.72.107.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.107.156 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS: fr09.segmento.ru
Software: nginx /
Resource Hash: 5bc9976474ea422a1932ccdd57b2027b164ab6b09aa64f15944ef13e1b2f165d

Request headers

Referer: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=19079914743997640000&__location=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&__referrer=&__title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&__keywords=&_usertz=0&check-cookie=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 23 Sep 2022 06:28:33 GMT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1675624692&gjid=944167653&_gid=699508282.1663914512&_u=aGDAAEABQAAAAG~&z=1216692774

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://autoteka.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin: https://autoteka.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ft Show response
autoteka.ru/web/2/ 194 B
618 B 76ms
67ms XHR
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/web/2/ft

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

fa89678f03c1fc289960e153a88c7cd6b2284bea7f5e09121f699c83a30c071a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/report_by_ad/2547034876
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data;boundary="022652170230665014"

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
x-envoy-upstream-service-time: 6
x-xss-protection: 1; mode=block
x-request-id: 7b43d68a-f30d-455d-b42e-27a2924f650a

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 51ms
50ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3218827;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;detect=1;lvid=1663914512993%3A1663914513073%3A4%3Ab64b1193aae86d05044ea8299bc0cde6;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.8239453537454622;e=detect

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 52ms
51ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3241169;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;detect=1;lvid=1663914512993%3A1663914513074%3A5%3Ab64b1193aae86d05044ea8299bc0cde6;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.2599400978826478;e=detect

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/ Frame A67E 281 KB
79 KB 26ms
16ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2565973
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
cf-ray: 74f1388aca5e9a09-FRA
x-amz-cf-id: xGHO4DB_S8BVO_I8rRo55QPeLyVP1QrrOpBd-cRjOC7HqjG5JB7COA==

GET
H3 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/1f7dc62/ Frame 9B14 281 KB
79 KB 53ms
43ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
via: 1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2565973
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
server: cloudflare
etag: W/"84729783ded6e9166650d2e40d1556b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-P4
cf-ray: 74f1388aca5f9a09-FRA
x-amz-cf-id: xGHO4DB_S8BVO_I8rRo55QPeLyVP1QrrOpBd-cRjOC7HqjG5JB7COA==

GET
H3 200 /
www.google.com/pagead/1p-user-list/731887262/ 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/731887262/?random=1663914512868&cv=9&fst=1663912800000&num=1&label=yE1rCM2lloUDEJ7t_twC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&tiba=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20&async=1&fmt=3&is_vtc=1&random=523406331&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/731887262/ 42 B
64 B 51ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/731887262/?random=1663914512868&cv=9&fst=1663912800000&num=1&label=yE1rCM2lloUDEJ7t_twC&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&tiba=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20&async=1&fmt=3&is_vtc=1&random=523406331&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A67E 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame A67E 543 B
822 B 36ms
36ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=1f7dc62&host=autoteka.ru&sitekey=0d991e42-6e9a-4224-aa7c-b8ab56aface0&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ade170cf0041bf13a21f2611cc44e2518bb6533c16b6019f79d925e882941be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74f1388b8ab79a09-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 46ms
46ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1675624692&_u=aGDAAEABQAAAAG~&z=1999137039

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-78711947-1&cid=404330243.1663914512&jid=1675624692&_u=aGDAAEABQAAAAG~&z=1999137039

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u
www.avito.ru/stat/ 43 B
253 B 133ms
64ms Image
image/gif 146.158.52.24
ALFATELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avito.ru/stat/u?803949771

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.158.52.24 , Czech Republic, ASN44546 (ALFATELECOM, CZ),

Reverse DNS

Software

QRATOR /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://pro.avito.ru/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: QRATOR
x-frame-options: allow-from https://pro.avito.ru/
content-type: image/gif
x-envoy-upstream-service-time: 0
content-length: 43
x-xss-protection: 1; mode=block

GET
H2

200

sid Show response
mug.criteo.com/ Frame D73B
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=autoteka.ru&sn=ChromeSyncframe&so=0&topUrl=autoteka.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=8ddNY3wybGlzUU4rUU9XL1c5cjMyR1N4UmpYYkRhcDdDZnVrN3Q3QWtiSVg4eHAya2NaeUFJUXl4NmVpUUw4dEhlYng1dnpZTkZaRmdBbnkvZW5yaSs2YldHN05BTVlpV1lyKytrRkdDaDAzL0puMjFuWEVyZ1gxeDNCRW...

435 B
648 B

66ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8ddNY3wybGlzUU4rUU9XL1c5cjMyR1N4UmpYYkRhcDdDZnVrN3Q3QWtiSVg4eHAya2NaeUFJUXl4NmVpUUw4dEhlYng1dnpZTkZaRmdBbnkvZW5yaSs2YldHN05BTVlpV1lyKytrRkdDaDAzL0puMjFuWEVyZ1gxeDNCRWhVdHF5M080WE9jV1g2Tng5aUNkTFI3WTJNODlCYzRlSzFCM3o1dUNKQUZUOVhUWktEWlpDeXlETDVRVzQrVDNUdXI1WDhzTEZvMEtYZ2UrSkpMeFlOWWpLV2NYNVpnc2JmWFZNNmlrSlp4dHJRc1NDcURsd3VoZ2hla3llZHR3Q01qMDZZaFYxajBSaGFxOU4xTGJ3aXJvMElDQTMyZz09fA&cppv=2

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c3991576ad70ec6115f1063429038a0646e72069721373db2ee4810cb905fa1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2447719
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:32 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=8ddNY3wybGlzUU4rUU9XL1c5cjMyR1N4UmpYYkRhcDdDZnVrN3Q3QWtiSVg4eHAya2NaeUFJUXl4NmVpUUw4dEhlYng1dnpZTkZaRmdBbnkvZW5yaSs2YldHN05BTVlpV1lyKytrRkdDaDAzL0puMjFuWEVyZ1gxeDNCRWhVdHF5M080WE9jV1g2Tng5aUNkTFI3WTJNODlCYzRlSzFCM3o1dUNKQUZUOVhUWktEWlpDeXlETDVRVzQrVDNUdXI1WDhzTEZvMEtYZ2UrSkpMeFlOWWpLV2NYNVpnc2JmWFZNNmlrSlp4dHJRc1NDcURsd3VoZ2hla3llZHR3Q01qMDZZaFYxajBSaGFxOU4xTGJ3aXJvMElDQTMyZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 525630
content-length: 0
expires: 0

GET
H2 200 dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Fac... Show response
adservice.google.de/ddm/fls/i/ Frame 38F9 194 B
657 B 70ms
57ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKGzvsukqvoCFZPn5godl94Btw;src=8732814;type=autot0;cat=ru-au0;ord=1;num=8447648960940;gtm=2wg9l0;auiddc=1857695860.1663914512;~oref=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%3Facu%3DMzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 06:28:33 GMT
expires: Fri, 23 Sep 2022 06:28:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 autoteka.ru.js Show response
x.cnt.my/async/parser/ 6 KB
2 KB 7ms
6ms Script
application/javascript 138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://x.cnt.my/async/parser/autoteka.ru.js?r=4.03&dom=autoteka.ru
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/track/?r=0.41315916205273373
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.230.88 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: eeff1647602fb158a6a1cb49291aae8951e981b9bb247543ad5af130bef49fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 08:37:59 GMT
server: nginx
content-type: application/javascript
etag: W/"62ea33e7-1769"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
x.cnt.my/px/
Redirect Chain

https://x.cnt.my/px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
https://x.cnt.my/px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rand=0.550780...

35 B
551 B

8ms
7ms

Image
image/gif

138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.cnt.my/px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rand=0.5507809137831052&xtmp=1
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876
Protocol: H2
Server: 138.201.230.88 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: no-cache,max-age=0,must-revalidate, no-cache
content-type: image/gif; charset=utf-8
content-length: 35
expires: 0

Redirect headers

date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: /px/?r=0.19567693010636256&dom=autoteka.ru&tz=0&sw=1600&sh=1200&ow=1600&oh=1200&iw=1600&ih=1200&scd=24&p_id=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rand=0.5507809137831052&xtmp=1
cache-control: no-cache
content-type: text/plain; charset=utf-8
content-length: 198
expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 30ms
13ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=846999605738933&ev=PageView&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rl=&if=false&ts=1663914513236&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663914513026.1421370283&it=1663914512223&coo=false&rqm=GET

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H/1.1 200
OK setup-api.js Show response
api.flocktory.com/u_shaman/ 516 B
885 B 40ms
40ms Script
application/javascript 52.51.157.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flocktory.com/u_shaman/setup-api.js?body=%7B%22siteId%22%3A%223506%22%2C%22utm%22%3A%7B%22source%22%3A%22%22%2C%22medium%22%3A%22%22%2C%22campaign%22%3A%22%22%2C%22term%22%3A%22%22%2C%22content%22%3A%22%22%7D%2C%22site-session-id%22%3A%22b2172758-044a-4cb6-a1c1-8d478fbaedf6-2%22%7D&callback=flock_jsonp_1

Requested by

Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3506

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.157.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-157-173.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

abac79f348b92739c86d1f99535c73904e7e4c99522f04e7942402f08a78226b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:33 GMT
Content-Encoding: br
x-envoy-decorator-operation: shaman-public-api.production.svc.cluster.local:80/*
Server: openresty
Vary: Accept-Encoding
Strict-Transport-Security: max-age=604800;
Content-Type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 8
Connection: keep-alive
Content-Length: 342

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/40e56577/ Frame 9B14 956 KB
358 KB 15ms
14ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/40e56577/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 55349
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 22 Sep 2022 10:57:33 GMT
server: cloudflare
etag: W/"84bdb7bd52960277ec334157278a2667"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA53-C1
cf-ray: 74f1388bdad89a09-FRA
x-amz-cf-id: XcFFZUz-n3ZzxF7LHvAXKoM4asyCa1FBad-gLfPNHX1BjrH8W3IobA==

GET
H2

200

segmento
exchange.buzzoola.com/cookiesync/dsp/ Frame 7945
Redirect Chain

https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=TiEuc1IoezyU
https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=TiEuc1IoezyU

43 B
130 B

14ms
13ms

Image
image/gif

88.198.31.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=TiEuc1IoezyU
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Protocol: H2
Server: 88.198.31.232 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.198.31.232.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=TiEuc1IoezyU
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx
etag: W/"c7d23b459e6aa014cd94c20a719e335400166fde6a36e46a980295abc54775d9"
content-length: 103
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

TiEuc1IoezyU
an.yandex.ru/mapuid/rutargetis/ Frame 7945
Redirect Chain

https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU
https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU?redir-setuniq=1

43 B
108 B

71ms
71ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU?redir-setuniq=1

Requested by

Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 06:28:33 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 06:28:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 06:28:33 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/rutargetis/TiEuc1IoezyU?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 06:28:33 GMT

GET
H/1.1 204
No Content sg
tech.rtb.mts.ru/ Frame 7945 0
652 B 200ms
43ms Image
text/html 213.87.44.187
MTSNET Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tech.rtb.mts.ru/sg?segmento_id=TiEuc1IoezyU
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS: infrastructure-187-44.mts.ru
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.20.2
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 7945 43 B
452 B 72ms
71ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=34&id=TiEuc1IoezyU
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:33 GMT
Last-Modified: Fri, 23 Sep 2022 06:28:33 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 23 Sep 2022 12:28:33 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 7945
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=12&external_user_id=TiEuc1IoezyU
https://ads.betweendigital.com/match?bidder_id=12&external_user_id=TiEuc1IoezyU&crf=1

68 B
607 B

21ms
16ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=12&external_user_id=TiEuc1IoezyU&crf=1
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_ed520c87f21ee38ff11b31d0089e3dc0%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019
Protocol: H2
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=12&external_user_id=TiEuc1IoezyU&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 s.html Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame 3E61 2 KB
2 KB 43ms
42ms Document
text/html 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&998517&0&0&182&81.95.5.44&counter&1
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=220559&bt=62&custom=206%3DDSPCounter&ph=0&rnd=998517&tail256=unknown
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e0bb484dcb65beebef4e8d6068a833171c89c3ce775b733c44f3fcd3dc1bfb64

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 1556
content-type: text/html
date: Fri, 23 Sep 2022 06:28:33 GMT
etag: "62581738-614"
last-modified: Thu, 14 Apr 2022 12:44:40 GMT
server: nginx

GET
H/1.1 200
OK json.cgi Show response
ad.adriver.ru/cgi-bin/ 385 B
1022 B 60ms
59ms Fetch
application/json 195.209.108.36
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&cid=0&custom=301=0;302=0;303=unavail;304=0;308=0;309=GA1.2.404330243.1663914512&sid=1
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.36 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 38b08a0d277379ff6536a37e9b7018578af968eaab09b903ca6dee7cd5e7f4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:33 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://autoteka.ru
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 get-data Show response
api.autoteka.ru/user/ 17 B
476 B 86ms
81ms Fetch
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/user/get-data?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash: 67542cf6e5a34dbf09c00a9e07230ddec97a540e32999e84c1727a95184185fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
X-Client-Version: 9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Release-Version: v352
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
server: nginx
x-minimal-client-version: 9
content-type: application/json
access-control-allow-origin: https://autoteka.ru
access-control-expose-headers: X-Request-Unique-Id, X-Minimal-Client-Version, X-Captcha-Token
cache-control: no-cache, private
x-envoy-upstream-service-time: 20
access-control-allow-credentials: true
x-request-id: 09564b76-ea12-47cf-ae8c-477ce64038dc

OPTIONS
H2 200 get-data
api.autoteka.ru/user/ Frame 0
0 58ms
58ms Preflight
application/octet-stream 146.158.54.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/user/get-data?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.54.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-version,x-release-version
Access-Control-Request-Method: POST
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, X-Request-Unique-Id, X-Client-Version, X-Captcha-Token, X-Release-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/octet-stream
date: Fri, 23 Sep 2022 06:28:33 GMT
server: nginx

GET
H/1.1 200
OK ultimate.js
api.flocktory.com/underworld/tracks/ 33 B
33 B 36ms
36ms Image
application/javascript 52.51.157.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.flocktory.com/underworld/tracks/ultimate.js?body=%7B%22data%22%3A%7B%22action%22%3A%22session.page_visit%22%2C%22payload%22%3A%7B%22resolution%22%3A%221600x1200%22%2C%22ga%22%3A%7B%22utmcsr%22%3A%22%22%2C%22utmccn%22%3A%22%22%2C%22utmcmd%22%3A%22%22%2C%22h_utmcsr%22%3A%22%22%2C%22h_utmccn%22%3A%22%22%2C%22h_utmcmd%22%3A%22%22%7D%2C%22url%22%3A%22https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876%22%7D%2C%22links%22%3A%7B%22site%22%3A3506%7D%7D%2C%22site-session-id%22%3A%22b2172758-044a-4cb6-a1c1-8d478fbaedf6-2%22%7D&callback=flock_jsonp_9999

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.157.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-157-173.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:33 GMT
Content-Encoding: br
x-envoy-decorator-operation: tracks-general.production.svc.cluster.local:80/*
Server: openresty
Vary: Accept-Encoding
Strict-Transport-Security: max-age=604800;
Content-Type: application/javascript; charset=utf-8
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 37

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 836ms
31ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=49975&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3D2547034876%26vin%3Dundefined%26model%3Dundefined&p3=e%3Ddis&adce=1&bundle=azs8Fl9xY240eEVOaWZST1hGRiUyRkdjYiUyRmUlMkZoUWFYQ0V4a2xBSGN0b05xWXl3TXMlMkZUc253UEN3THV6em15S0U3UWlJd0RWNm1NcFRZZzBrck52aHVVU3FBdnZOczBhZkpXaW1yY0hLQzBvWjBwTnBYbGRtWEdLSnFYMGkyUUE2VHI2N0pGMWJpbjJYT3glMkZvdE9RbFdGeW5KUnZRJTNEJTNE&tld=autoteka.ru&fu=https%253A%252F%252Fautoteka.ru%252Freport_by_ad%252F2547034876&dtycbr=26339

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ef055f93fe235455ea274ea6315bde67c45b4f607bd477532f5f141cb6abb335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17361302
content-type: application/x-javascript
expires: 0

GET
H2 200 s.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame 3E61 13 KB
13 KB 44ms
43ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.js?rnd=159287
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&998517&0&0&182&81.95.5.44&counter&1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: fdc219c419b103c97dd30b669a712cd3cd260096428050f5407ccb2bf4691c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://content.adriver.ru/banners/0002186/0002186173/0/s.html?0&4&6&0&998517&0&0&182&81.95.5.44&counter&1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
last-modified: Fri, 16 Sep 2022 10:38:20 GMT
server: nginx
etag: "6324521c-33e6"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13286
expires: Fri, 23 Sep 2022 07:28:33 GMT

GET
H2 200 gsclick.js Show response
clicks.gdeslon.ru/ 6 B
113 B 142ms
99ms Script
application/javascript 95.213.212.138
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.gdeslon.ru/gsclick.js?_t=1663914513371&mode=card&mid=104464&codes=undefined%3A0&page_title=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&screen_width=1600&screen_height=1200&user_id=da12f8ef-4323-4b5e-9fc1-2f6ee5214ec1
Requested by: Host: gdeslon.ru
URL: https://gdeslon.ru/gsp.js?mode=card&mid=104464&order_id=&cat_id=&codes=undefined%3A0&deduplication=&perf=1517&gs_uid=undefined&_t=1663914513035&source=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.213.212.138 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: joyce57.poptobox.com
Software: nginx /
Resource Hash: e18a390d278e08cbefab99a8b3b69f83f9c9bb370a9e44c2e7c6d061164a4173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-length: 6
content-type: application/javascript

GET
H3 200 7730 Show response
static.indoleads.com/api/pixel-content/ 1 KB
1001 B 100ms
100ms XHR
application/json 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.indoleads.com/api/pixel-content/7730

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53fcd03678da874f6e907536b7d0fa69e2c42b46cbda5e65d2803210362fcdca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://autoteka.ru/
accept-language: de-DE,de;q=0.9
X-Request-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5261
httpblock: 1
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 03:29:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgLHrpAB7bpaO8LaQ9YomkTqlPOBkUEFPM9rCh3DS06rr1TVWT6fR6q0rwfzRMUD8HOE8ta2U27Uim%2Fl9iB9DJIpqeLK5GSjj%2FgNj2BKpG4SaWW55M8qkfYDWteO1FysQPGRbGlbj0gmiQiLRsHkk0jFhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=14400
access-control-allow-credentials: true
cf-ray: 74f138908850827a-IAD
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With

OPTIONS
H3 200 7730
static.indoleads.com/api/pixel-content/ Frame 0
0 551ms
455ms Preflight
application/json 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.indoleads.com/api/pixel-content/7730

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-with
Access-Control-Request-Method: GET
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Request-With
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 74f1388dabf8827a-IAD
content-encoding: br
content-type: application/json
date: Fri, 23 Sep 2022 06:28:33 GMT
httpblock: 1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDKxqETis7dgVM%2F%2FZ0VrWd58oJYrqmqtwnAkLouZ%2FXeg4fjaRe2M4jKAsQuslwI6gBwLr6hAt9OKvli4Bu0xRcCdG3vxgjaFNy9vsxML1gNgNYzvS1kPHtIyAd%2FJIzjW95dc4Cy5L4%2FbIljgAjzANDAL4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 counter Show response
top-fwz1.mail.ru/ Frame 5399 43 B
876 B 49ms
49ms Document
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?id=2951107;pid=f8f5dcd1-bd92-4f7a-a6950849231b8439

Requested by

Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3506

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: private, no-cache, no-store, max-age=0
content-length: 43
content-type: image/gif
date: Fri, 23 Sep 2022 06:28:33 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
pragma: no-cache
server: nginx
timing-allow-origin: *
x-content-type-options: nosniff

GET
H3

200

/ Show response
wf.frontend.weborama.fr/streampixel/ Frame 1C7B
Redirect Chain

https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369
https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369&bounce=1&random=1108205457

67 B
87 B

32ms
16ms

Document
image/gif

34.117.176.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369&bounce=1&random=1108205457
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3506
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.176.229 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 229.176.117.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 67
content-type: image/gif
date: Fri, 23 Sep 2022 06:28:32 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 23 Sep 2022 06:28:33 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Weborama Collect Frontend
via: 1.1 google

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 0
date: Fri, 23 Sep 2022 06:28:32 GMT
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Fri, 23 Sep 2022 06:28:33 GMT
location: https://wf.frontend.weborama.fr/streampixel/?wamid=7629&Wvar=%7B%22flocktory_id%22%3A%22f8f5dcd1-bd92-4f7a-a6950849231b8439%22%7D&d.r=1663914513369&bounce=1&random=1108205457
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
server: Weborama Collect Frontend
via: 1.1 google

GET
H/1.1 200
OK tag Show response
tag.rutarget.ru/ Frame 2FCD 35 B
417 B 126ms
44ms Document
image/gif 188.72.107.156
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?event=sync&partner=flocktory&external_visitor_id=f8f5dcd1-bd92-4f7a-a6950849231b8439
Requested by: Host: api.flocktory.com
URL: https://api.flocktory.com/v2/loader.js?site_id=3506
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.107.156 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS: fr09.segmento.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 35
Content-Type: image/gif
Date: Fri, 23 Sep 2022 06:28:33 GMT
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server: nginx
Timing-Allow-Origin: *

GET
H3 200 e Show response
newassets.hcaptcha.com/i/d5ef5ba/ Frame 9B14 113 KB
114 KB 14ms
14ms Fetch
application/octet-stream 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/i/d5ef5ba/e

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/40e56577/hsw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:33 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1443760
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115920
last-modified: Fri, 02 Sep 2022 07:03:20 GMT
server: cloudflare
etag: "ce885833508f58ddc1f45b0d115561ea"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 74f1388d0b819a09-FRA
x-amz-cf-id: RZ_LujzWHH3duxUUqLKlXzE_TGdkBSzU_JVEzaVhxIBY9RcdizHIcw==

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 13ms
13ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478068143764680&ev=Microdata&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rl=&if=false&ts=1663914513806&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fautoteka.ru%2Fshare%2Fautoteka-logo-new.jpg%22%2C%22og%3Adescription%22%3A%22%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN%20%D0%B8%D0%BB%D0%B8%20%D0%B3%D0%BE%D1%81%D0%BD%D0%BE%D0%BC%D0%B5%D1%80%D1%83%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fautoteka.ru%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%22%2C%22og%3Alocale%22%3A%22ru_RU%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=2&o=30&fbp=fb.1.1663914513026.1421370283&it=1663914512223&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 13ms
12ms Image
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=846999605738933&ev=Microdata&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&rl=&if=false&ts=1663914513807&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fautoteka.ru%2Fshare%2Fautoteka-logo-new.jpg%22%2C%22og%3Adescription%22%3A%22%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN%20%D0%B8%D0%BB%D0%B8%20%D0%B3%D0%BE%D1%81%D0%BD%D0%BE%D0%BC%D0%B5%D1%80%D1%83%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fautoteka.ru%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%22%2C%22og%3Alocale%22%3A%22ru_RU%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663914513026.1421370283&it=1663914512223&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

POST
H3 200 0d991e42-6e9a-4224-aa7c-b8ab56aface0 Show response
hcaptcha.com/getcaptcha/ Frame 9B14 3 KB
2 KB 479ms
479ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/getcaptcha/0d991e42-6e9a-4224-aa7c-b8ab56aface0

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1764e757d8aab3ed543ad4a2b87e8b21daecaca51b2f74a0cdaad034bc4471

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cf-ray: 74f1388f5cb09a09-FRA
date: Fri, 23 Sep 2022 06:28:34 GMT
x-esid: 339510303
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
webecyzo.com/ 412 B
739 B 121ms
10ms Script
application/javascript 159.69.11.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webecyzo.com/
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.11.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.11.69.159.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 758698d3f2de94176d3827cd680590028c87af424ce7a789262d270ab975fe37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 06:28:34 GMT
Server: nginx/1.14.0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 412
Content-Type: application/javascript

GET
H2 200 pixel.min.js Show response
cdn.dsspn.com/trk/v1.1/ 1 KB
2 KB 298ms
99ms Script
text/javascript 52.54.253.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dsspn.com/trk/v1.1/pixel.min.js?c=5240ef8a-4ca3-41f4-9401-e410d0285126&e=0&n=Dewalt&cb=1663914514061&enc=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.253.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-253-41.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: 28aaed465e04c007f9c53a765bc41f24e4608283a86421eb0387c841d953c682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
server: nginx/1.23.1
etag: W/"47c-tly1nZrmDJ1Er31JTcCjlyoNFrY"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 1148

GET
H2 200 produto_shopdewalt.js Show response
tags.fulllab.com.br/scripts/ 586 B
519 B 284ms
93ms Script
text/javascript 159.89.241.163
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.fulllab.com.br/scripts/produto_shopdewalt.js

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.89.241.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

kylebarfuss.com

Software

Resource Hash

f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-runtime: 0.005879
date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: br
etag: W/"f38faad9febeaa4ffa814a63624d6450"
strict-transport-security: max-age=3600; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0
x-request-id: c724b212908909ea07518b1604dc084c
expires: 2022-08-24 06:28:34 UTC

GET
H/1.1 200
OK / Show response
m.webecyzo.com/ 2 KB
3 KB 65ms
11ms Script
application/javascript 159.69.11.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.webecyzo.com/?t=0.2175867366825086
Requested by: Host: webecyzo.com
URL: https://webecyzo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.11.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.11.69.159.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 5fca8d67bb1c8bb91deeec9ed4fdb7e24c039c0b83a6fbee5d8816ed5ae8ea3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 06:28:34 GMT
Server: nginx/1.14.0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2261
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
c.webecyzo.com/ 0
325 B 82ms
13ms Script
application/javascript 159.69.11.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webecyzo.com/?id=44a22002-42f6-1190-490a-69785c0b8e0c&iframe=0&width=1600&height=1200&screen_width=1600&screen_height=1200&d=1&url=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&ref=&t=0.8579502150630327
Requested by: Host: m.webecyzo.com
URL: https://m.webecyzo.com/?t=0.2175867366825086
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.11.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.11.69.159.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 23 Sep 2022 06:28:34 GMT
Server: nginx/1.14.0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0
Content-Type: application/javascript

GET
H2 200 ad_item_id_2547034876 Show response
api.autoteka.ru/preview/ 66 B
550 B 280ms
279ms Fetch
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/preview/ad_item_id_2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop&h-captcha-response=P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiY0lrOG93dUd5bVRXMFhUZTNrdCtSNnhZNHFCZmc2MEZpSWUzT0xCMGMrS09pQUt2MUFobHQ5SjRtVWJRL1JMNzNTUVJiTXdobmdwYTNCRWJYMXB6SUpJSkY0ODVWSG9pbUVHQVdmTndZOEZZTlRmSmcvMHROeStNUnhSRVJmQUowdjBmMVAwVysvMHlmQjkyZmZzdjV4bXhyeGxFbUJWYTFQSGpyUmJOS1d4aDVXWW1MdTZlbEJ0Zmt3YlBLQ2hxM1RmMXRLYVF6Skh3MGRYWktieEFCenZWRm9Cc1k1S1BhSW1MZUNWY29CQXBHVFZrY2xVQ0U5K2pRVHhxcWpjZHZ1WUZOSTV4SjR4N1gxaUZuQXQ0Q1lGZzlhN0t3cEt3VkN1MERyZVNpSXRNZVg0WjNmbGczUXdoM2g1RWdoSlFFM2czSkFDR3pyMXFhZkFGaGxoS0VxdEkxQ01xYXR2SzJqRXVPakNmNTlEUktmRi9paWhSVEZXNjkvWjdsOGM4QzdFK05DQllEZ01LT01DSTBYbnNseWxPelRZUDhvV2JTWVRXUGc5VVBaY1FNbXovRFBlZ3F3WVlIdXBxU05yejBXTXpDOXAwd3ovcWIvUnU4MjNZYUU3NVFxQnJMUzB1eXBPRnE1MlFtanVzaFB1ZmFJemh0WGx6Q2R4TlJSRFkyc2dUWERmbGcwMlJ0RWl3YXVyZ01pUjhGNUU4Y2dvNG90b05sZTNFU3pyQWRWUjZDTU0vRExxSWRGZVI4eURXR1hGeld4ck5Pa01nWVJrenBKSURpSFhDLzRWWkQyTS9xN29iYjVmUmJ6VlNnV2srQTNCclNmSENEQjFPQUg5OVlrVE51Ym83aTV6alpZZHUrNjB1QnFUY1JuM0ZPckRjYXU1U3hTTTNXODFSczJrNHVjQXhUcVo0YWpVZjFnMkNhdVg5ZlYybzR4bHFyaWxuYUgxb1hKdHdvMFZNNXdzaXVBdkRjQk9sYjN3Q29PTlgxczlpZ0RlYXBGVlEwRjBJN3M1R0NKZGMvbXViRXFqSzlySURzeWE2L3hFV3Y5bHFRRThYVnNvbTlDLzd0Q3ZsQkRVZ0FnMUQ3SEtVbUZDNURtSU5VdFlmcXdUZHdtUXRWQ1RvQlR2VzBnU2hwZEoyL09YSjh5TG5tbC9DQTMvc1JpRlNQTEhQZ3dKdlJXTDh6Qy9QdUtZYmtrbWdFVXJzSVpYeWZLRVVFWTR0enlveUFoZTl6M3M3eHN5RmtkOTExVk4wRjdoczUxRUxhLzQrcnoycW03dGk1Zmh3VDMvbDRtM1hDcVF0QTZVN0dsd3BBRFZJYWdIS21pTGRZUkpFRHBBTFZZelRRN3dUZEpheTFpNHhieWltaUMyUm02L2NJSmxrS0RqdTRyYUJZcUMwOFhDdkE3bzR5djR4TU9nNm1kVE5Kc0tHcTVJSjdQMkwrMml4b3NHU1RGUHoyWWd2cFdPMThaSVd0c2tjQ055WlJYSGF6SjVBL3JGSW5xQWFkNnpnbEpJS1hIcUhJUGFTeVY2QzdESTJVQWVGMCtkYXNtenl0c3l3Tk1rN1BRMDVzc25MMWpBM0xpUnNoY20zUnBOdlpzdTJ5ZGtoMVVNZjZWeTZreEFkTGZHZ1N1Q2hFMnE2aWtWUWlQeTlVcHJxNW9VZ3RBcmNMOGhNNy9CdmNQYjY4ZHZxMkZVQnFsMVFDR3VMSnVSTyswRjQ1Wm9mOEtMMVZxVGtLZ09jcjM5VHJadlBaMGEyZGtUZjFhTGt1T2grSm9qOGxYdnJHZjhucEljbnVSVWE2dExMaUtHbFg0YUhicDlBUkV3d1hUMDRTMDRnNGd0NU1HaVdUVWVrV0xMdjhoU0ZuVnJMeVprVUhlZTU5Z1BDeEJTaWZ5M0JVcHVtWHZ2QlYxZFdZSndhVEoxWTZXQTRVKzVUOGloZmVPNjZVS3E0WEh1NWJOZGVETDNYa1BSc2gyWThSNXVBcE1wYlp3alpiV0tVIiwiZXhwIjoxNjYzOTE0NjM0LCJzaGFyZF9pZCI6MzM5NTEwMzAzLCJwZCI6MH0.iyP610Odcv5wbUZKE6Qlzx4xBouFz6EWZtUGzEiP4_o
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0ae5bce2f0b41d7912ace450717d097a67956d958bffa1468397fee87e71d567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
X-Client-Version: 9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Release-Version: v352
Content-Type: application/x-www-form-urlencoded

Response headers

x-captcha-token: 41ee1b58eb3e43f0c4cc61148198c7e0
date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: gzip
server: nginx
x-minimal-client-version: 9
content-type: application/json
access-control-allow-origin: https://autoteka.ru
access-control-expose-headers: X-Request-Unique-Id, X-Minimal-Client-Version, X-Captcha-Token
cache-control: no-cache, private
x-envoy-upstream-service-time: 217
access-control-allow-credentials: true
x-request-id: a4b370d3-abb4-4a2b-ac3e-ee6b05418472

GET
H2 200 radar
www.avito.ru/stat/ 43 B
252 B 70ms
70ms Image
image/gif 146.158.52.24
ALFATELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avito.ru/stat/radar?data={%22p%22:%22%22,%22t%22:{%22frontend.autoteka.env.prod.hcaptcha%22:1009.3999999761581}}

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.158.52.24 , Czech Republic, ASN44546 (ALFATELECOM, CZ),

Reverse DNS

Software

QRATOR /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://pro.avito.ru/
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: QRATOR
x-frame-options: allow-from https://pro.avito.ru/
content-type: image/gif
x-envoy-upstream-service-time: 2
content-length: 43
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=995535638&t=event&ni=0&_s=1&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=captcha&ea=Hcaptcha_success&_u=aGDAAEABQAAAAG~&jid=&gjid=&cid=404330243.1663914512&tid=UA-78711947-1&_gid=699508282.1663914512&gtm=2wg9l0PKNCQ9K&z=721983797

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/report_by_ad/2547034876

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29190
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 ad_item_id_2547034876
api.autoteka.ru/preview/ Frame 0
0 58ms
58ms Preflight
application/octet-stream 146.158.54.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/preview/ad_item_id_2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop&h-captcha-response=P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiY0lrOG93dUd5bVRXMFhUZTNrdCtSNnhZNHFCZmc2MEZpSWUzT0xCMGMrS09pQUt2MUFobHQ5SjRtVWJRL1JMNzNTUVJiTXdobmdwYTNCRWJYMXB6SUpJSkY0ODVWSG9pbUVHQVdmTndZOEZZTlRmSmcvMHROeStNUnhSRVJmQUowdjBmMVAwVysvMHlmQjkyZmZzdjV4bXhyeGxFbUJWYTFQSGpyUmJOS1d4aDVXWW1MdTZlbEJ0Zmt3YlBLQ2hxM1RmMXRLYVF6Skh3MGRYWktieEFCenZWRm9Cc1k1S1BhSW1MZUNWY29CQXBHVFZrY2xVQ0U5K2pRVHhxcWpjZHZ1WUZOSTV4SjR4N1gxaUZuQXQ0Q1lGZzlhN0t3cEt3VkN1MERyZVNpSXRNZVg0WjNmbGczUXdoM2g1RWdoSlFFM2czSkFDR3pyMXFhZkFGaGxoS0VxdEkxQ01xYXR2SzJqRXVPakNmNTlEUktmRi9paWhSVEZXNjkvWjdsOGM4QzdFK05DQllEZ01LT01DSTBYbnNseWxPelRZUDhvV2JTWVRXUGc5VVBaY1FNbXovRFBlZ3F3WVlIdXBxU05yejBXTXpDOXAwd3ovcWIvUnU4MjNZYUU3NVFxQnJMUzB1eXBPRnE1MlFtanVzaFB1ZmFJemh0WGx6Q2R4TlJSRFkyc2dUWERmbGcwMlJ0RWl3YXVyZ01pUjhGNUU4Y2dvNG90b05sZTNFU3pyQWRWUjZDTU0vRExxSWRGZVI4eURXR1hGeld4ck5Pa01nWVJrenBKSURpSFhDLzRWWkQyTS9xN29iYjVmUmJ6VlNnV2srQTNCclNmSENEQjFPQUg5OVlrVE51Ym83aTV6alpZZHUrNjB1QnFUY1JuM0ZPckRjYXU1U3hTTTNXODFSczJrNHVjQXhUcVo0YWpVZjFnMkNhdVg5ZlYybzR4bHFyaWxuYUgxb1hKdHdvMFZNNXdzaXVBdkRjQk9sYjN3Q29PTlgxczlpZ0RlYXBGVlEwRjBJN3M1R0NKZGMvbXViRXFqSzlySURzeWE2L3hFV3Y5bHFRRThYVnNvbTlDLzd0Q3ZsQkRVZ0FnMUQ3SEtVbUZDNURtSU5VdFlmcXdUZHdtUXRWQ1RvQlR2VzBnU2hwZEoyL09YSjh5TG5tbC9DQTMvc1JpRlNQTEhQZ3dKdlJXTDh6Qy9QdUtZYmtrbWdFVXJzSVpYeWZLRVVFWTR0enlveUFoZTl6M3M3eHN5RmtkOTExVk4wRjdoczUxRUxhLzQrcnoycW03dGk1Zmh3VDMvbDRtM1hDcVF0QTZVN0dsd3BBRFZJYWdIS21pTGRZUkpFRHBBTFZZelRRN3dUZEpheTFpNHhieWltaUMyUm02L2NJSmxrS0RqdTRyYUJZcUMwOFhDdkE3bzR5djR4TU9nNm1kVE5Kc0tHcTVJSjdQMkwrMml4b3NHU1RGUHoyWWd2cFdPMThaSVd0c2tjQ055WlJYSGF6SjVBL3JGSW5xQWFkNnpnbEpJS1hIcUhJUGFTeVY2QzdESTJVQWVGMCtkYXNtenl0c3l3Tk1rN1BRMDVzc25MMWpBM0xpUnNoY20zUnBOdlpzdTJ5ZGtoMVVNZjZWeTZreEFkTGZHZ1N1Q2hFMnE2aWtWUWlQeTlVcHJxNW9VZ3RBcmNMOGhNNy9CdmNQYjY4ZHZxMkZVQnFsMVFDR3VMSnVSTyswRjQ1Wm9mOEtMMVZxVGtLZ09jcjM5VHJadlBaMGEyZGtUZjFhTGt1T2grSm9qOGxYdnJHZjhucEljbnVSVWE2dExMaUtHbFg0YUhicDlBUkV3d1hUMDRTMDRnNGd0NU1HaVdUVWVrV0xMdjhoU0ZuVnJMeVprVUhlZTU5Z1BDeEJTaWZ5M0JVcHVtWHZ2QlYxZFdZSndhVEoxWTZXQTRVKzVUOGloZmVPNjZVS3E0WEh1NWJOZGVETDNYa1BSc2gyWThSNXVBcE1wYlp3alpiV0tVIiwiZXhwIjoxNjYzOTE0NjM0LCJzaGFyZF9pZCI6MzM5NTEwMzAzLCJwZCI6MH0.iyP610Odcv5wbUZKE6Qlzx4xBouFz6EWZtUGzEiP4_o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.54.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-version,x-release-version
Access-Control-Request-Method: GET
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, X-Request-Unique-Id, X-Client-Version, X-Captcha-Token, X-Release-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/octet-stream
date: Fri, 23 Sep 2022 06:28:34 GMT
server: nginx

GET
H2 200 safeframe Show response
tags.fulllab.com.br/ Frame F31E 2 KB
1 KB 92ms
92ms Document
text/html 159.89.241.163
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.fulllab.com.br/safeframe

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/scripts/produto_shopdewalt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.89.241.163 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

kylebarfuss.com

Software

Resource Hash

bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 06:28:34 GMT
strict-transport-security: max-age=3600; includeSubDomains
x-content-type-options: nosniff
x-request-id: da4b02fb30732fc8be24712bbff546e7
x-runtime: 0.002572
x-xss-protection: 1; mode=block

GET
H3 200 e Show response
newassets.hcaptcha.com/i/d5ef5ba/ Frame 9B14 113 KB
114 KB 14ms
13ms Fetch
application/octet-stream 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/i/d5ef5ba/e

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/c/40e56577/hsw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1443760
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115920
last-modified: Fri, 02 Sep 2022 07:03:20 GMT
server: cloudflare
etag: "ce885833508f58ddc1f45b0d115561ea"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 74f13892ce939a09-FRA
x-amz-cf-id: RZ_LujzWHH3duxUUqLKlXzE_TGdkBSzU_JVEzaVhxIBY9RcdizHIcw==

GET
H2 200 img.gif Show response
cdn.dsspn.com/trk/ Frame A973 43 B
316 B 99ms
98ms Document
image/gif 52.54.253.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dsspn.com/trk/img.gif?px=fqj&trp=0&cb=4a922da1081836908ab0e&w=1600&h=1200&sq=false&ut=https://autoteka.ru/report_by_ad/2547034876&pop=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&popParent=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Requested by: Host: cdn.dsspn.com
URL: https://cdn.dsspn.com/trk/v1.1/pixel.min.js?c=5240ef8a-4ca3-41f4-9401-e410d0285126&e=0&n=Dewalt&cb=1663914514061&enc=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.253.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-253-41.compute-1.amazonaws.com
Software: nginx/1.23.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
content-length: 43
content-type: image/gif
date: Fri, 23 Sep 2022 06:28:34 GMT
server: nginx/1.23.1

GET
H2 200 fingerprint2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame F31E 29 KB
10 KB 34ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9392
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5c-72e4"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4CF6Vk0NSWBGRnjCYN5OYHBTHHMWHz2fb0u8voXWPD8ScCDgM5VXzMJ5c0tq%2BlzUqnereo4po0YHjVU0H2ZywytOuiL74sMwx7WRIUdOu0e76RZP8VXEwoNXb4iJXzllVoeN1VKriAENVLtgdgANAkS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74f138943c789b45-FRA
expires: Wed, 13 Sep 2023 06:28:34 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame F31E 2 KB
1 KB 31ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 701
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-653"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99DrQo7Jvulli18ZnNwC3JTOduvxcqrT3S%2FTHMVTwkhWL1thby5piTAhvd0b0Uoj807QBWgIljzeDzjAxsQZGinkZTdYFOrZ5KtBTfLR8VBGBTSSPYJFRuGdqYuqBhIpgonxVHz%2B%2FqxWqqUehrRTjbp7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74f138943c7a9b45-FRA
expires: Wed, 13 Sep 2023 06:28:34 GMT

GET
H2 200 url-tld.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ Frame F31E 4 KB
2 KB 34ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/url-tld.min.js

Requested by

Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tags.fulllab.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 925518
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-fd5"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zpkh8mPNvW3I3vF3%2FgX0%2FLp1nIyUIQsZlCR5EZKX6wKbNZ8f0zqnQByk13VamjnNcsAjtuuLclE14Nu%2Fj1dt8K6hqFng2DcVX12GAWHlFe6Ope5aIxg1XEj6%2BW5Pe51bLW3BwmdBFl34%2F2qXIOr1jvt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74f138943c7c9b45-FRA
expires: Wed, 13 Sep 2023 06:28:34 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
873 B 50ms
49ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3218827;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1663914511516/////0/2/2/2/231/59/232/294/294/296/421/1233/1269/3097/3097/;ni=9.4//4g/0/0/;detect=1;lvid=1663914512993%3A1663914514615%3A6%3Ab64b1193aae86d05044ea8299bc0cde6;opts=dl%2Cjst-gtag-ga-vk;visible=true;_=0.15142979612744756;e=RT/load;et=1663914514614

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 50ms
49ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3241169;u=https%3A//autoteka.ru/report_by_ad/2547034876;st=1663914511937;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=689ca2d061b66761;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1663914511516/////0/2/2/2/231/59/232/294/294/296/421/1233/1269/3097/3097/;ni=9.4//4g/0/0/;detect=1;lvid=1663914512993%3A1663914514615%3A7%3Ab64b1193aae86d05044ea8299bc0cde6;opts=sec%2Cdl%2Cjst-gtag-ga-vk;visible=true;_=0.7772907163169491;e=RT/load;et=1663914514614

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 59ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: x.cnt.my
URL: https://x.cnt.my/async/parser/autoteka.ru.js?r=4.03&dom=autoteka.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 06:13:26 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame A00E
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30

43 B
495 B

10ms
9ms

Image
image/gif

3.122.47.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30
Protocol: HTTP/1.1
Server: 3.122.47.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-47-104.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-xTIhY1E-8b_STsTKAqFD9lMy-s9G1oIqlx3TWQ&expires=30
Date: Fri, 23 Sep 2022 06:28:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A00E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_cm&google_hm=ay1temhkUFZFLThiX1NUc1RLQXFGRDlsTXktc190YXYzU...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_gid=CAESEAjn2Rs2noV6_kzg8KkP56A&google_cver=1&google_ula=913071,0

43 B
371 B

53ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_gid=CAESEAjn2Rs2noV6_kzg8KkP56A&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:33 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1730972
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-mzhdPVE-8b_STsTKAqFD9lMy-s_tav3Pk9PWSw&google_gid=CAESEAjn2Rs2noV6_kzg8KkP56A&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A00E
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6018882708767400161

43 B
370 B

21ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6018882708767400161

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2643432
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 48a85b4f-a5b7-4129-82b8-723060187f38
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6018882708767400161
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
r.casalemedia.com/ Frame A00E
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ&C=1

43 B
867 B

39ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f13894fc5b907c-FRA
pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIPPZ7aBeWDCWFwJdHUvScAM%2Ba1EEtkQ9K85oPFgAn47S9QadQZB%2FMSex%2BqGEDecsMZfnH7WVa292HoSFRLJR2GwVj%2FGlaB8RpC4zjlsW0ntmHiiqZsrmEC00kTv9G4r%2BSv7"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctcb1%2BY0%2FHFfyEQD9Lj7gN2iFNkDZ5%2BLbE0%2Fr5PWygTpheUiXSounYZkbA0eSRJWnz5xdVmuFs84qD5SPDZGsEuaMqk%2BQxPbqUPdA8aNtPyT4w0IYjyn3IdgIN9XY9%2FsvzsF"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-1C4EJVE-8b_STsTKAqFD9lMy-s_jPHo5P2oFEQ&C=1
cache-control: no-cache
cf-ray: 74f13894be3a9be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame A00E
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ

43 B
447 B

10ms
10ms

Image
image/gif

3.67.144.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ
Protocol: H2
Server: 3.67.144.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-144-31.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 06:28:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GfIMgFE-8b_STsTKAqFD9lMy-s9sDkQL7bp_WQ
date: Fri, 23 Sep 2022 06:28:34 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame A00E 45 B
800 B 91ms
36ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-2SWna1E-8b_STsTKAqFD9lMy-s8RZpB8OCYIKw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Fri, 23 Sep 2022 06:28:34 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 23 Sep 2022 06:28:34 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame A00E 0
885 B 43ms
10ms Image
text/html 35.159.43.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vUkcFVE-8b_STsTKAqFD9lMy-s_GelzrSrermw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.159.43.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-159-43-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame A00E 0
145 B 385ms
83ms Image
text/plain 70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-LXMiOVE-8b_STsTKAqFD9lMy-s8jj7sXvEvbEg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 06:28:34 GMT
Cache-Control: no-cache
X-TraceId: 0f016776396aae6d4dfa31fad78ac368
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A00E 0
225 B 428ms
18ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-R-bEh1E-8b_STsTKAqFD9lMy-s9y9KdKSh7hbA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:35 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame A00E 0
239 B 73ms
10ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-r1WKxVE-8b_STsTKAqFD9lMy-s-WZ9FwM2yIGQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame A00E 0
35 B 47ms
7ms Image
text/plain 18.194.140.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-3JVDUlE-8b_STsTKAqFD9lMy-s9NarSh3kOv9w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.140.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-140-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A00E 0
99 B 98ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-OKfUdlE-8b_STsTKAqFD9lMy-s8zjnnNrHsUSQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13259

GET
H2 200 um
criteo-sync.teads.tv/ Frame A00E 23 B
172 B 200ms
80ms Image
image/gif 104.96.128.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-SYYJrlE-8b_STsTKAqFD9lMy-s8PnwZdJBY-wQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-128-226.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 23 Sep 2022 06:28:34 GMT
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame A00E 37 B
140 B 34ms
8ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-F9mMblE-8b_STsTKAqFD9lMy-s89kCqNWGJFDw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame A00E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg&verify=true

0
121 B

15ms
14ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg&verify=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-P7W3KlE-8b_STsTKAqFD9lMy-s9T75DIyXfOdg&verify=true
date: Fri, 23 Sep 2022 06:28:34 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A00E 0
522 B 40ms
16ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-kFvz31E-8b_STsTKAqFD9lMy-s_qD-8g33eV7g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 06:28:34 GMT

GET
H2 200 pixel
cm.adform.net/ Frame A00E 43 B
162 B 96ms
27ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-cHK8olE-8b_STsTKAqFD9lMy-s-sClSa2ZXAWQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
last-modified: Mon, 04 Oct 2021 14:04:49 GMT
server: nginx
accept-ranges: bytes
etag: "615b0a01-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame A00E 49 B
235 B 61ms
19ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-z3QGMlE-8b_STsTKAqFD9lMy-s9ysaYEv-dmMw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame A00E
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR

42 B
942 B

33ms
33ms

Image
image/gif

52.209.70.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR

Protocol

HTTP/1.1

Server

52.209.70.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-70-49.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v042-03bacbb28.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KWPXDCEARnQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v042-05d893163.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: iBLp6NcYRRg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=23yW65GSjiQPPID3aHA-G5h3-kpc1XAR
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame A00E 43 B
1 KB 40ms
8ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-k8grLVE-8b_STsTKAqFD9lMy-s9ScI5P4kJ7mA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame A00E 43 B
220 B 142ms
29ms Image
image/gif 54.155.44.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-Pe5LP1E-8b_STsTKAqFD9lMy-s85QN4eSi4SSQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.44.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-44-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 23 Sep 2022 06:28:34 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK dsp Show response
citydsp.com/ 540 B
696 B 158ms
14ms Script
text/javascript 62.138.6.193
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://citydsp.com/dsp?h=autoteka.ru&r=0.4525140052370227
Requested by: Host: x.cnt.my
URL: https://x.cnt.my/async/parser/autoteka.ru.js?r=4.03&dom=autoteka.ru
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.138.6.193 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: astra4639.startdedicated.com
Software: nginx /
Resource Hash: f2712f9ddd2c08fcb7d7b3689bf2e4eceef92a5939ee2179673d22cc8c56b946

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A00E 0
522 B 51ms
51ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-kFvz31E-8b_STsTKAqFD9lMy-s_qD-8g33eV7g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 06:28:34 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame A00E
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vye32frB2Ey7wRuXJzqjhTIbbAsaWOeh

0
338 B

102ms
29ms

Image
text/plain

52.213.108.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vye32frB2Ey7wRuXJzqjhTIbbAsaWOeh
Protocol: H2
Server: 52.213.108.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-108-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: private, no-cache, no-store
x-request-time: D=84 t=1663914514
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=Vye32frB2Ey7wRuXJzqjhTIbbAsaWOeh
date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1432824
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame A00E 0
522 B 15ms
15ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=12438557&ext_id=k-kFvz31E-8b_STsTKAqFD9lMy-s_qD-8g33eV7g

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Thu, 22 Sep 2022 06:28:34 GMT

GET
H/1.1 200
OK start Show response
stikilo.com/ 0
294 B 39ms
9ms Script
text/javascript 104.248.36.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://stikilo.com/start?r=0.6876069333269239
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=autoteka.ru&r=0.4525140052370227
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.36.113 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:34 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK init Show response
retagro.com/ 0
294 B 203ms
11ms Script
text/javascript 85.25.203.29
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://retagro.com/init?r=0.9268887305548079
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=autoteka.ru&r=0.4525140052370227
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.25.203.29 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: static-ip-85-25-203-29.inaddr.ip-pool.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 06:28:35 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2

200

cs
s.thebrighttag.com/ Frame A00E
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EeUEwrzWhIsYFQFTJlvQU0KMcyhjCU1T

35 B
268 B

333ms
103ms

Image
image/gif

3.15.245.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EeUEwrzWhIsYFQFTJlvQU0KMcyhjCU1T
Protocol: H2
Server: 3.15.245.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-245-229.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: f3b33aa0-3b08-11ed-95af-0000ac1702fb
server: nginx
date: Fri, 23 Sep 2022 06:28:35 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=EeUEwrzWhIsYFQFTJlvQU0KMcyhjCU1T
date: Fri, 23 Sep 2022 06:28:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server: Kestrel
server-processing-duration-in-ticks: 1445393
content-length: 0
strict-transport-security: max-age=31536000; preload;

OPTIONS
H2 200 ad_item_id_2547034876
api.autoteka.ru/preview/ Frame 0
0 59ms
58ms Preflight
application/octet-stream 146.158.54.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/preview/ad_item_id_2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop&h-captcha-response=P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiY0lrOG93dUd5bVRXMFhUZTNrdCtSNnhZNHFCZmc2MEZpSWUzT0xCMGMrS09pQUt2MUFobHQ5SjRtVWJRL1JMNzNTUVJiTXdobmdwYTNCRWJYMXB6SUpJSkY0ODVWSG9pbUVHQVdmTndZOEZZTlRmSmcvMHROeStNUnhSRVJmQUowdjBmMVAwVysvMHlmQjkyZmZzdjV4bXhyeGxFbUJWYTFQSGpyUmJOS1d4aDVXWW1MdTZlbEJ0Zmt3YlBLQ2hxM1RmMXRLYVF6Skh3MGRYWktieEFCenZWRm9Cc1k1S1BhSW1MZUNWY29CQXBHVFZrY2xVQ0U5K2pRVHhxcWpjZHZ1WUZOSTV4SjR4N1gxaUZuQXQ0Q1lGZzlhN0t3cEt3VkN1MERyZVNpSXRNZVg0WjNmbGczUXdoM2g1RWdoSlFFM2czSkFDR3pyMXFhZkFGaGxoS0VxdEkxQ01xYXR2SzJqRXVPakNmNTlEUktmRi9paWhSVEZXNjkvWjdsOGM4QzdFK05DQllEZ01LT01DSTBYbnNseWxPelRZUDhvV2JTWVRXUGc5VVBaY1FNbXovRFBlZ3F3WVlIdXBxU05yejBXTXpDOXAwd3ovcWIvUnU4MjNZYUU3NVFxQnJMUzB1eXBPRnE1MlFtanVzaFB1ZmFJemh0WGx6Q2R4TlJSRFkyc2dUWERmbGcwMlJ0RWl3YXVyZ01pUjhGNUU4Y2dvNG90b05sZTNFU3pyQWRWUjZDTU0vRExxSWRGZVI4eURXR1hGeld4ck5Pa01nWVJrenBKSURpSFhDLzRWWkQyTS9xN29iYjVmUmJ6VlNnV2srQTNCclNmSENEQjFPQUg5OVlrVE51Ym83aTV6alpZZHUrNjB1QnFUY1JuM0ZPckRjYXU1U3hTTTNXODFSczJrNHVjQXhUcVo0YWpVZjFnMkNhdVg5ZlYybzR4bHFyaWxuYUgxb1hKdHdvMFZNNXdzaXVBdkRjQk9sYjN3Q29PTlgxczlpZ0RlYXBGVlEwRjBJN3M1R0NKZGMvbXViRXFqSzlySURzeWE2L3hFV3Y5bHFRRThYVnNvbTlDLzd0Q3ZsQkRVZ0FnMUQ3SEtVbUZDNURtSU5VdFlmcXdUZHdtUXRWQ1RvQlR2VzBnU2hwZEoyL09YSjh5TG5tbC9DQTMvc1JpRlNQTEhQZ3dKdlJXTDh6Qy9QdUtZYmtrbWdFVXJzSVpYeWZLRVVFWTR0enlveUFoZTl6M3M3eHN5RmtkOTExVk4wRjdoczUxRUxhLzQrcnoycW03dGk1Zmh3VDMvbDRtM1hDcVF0QTZVN0dsd3BBRFZJYWdIS21pTGRZUkpFRHBBTFZZelRRN3dUZEpheTFpNHhieWltaUMyUm02L2NJSmxrS0RqdTRyYUJZcUMwOFhDdkE3bzR5djR4TU9nNm1kVE5Kc0tHcTVJSjdQMkwrMml4b3NHU1RGUHoyWWd2cFdPMThaSVd0c2tjQ055WlJYSGF6SjVBL3JGSW5xQWFkNnpnbEpJS1hIcUhJUGFTeVY2QzdESTJVQWVGMCtkYXNtenl0c3l3Tk1rN1BRMDVzc25MMWpBM0xpUnNoY20zUnBOdlpzdTJ5ZGtoMVVNZjZWeTZreEFkTGZHZ1N1Q2hFMnE2aWtWUWlQeTlVcHJxNW9VZ3RBcmNMOGhNNy9CdmNQYjY4ZHZxMkZVQnFsMVFDR3VMSnVSTyswRjQ1Wm9mOEtMMVZxVGtLZ09jcjM5VHJadlBaMGEyZGtUZjFhTGt1T2grSm9qOGxYdnJHZjhucEljbnVSVWE2dExMaUtHbFg0YUhicDlBUkV3d1hUMDRTMDRnNGd0NU1HaVdUVWVrV0xMdjhoU0ZuVnJMeVprVUhlZTU5Z1BDeEJTaWZ5M0JVcHVtWHZ2QlYxZFdZSndhVEoxWTZXQTRVKzVUOGloZmVPNjZVS3E0WEh1NWJOZGVETDNYa1BSc2gyWThSNXVBcE1wYlp3alpiV0tVIiwiZXhwIjoxNjYzOTE0NjM0LCJzaGFyZF9pZCI6MzM5NTEwMzAzLCJwZCI6MH0.iyP610Odcv5wbUZKE6Qlzx4xBouFz6EWZtUGzEiP4_o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.54.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-captcha-token,x-client-version,x-release-version
Access-Control-Request-Method: GET
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, X-Request-Unique-Id, X-Client-Version, X-Captcha-Token, X-Release-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/octet-stream
date: Fri, 23 Sep 2022 06:28:36 GMT
server: nginx

GET
H2 200 ad_item_id_2547034876 Show response
api.autoteka.ru/preview/ 1005 B
1 KB 150ms
149ms Fetch
application/json 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL: https://api.autoteka.ru/preview/ad_item_id_2547034876?acu=MzY6fX7Xrw9CckLmgVAUUNa.ZBcSIDm.yni5FPfap7.vNlv1aWNEggaq.a4qigOZq7rGwaQolvr0WILc7lIHG8PzSA--&csAppCode=webDesktop&h-captcha-response=P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiY0lrOG93dUd5bVRXMFhUZTNrdCtSNnhZNHFCZmc2MEZpSWUzT0xCMGMrS09pQUt2MUFobHQ5SjRtVWJRL1JMNzNTUVJiTXdobmdwYTNCRWJYMXB6SUpJSkY0ODVWSG9pbUVHQVdmTndZOEZZTlRmSmcvMHROeStNUnhSRVJmQUowdjBmMVAwVysvMHlmQjkyZmZzdjV4bXhyeGxFbUJWYTFQSGpyUmJOS1d4aDVXWW1MdTZlbEJ0Zmt3YlBLQ2hxM1RmMXRLYVF6Skh3MGRYWktieEFCenZWRm9Cc1k1S1BhSW1MZUNWY29CQXBHVFZrY2xVQ0U5K2pRVHhxcWpjZHZ1WUZOSTV4SjR4N1gxaUZuQXQ0Q1lGZzlhN0t3cEt3VkN1MERyZVNpSXRNZVg0WjNmbGczUXdoM2g1RWdoSlFFM2czSkFDR3pyMXFhZkFGaGxoS0VxdEkxQ01xYXR2SzJqRXVPakNmNTlEUktmRi9paWhSVEZXNjkvWjdsOGM4QzdFK05DQllEZ01LT01DSTBYbnNseWxPelRZUDhvV2JTWVRXUGc5VVBaY1FNbXovRFBlZ3F3WVlIdXBxU05yejBXTXpDOXAwd3ovcWIvUnU4MjNZYUU3NVFxQnJMUzB1eXBPRnE1MlFtanVzaFB1ZmFJemh0WGx6Q2R4TlJSRFkyc2dUWERmbGcwMlJ0RWl3YXVyZ01pUjhGNUU4Y2dvNG90b05sZTNFU3pyQWRWUjZDTU0vRExxSWRGZVI4eURXR1hGeld4ck5Pa01nWVJrenBKSURpSFhDLzRWWkQyTS9xN29iYjVmUmJ6VlNnV2srQTNCclNmSENEQjFPQUg5OVlrVE51Ym83aTV6alpZZHUrNjB1QnFUY1JuM0ZPckRjYXU1U3hTTTNXODFSczJrNHVjQXhUcVo0YWpVZjFnMkNhdVg5ZlYybzR4bHFyaWxuYUgxb1hKdHdvMFZNNXdzaXVBdkRjQk9sYjN3Q29PTlgxczlpZ0RlYXBGVlEwRjBJN3M1R0NKZGMvbXViRXFqSzlySURzeWE2L3hFV3Y5bHFRRThYVnNvbTlDLzd0Q3ZsQkRVZ0FnMUQ3SEtVbUZDNURtSU5VdFlmcXdUZHdtUXRWQ1RvQlR2VzBnU2hwZEoyL09YSjh5TG5tbC9DQTMvc1JpRlNQTEhQZ3dKdlJXTDh6Qy9QdUtZYmtrbWdFVXJzSVpYeWZLRVVFWTR0enlveUFoZTl6M3M3eHN5RmtkOTExVk4wRjdoczUxRUxhLzQrcnoycW03dGk1Zmh3VDMvbDRtM1hDcVF0QTZVN0dsd3BBRFZJYWdIS21pTGRZUkpFRHBBTFZZelRRN3dUZEpheTFpNHhieWltaUMyUm02L2NJSmxrS0RqdTRyYUJZcUMwOFhDdkE3bzR5djR4TU9nNm1kVE5Kc0tHcTVJSjdQMkwrMml4b3NHU1RGUHoyWWd2cFdPMThaSVd0c2tjQ055WlJYSGF6SjVBL3JGSW5xQWFkNnpnbEpJS1hIcUhJUGFTeVY2QzdESTJVQWVGMCtkYXNtenl0c3l3Tk1rN1BRMDVzc25MMWpBM0xpUnNoY20zUnBOdlpzdTJ5ZGtoMVVNZjZWeTZreEFkTGZHZ1N1Q2hFMnE2aWtWUWlQeTlVcHJxNW9VZ3RBcmNMOGhNNy9CdmNQYjY4ZHZxMkZVQnFsMVFDR3VMSnVSTyswRjQ1Wm9mOEtMMVZxVGtLZ09jcjM5VHJadlBaMGEyZGtUZjFhTGt1T2grSm9qOGxYdnJHZjhucEljbnVSVWE2dExMaUtHbFg0YUhicDlBUkV3d1hUMDRTMDRnNGd0NU1HaVdUVWVrV0xMdjhoU0ZuVnJMeVprVUhlZTU5Z1BDeEJTaWZ5M0JVcHVtWHZ2QlYxZFdZSndhVEoxWTZXQTRVKzVUOGloZmVPNjZVS3E0WEh1NWJOZGVETDNYa1BSc2gyWThSNXVBcE1wYlp3alpiV0tVIiwiZXhwIjoxNjYzOTE0NjM0LCJzaGFyZF9pZCI6MzM5NTEwMzAzLCJwZCI6MH0.iyP610Odcv5wbUZKE6Qlzx4xBouFz6EWZtUGzEiP4_o
Requested by: Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),
Reverse DNS
Software: nginx /
Resource Hash: c08dedeb2fd40a91722318ad813015efab01cf5879cbb21689ca19d04aeb6a44

Request headers

accept-language: de-DE,de;q=0.9
x-captcha-token: 41ee1b58eb3e43f0c4cc61148198c7e0
Referer: https://autoteka.ru/
X-Client-Version: 9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
X-Release-Version: v352
Content-Type: application/x-www-form-urlencoded

Response headers

x-captcha-token: 41ee1b58eb3e43f0c4cc61148198c7e0
date: Fri, 23 Sep 2022 06:28:36 GMT
content-encoding: gzip
server: nginx
x-minimal-client-version: 9
content-type: application/json
access-control-allow-origin: https://autoteka.ru
access-control-expose-headers: X-Request-Unique-Id, X-Minimal-Client-Version, X-Captcha-Token
cache-control: no-cache, private
x-envoy-upstream-service-time: 87
access-control-allow-credentials: true
x-request-id: 4181a25e-efe7-4a18-846d-b30fdc016f61

GET
H2 200 d73b5e4eea480962364eac37a6a850b0.png
autoteka.ru/assets/ 1 MB
1 MB 65ms
64ms Image
image/png 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoteka.ru/assets/d73b5e4eea480962364eac37a6a850b0.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

5b671969cc42a3166b1b90a5990546af752ba5f53b861f6d4d354dc88718656e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/report_by_ad/2547034876
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: W/"d73b5e4eea480962364eac37a6a850b0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaceb299a61b2bc29b16a4b0f349b054c884010c964a7d91e789373084c50839

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1.XQgE1baNB82w9vkjtfY9GDoxs4HXR5GFgkHAgNdAkdeGRsXahhLE19NOw9XTT8LaikCX4w.KhwA2-IfvS8Z5qZXqIHk81fv2A6_BbAvv0asjYy3_Hg
04.img.avito.st/image/1/ 38 KB
38 KB 492ms
13ms Image
image/webp 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://04.img.avito.st/image/1/1.XQgE1baNB82w9vkjtfY9GDoxs4HXR5GFgkHAgNdAkdeGRsXahhLE19NOw9XTT8LaikCX4w.KhwA2-IfvS8Z5qZXqIHk81fv2A6_BbAvv0asjYy3_Hg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 32cef77cb998b8ecab4ced7550aa1b99108b1c484d7909b666c05150af414ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

avito-cache-status: MISS
date: Fri, 23 Sep 2022 06:28:37 GMT
x-img-saved-bytes: 14383
x-img-operations: convert
x-cached-since: 2022-09-22T08:03:54+00:00, 2022-09-22T20:50:28+00:00
x-id: m9-up-gc52, cec-up-gc13
alt-svc: h3=":443"; ma=600, h3-29=":443"; ma=600
content-length: 38592
x-img-origin-download-time: 42
avito-whiff: ea8958acds1bc42f94-f5f3d54c494429017b
server: nginx
vary: Origin
content-type: image/webp
length: 52975
x-img-processing-time: 44
cache-control: public,max-age=4536000
cache: HIT, HIT
x-img-origin-size: 52975
x-img-server: m9p-up-gc41
accept-ranges: bytes
timing-allow-origin: https://www.avito.ru, https://m.avito.ru

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 974da4ae96520acacaac4922f1aabefbd12cfda6d91fff5f72f5a431ce47ee77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 452 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8337321e05809487f039206ab896b88e31514baecf0592ade209382595fcd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d151bcd0a202087578dbd678615a5b0d.woff2
autoteka.ru/assets/ 34 KB
34 KB 237ms
236ms Font
font/woff2 146.158.48.32
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://autoteka.ru/assets/d151bcd0a202087578dbd678615a5b0d.woff2

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.8fe3f4c63264218a1be2.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.48.32 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

fade7cf610970143df316575f8d7d991e1fcdf561fd7d95f62fb6ea39f1ea443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/assets/vendors~index.8fe3f4c63264218a1be2.css
Origin: https://autoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 06:28:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Sep 2022 11:56:45 GMT
server: nginx
etag: "d151bcd0a202087578dbd678615a5b0d"
x-frame-options: SAMEORIGIN
content-type: font/woff2
x-envoy-upstream-service-time: 1
accept-ranges: bytes
content-length: 34812
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=995535638&t=event&ni=0&_s=1&dl=https%3A%2F%2Fautoteka.ru%2Freport_by_ad%2F2547034876&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20-%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D0%BF%D1%80%D0%BE%D0%B2%D0%B5%D1%80%D0%BA%D0%B8%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%20%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D1%8F%20%D0%BF%D0%BE%20VIN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=report_by_ad&ea=found&_u=aGDAAEABQAAAAG~&jid=&gjid=&cid=404330243.1663914512&tid=UA-78711947-1&_gid=699508282.1663914512&gtm=2wg9l0PKNCQ9K&z=1449191345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://autoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 22:22:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29192
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 json Show response
cs.avito.ru/clickstream/events/1/ 15 B
593 B 153ms
55ms Fetch
application/json 146.158.52.2
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.avito.ru/clickstream/events/1/json

Requested by

Host: autoteka.ru
URL: https://autoteka.ru/assets/vendors~index.e5415b36a4ba3fbe393c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.52.2 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://autoteka.ru/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 06:28:38 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://autoteka.ru
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Content-Type, X-Requested-With, Authorization
content-length: 15
x-xss-protection: 1; mode=block
x-request-id: 95ac6824-b7c4-460c-9332-54c69ee5f0cd

OPTIONS
H2 200 json
cs.avito.ru/clickstream/events/1/ Frame 0
0 209ms
57ms Preflight
application/json 146.158.52.2
AVITO

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.avito.ru/clickstream/events/1/json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

146.158.52.2 , Czech Republic, ASN201012 (AVITO, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://autoteka.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Requested-With, Authorization
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://autoteka.ru
content-length: 0
content-type: application/json; charset=utf-8
date: Fri, 23 Sep 2022 06:28:37 GMT
server: nginx
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
x-frame-options: SAMEORIGIN
x-request-id: 2e8dff45-4705-4f45-b8a8-572bc9b2c089
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.autoteka.ru/user/refresh-session	1970-01-20 06:55:06	Name: auth_refresh_token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSWQiOjEwNzg2MTAwMSwiZXhwIjoxNjY2NTA2NTEzLCJpYXQiOjE2NjM5MTQ1MTMsImlzcyI6ImF1dG90ZWthLXBhc3Nwb3J0In0.lkpfzEojZxyzcidDYU2i1Kv8c9mXB1f0wwsxBn90y6k
.flocktory.com/	1970-01-20 15:47:54	Name: __flocktory-web_session2 Value: f8f5dcd1-bd92-4f7a-a6950849231b8439
.autoteka.ru/	1970-01-20 08:21:30	Name: _gcl_au Value: 1.1.1857695860.1663914512
.autoteka.ru/	1970-01-20 15:47:54	Name: _ga Value: GA1.2.404330243.1663914512
.autoteka.ru/	1970-01-20 06:13:20	Name: _gid Value: GA1.2.699508282.1663914512
.autoteka.ru/	1970-01-20 06:11:54	Name: _gat_UA-2546784-18 Value: 1
.autoteka.ru/	1970-01-20 06:11:54	Name: _dc_gtm_UA-78711947-1 Value: 1
.adhigh.net/	1970-01-20 14:57:30	Name: gi_u Value: P1VY5iUAZ7f.AikABlGDaQiQGQ
.rutarget.ru/	1970-01-20 10:31:06	Name: userId Value: TiEuc1IoezyU
.adhigh.net/	1970-01-20 14:57:30	Name: bidvol_sync Value: jd2
.autoteka.ru/	1970-01-20 06:11:54	Name: _gat_UA-78711947-1 Value: 1
.vk.com/	1970-01-20 14:59:10	Name: remixlang Value: 6
.vk.com/	1970-01-20 14:57:30	Name: remixstlid Value: 9110299559528982082_oOFvz4KA3TE15pIWVf8zInUo9dvamMzUiUPh27WfWq0
.doubleclick.net/	1970-01-20 15:33:30	Name: IDE Value: AHWqTUmFZeYWkfw0Ix6gdVUmfURCZKqi8CC7vxHqXpu1TVymmNIXQI4Hj0H1H81x
.autoteka.ru/	1970-01-20 14:11:25	Name: tmr_lvid Value: b64b1193aae86d05044ea8299bc0cde6
.autoteka.ru/	1970-01-20 14:11:25	Name: tmr_lvidTS Value: 1663914512993
.autoteka.ru/	1970-01-20 08:21:30	Name: _fbp Value: fb.1.1663914513026.1421370283
.autoteka.ru/	1970-01-20 06:55:06	Name: advcake_track_id Value: 67dd67f9-7156-102d-a536-2db85b0941ec
.autoteka.ru/	1970-01-20 06:55:06	Name: advcake_session_id Value: f5427969-8e54-4819-3304-06c7ce36e775
.autoteka.ru/	1970-01-20 06:13:20	Name: f Value: 5.fc132e078fcae6c036b4dd61b04726f12da10fb74cac1eab2da10fb74cac1eab2da10fb74cac1eab2da10fb74cac1eab2da10fb74cac1eab0df103df0c26013a7b0d53c7afc06d0b2ebf3cb6fd35a0ac0df103df0c26013a8b1472fe2f9ba6b984dcacfe8ebe897b177ffca5d5bd045d0f7bd04ea141548c78ba5f931b08c66ad9d800dbc25339280df103df0c26013a3c02ea8f64acc0bd2da10fb74cac1eabf0c77052689da50ddc5322845a0cba1aba0ac8037e2b74f92da10fb74cac1eab2da10fb74cac1eab2da10fb74cac1eabf722fe85c94f7d0c2ebf3cb6fd35a0ac6f89ca2574973a900c79affd4e5f1d11162fe9fd7c8e9767fc22a229e333d1b6473bc584ad6397995e61d702b2ac73f7761183d20406dffdefb5597910d5eb0a5c1fe0520b21a4f4959444dfa956f00171e7cb57bbcb8e0f0df103df0c26013a0df103df0c26013aafbc9dcfc006bed9d7fb59d404eae758e45f20f9082492bb3de19da9ed218fe23de19da9ed218fe28bd4d87965ec045cae5d2e524e5bd6c0
autoteka.ru/	1970-01-20 06:13:20	Name: tmr_detect Value: 1%7C1663914513072
.criteo.com/	1970-01-20 15:33:30	Name: uid Value: 18b8d2ed-ba34-4bc2-906d-94b1f9baf9e9
ssp.bidvol.com/	1970-01-20 15:47:54	Name: bvuid Value: lqb2h1lxm2
.autoteka.ru/	1970-01-20 06:13:20	Name: ft Value: "oWPQqlxEGFU3WnEpWSN13oveQO7rbVD5FOWSjMKKN79HjXr6zJ9l8uWZ6RqcNzH6pGwOH485LngxJa3Xgjr2m6J9O88HqF0IobrBVTME3atmmBqiSoqp6aocpHjQvkffozPFzhbQS41y6tBtG4hQbkGPgeF6TtGfmTI/LrXAUbdvfFdcsMNI0ZYYaGv2eRh4"
autoteka.ru/	1970-01-20 14:11:25	Name: flocktory-uuid Value: b2172758-044a-4cb6-a1c1-8d478fbaedf6-2
.cnt.my/	1970-01-20 14:57:30	Name: xcntID Value: y2a9966491912347c4
.rutarget.ru/	1970-01-20 06:32:04	Name: sync_fc821051ae5abea671f7ac556f1ea647 Value: TiEuc1IoezyU\|1663914513229
.rutarget.ru/	1970-01-20 06:32:04	Name: sync_ec8bf516fafa51927e71233e18e82503 Value: TiEuc1IoezyU\|1663914513229
.rutarget.ru/	1970-01-20 06:32:04	Name: sync_d7a14e30636d52e10b35d10c02578019 Value: TiEuc1IoezyU\|1663914513229
.rutarget.ru/	1970-01-20 06:32:04	Name: sync_71c015090a068e09460994346a52bdbb Value: TiEuc1IoezyU\|1663914513229
.rutarget.ru/	1970-01-20 06:32:04	Name: sync_ed520c87f21ee38ff11b31d0089e3dc0 Value: TiEuc1IoezyU\|1663914513229
.autoteka.ru/	1970-01-20 06:11:56	Name: auth_access_token Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJTZXNzaW9uSWQiOjEwNzg2MTAwMSwiVXNlcklkIjpudWxsLCJBdXRoZW50aWNhdGVkIjpmYWxzZSwiRGV2aWNlSWQiOm51bGwsImV4cCI6MTY2MzkxNjMxMywiaWF0IjoxNjYzOTE0NTEzLCJpc3MiOiJhdXRvdGVrYS1wYXNzcG9ydCJ9.HDIjEKyxKXbRTVW_91db6ABOK1hhQ2F-FmZBNMj4UU9DIRHHSuTSPPEn1hYcKOWKTHNgRBqscZ0PFKxeM-gxS3lRlxne6-_Z3Fgtp2Do_IrcLSshKjmiSsw1HlVGWVtgIsYKVzGh1G1JJHNwO6pMKzxIM5s8c4GItWIKIOFNrbCpdshf1RacWlzCRAk35cuG48fAscDFZF0ePylGz4cov4Zwy-YQ5UCRoEcCxFJNLTvzrCEkW_Ml-nRfxqyD56nyG2O1PZumriW8FgjNXIxl2XDZrJVGBn0-7fdI2GWOnuRijC9g9hW4w68dEmhdmMljFi8qWjxp7MaTbpPUeYhSLg
.autoteka.ru/	1970-01-20 14:57:30	Name: u Value: f42b3910-e5ef-49f8-a298-1f4f43c39d39
.betweendigital.com/	1970-01-20 14:57:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:57:30	Name: tuuid Value: 0e2704f9-594c-520a-b5e3-5d85d6ce0f94
.betweendigital.com/	1970-01-20 14:57:30	Name: ss Value: 1
.exchange.buzzoola.com/	1970-01-20 06:55:06	Name: uuid Value: c7c4549b-f45c-447e-5596-57a1b4d9468d
.adriver.ru/	1970-01-20 15:47:54	Name: cid Value: AHrrCTQyNh8CP6poNrv-heA
.gdeslon.ru/	1970-01-20 10:31:06	Name: userId Value: s%3Ada12f8ef-4323-4b5e-9fc1-2f6ee5214ec1.fMOOKiyIE839dp%2FmIqtVUbtOlkkWCbLfBZVzx2k6dNo
.gdeslon.ru/	1970-01-20 10:31:06	Name: uidAge Value: s%3A1663914513304.osFXypcmYMsPfOEhRt92tqLRcLUXzC%2FoVSfbqEVRcdQ
.content.adriver.ru/	1969-12-31 23:59:59	Name: sd Value: 1
.content.adriver.ru/	1970-01-20 06:11:54	Name: rs Value: 1
.betweendigital.com/	1970-01-20 14:57:30	Name: ut Value: Yy1SEQAFZtDpVG1Rvt_kf3TVcvpp6VmU4DA3sw==
.autoteka.ru/	1970-01-20 15:41:18	Name: cto_bundle Value: azs8Fl9xY240eEVOaWZST1hGRiUyRkdjYiUyRmUlMkZoUWFYQ0V4a2xBSGN0b05xWXl3TXMlMkZUc253UEN3THV6em15S0U3UWlJd0RWNm1NcFRZZzBrck52aHVVU3FBdnZOczBhZkpXaW1yY0hLQzBvWjBwTnBYbGRtWEdLSnFYMGkyUUE2VHI2N0pGMWJpbjJYT3glMkZvdE9RbFdGeW5KUnZRJTNEJTNE
.autoteka.ru/	1970-01-20 06:12:37	Name: adrdel Value: 1
.autoteka.ru/	1970-01-20 15:47:54	Name: adrcid Value: AHrrCTQyNh8CP6poNrv-heA
.autoteka.ru/	1970-01-20 10:31:06	Name: gdeslon.ru.__arc_domain Value: gdeslon.ru
.autoteka.ru/	1970-01-20 10:31:06	Name: gdeslon.ru.user_id Value: da12f8ef-4323-4b5e-9fc1-2f6ee5214ec1
.mts.ru/	1970-01-20 15:47:54	Name: mts_id Value: 87b2fcff-f945-41f8-abac-f8ad35f58bb8
.mts.ru/	1970-01-20 15:47:54	Name: mts_id_last_sync Value: 1663914513
.weborama.fr/	1970-01-20 15:37:49	Name: AFFICHE_W Value: Onlz518S@rw698
.yandex.ru/	1970-01-20 15:47:54	Name: yuidss Value: 3928407411663914513
.yandex.ru/	1970-01-20 15:47:54	Name: yandexuid Value: 3928407411663914513
cdn.dsspn.com/	1970-01-20 06:55:06	Name: uid Value: ff15a2c1-b5a3-4d6f-bce8-b6952077a923
cdn.dsspn.com/	1970-01-20 06:55:06	Name: fqj_mb Value: 99c069a2-2183-4710-8b17-d240767e3b67
cdn.dsspn.com/	1970-01-20 06:55:06	Name: fqj_mbn Value: 9e5bfd7b-21e4-4d69-b138-7cc1ea25b3e2
.autoteka.ru/	1970-01-20 14:11:25	Name: tmr_reqNum Value: 7
.mail.ru/	1970-01-20 14:58:56	Name: VID Value: 2SXakX17j4IC00000h1ML4IC:::0-0-0-847aad1:CAASEM1a_jze_xp5hDuDZqyA_s4aYAiVhMjklx75v6G7fIs1k6Zo8gouJEZGcjjADayOfz1Y0msA5hiCzYvt-IDZxSAL2e5IxzpqrI1_bwFRpKjKJCqzxpMAbQIl5Uga_39bP3XDoMpY96pYTPgpCdUrVvuT9Q
exchange.mediavine.com/	1970-01-20 06:32:04	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22f3569bb0-3b08-11ed-93db-9772045e45c9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:04	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f3569bb0-3b08-11ed-93db-9772045e45c9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:04	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22f3569bb0-3b08-11ed-93db-9772045e45c9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:04	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f3569bb0-3b08-11ed-93db-9772045e45c9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 06:32:04	Name: criteo Value: %7B%22id%22%3A%22k-vUkcFVE-8b_STsTKAqFD9lMy-s_GelzrSrermw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/	1970-01-20 14:57:30	Name: CMID Value: Yy1SEqfWZ8BS0fznMigl2wAA
.casalemedia.com/	1970-01-20 08:21:30	Name: CMPS Value: 5145
.casalemedia.com/	1970-01-20 08:21:30	Name: CMPRO Value: 5145
.adnxs.com/	1970-01-20 08:21:30	Name: uuid2 Value: 6018882708767400161
.media.net/	1970-01-20 14:57:30	Name: visitor-id Value: 3069161148174089000V10
.media.net/	1970-01-20 06:55:06	Name: data-c-ts Value: 1663914514
.media.net/	1970-01-20 06:55:06	Name: data-c Value: k-2SWna1E-8b_STsTKAqFD9lMy-s8RZpB8OCYIKw~~3
.bidswitch.net/	1970-01-20 14:57:30	Name: tuuid Value: 752feeab-132f-4a85-83b3-6e583ef4a5d2
.bidswitch.net/	1970-01-20 14:57:30	Name: c Value: 1663914514
.bidswitch.net/	1970-01-20 14:57:30	Name: tuuid_lu Value: 1663914514
.360yield.com/	1970-01-20 08:21:30	Name: tuuid Value: 86796020-2cea-4c8e-a246-4b3676009024
.360yield.com/	1970-01-20 08:21:30	Name: tuuid_lu Value: 1663914514
.fulllab.com.br/	1970-01-20 14:57:30	Name: language Value: en-US
.fulllab.com.br/	1970-01-20 14:57:30	Name: screenResolution Value: 1600%3B1200
.fulllab.com.br/	1970-01-20 14:57:30	Name: timezone Value: Etc/Unknown
.fulllab.com.br/	1970-01-20 14:57:30	Name: platform Value: Win32
.fulllab.com.br/	1970-01-20 14:57:30	Name: adBlock Value: true
.fulllab.com.br/	1970-01-20 14:57:30	Name: fp Value: d82949a03fe227b3ad01670de787e88f
.fulllab.com.br/	1970-01-20 14:57:30	Name: lastUrl Value: https://autoteka.ru/
.fulllab.com.br/	1970-01-20 14:57:30	Name: lastVisit Value: 1663914514730
.casalemedia.com/	1970-01-20 08:21:30	Name: CMTS Value: 1182
.360yield.com/	1970-01-20 08:21:30	Name: um Value: !38,f4-C.hAL8-EBPuMFSrT9BsEkAScyzJrszz8GHmID-ddPgiYp7BIqEFkk3K2Ikk5-4DdYN-z3,1671690514
.360yield.com/	1970-01-20 08:21:30	Name: umeh Value: !38,0,1726122514,-1
.yieldlab.net/	1970-01-20 14:57:30	Name: id Value: ae10752a-ddae-4afc-a5b9-2af3ef41547f
.id5-sync.com/	1970-01-20 06:11:54	Name: cf Value:
.id5-sync.com/	1970-01-20 06:11:54	Name: cip Value:
.id5-sync.com/	1970-01-20 06:11:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 06:11:54	Name: car Value:
.id5-sync.com/	1970-01-20 06:11:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 06:11:54	Name: callback Value:
.demdex.net/	1970-01-20 10:31:06	Name: demdex Value: 54863301232146039411012246623454438780
.dpm.demdex.net/	1970-01-20 10:31:06	Name: dpm Value: 54863301232146039411012246623454438780
.yahoo.com/	1970-01-20 14:57:52	Name: A3 Value: d=AQABBBJSLWMCEK6rctFxia0lm7ULQZj4GkMFEgEBAQGjLmM3YwAAAAAA_eMAAA&S=AQAAAlDsnivQhnboLyRhZHFffvo
citydsp.com/	1970-01-20 10:31:06	Name: userId Value: 8068018216
.analytics.yahoo.com/	1970-01-20 14:57:30	Name: IDSYNC Value: 18zh~27bi
.krxd.net/	1970-01-20 10:31:06	Name: _kuid_ Value: PGH24e8i

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.fullstory.com/s/fs.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04.img.avito.st
8732814.fls.doubleclick.net
ad.360yield.com
ad.adriver.ru
ad.mail.ru
ad.yieldlab.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
api.autoteka.ru
api.flocktory.com
autoteka.ru
beacon.krxd.net
c.webecyzo.com
cdn.dsspn.com
cdn.rutarget.ru
cdnjs.cloudflare.com
citydsp.com
clicks.gdeslon.ru
cm.adform.net
cm.g.doubleclick.net
code.acstat.com
connect.facebook.net
content.adriver.ru
contextual.media.net
criteo-sync.teads.tv
cs.avito.ru
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.buzzoola.com
exchange.mediavine.com
fonts.gstatic.com
fullstory.com
gdeslon.ru
googleads.g.doubleclick.net
gum.criteo.com
hcaptcha.com
hit.acstat.com
ib.adnxs.com
id5-sync.com
m.webecyzo.com
match.sharethrough.com
mug.criteo.com
newassets.hcaptcha.com
pixel.rubiconproject.com
px.adhigh.net
r.casalemedia.com
retagro.com
s.thebrighttag.com
simage2.pubmatic.com
sslwidget.criteo.com
ssp.bidvol.com
static.criteo.net
static.indoleads.com
stats.g.doubleclick.net
stikilo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tag.rutarget.ru
tags.fulllab.com.br
tags.soloway.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
ups.analytics.yahoo.com
visitor.omnitagjs.com
vk.com
webecyzo.com
wf.frontend.weborama.fr
www.artfut.com
www.avito.ru
www.facebook.com
www.fullstory.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.cnt.my
104.16.168.131
104.16.169.131
104.18.19.126
104.248.36.113
104.96.128.226
138.201.230.88
141.226.228.48
141.95.98.64
142.250.185.134
142.250.186.130
146.158.48.32
146.158.52.2
146.158.52.24
146.158.54.32
147.75.40.150
159.69.11.17
159.89.241.163
172.217.20.2
176.9.0.57
178.250.0.163
178.250.2.146
178.250.2.151
18.156.0.31
18.194.140.105
185.255.84.153
185.64.190.80
185.89.210.180
188.42.191.196
188.72.107.156
193.232.148.141
195.209.108.36
2.18.235.93
212.41.26.238
213.87.44.187
2606:4700:20::681a:16d
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
2a00:1450:400d:807::2002
2a00:1450:400d:80d::2004
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a03:90c0:e1:2801::254
2a05:d014:275:cb01:2ef6:2f8a:9434:a758
2a06:98c1:3121::c
3.122.47.104
3.15.245.229
3.67.144.31
34.117.176.229
35.159.43.206
37.157.5.142
52.209.70.49
52.213.108.198
52.51.157.173
52.54.253.41
54.155.44.87
62.138.6.193
65.108.1.48
69.173.144.165
70.42.32.127
76.223.111.18
83.222.14.88
85.25.203.29
87.240.132.78
88.198.31.232
88.212.240.204
95.163.52.67
95.213.212.138
96.16.132.239
044fd168bc93267aa053c1be6d3a94431f740a27e77edb8b2e25017418400e60
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0ae5bce2f0b41d7912ace450717d097a67956d958bffa1468397fee87e71d567
104a835780464f08e74c105f4ebaaf7bb6719c768e7ee88f63aa9ef5cd23cd4c
10c6a4b9c87b756f6abfacbea865182bf776c059b119325e6c62b642639adb94
18c79eaee0d752cb9e548825e24077a8253aa5fc01506d98db1a958cea7f3a93
1b1764e757d8aab3ed543ad4a2b87e8b21daecaca51b2f74a0cdaad034bc4471
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28851541b3a023a58f28e1efa2c5c9c7026b1f43cf834d1c33186ec97b44948e
28aaed465e04c007f9c53a765bc41f24e4608283a86421eb0387c841d953c682
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
30d31eb6c11df6156d1a8616666104c6d44a53c1b0a8e1b5e09ad693836cface
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cef77cb998b8ecab4ced7550aa1b99108b1c484d7909b666c05150af414ccb
3630f131fd4551b71bd7b4f3408c5a622f8b070143b5fcf77dffa91f497371b7
38b08a0d277379ff6536a37e9b7018578af968eaab09b903ca6dee7cd5e7f4bb
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b3358f61f40aab39fdb13bf6dba1ec04db9943bf2150fa6ce95874fa744fad5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
477b6b9e4dfe875116e1270260a9b72a9a61dc4aad9fa426b114d6b58aadb5f8
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4dfde90ab9fc788d1932b954f87916fcb01e944eb198daf18ee111481f18447b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e626cb80c06ed2f4560b3b4fef501c83d601fde61cd7cc507d77d47c916f06b
53fcd03678da874f6e907536b7d0fa69e2c42b46cbda5e65d2803210362fcdca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561c579d66ced3002754404f18100a5b84c2b6fb62ad20dbc9d0c290a65ac712
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
59f04170f4de211127f937d1bb8f981af05c84ee439fc5fce416b649ee4d86e9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b671969cc42a3166b1b90a5990546af752ba5f53b861f6d4d354dc88718656e
5bc9976474ea422a1932ccdd57b2027b164ab6b09aa64f15944ef13e1b2f165d
5fca8d67bb1c8bb91deeec9ed4fdb7e24c039c0b83a6fbee5d8816ed5ae8ea3b
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
67542cf6e5a34dbf09c00a9e07230ddec97a540e32999e84c1727a95184185fd
6b1895f596ca0165013c73cba2d68a9281cc79a14a429f92d008ce87df7aee7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf0be75ee6b45f74209f67d82bb0e82e385f8fe08202d84c53c70a97b74c40d
758698d3f2de94176d3827cd680590028c87af424ce7a789262d270ab975fe37
7b2195aeeebb6d9585dcbbc008d73017abe6354a15205c034bc4e9452a8e5d1e
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
81542b5f3416e9082a5c0d8214a44632de8408e34e371bb7dd73cc28d1127c03
81a72f16e5c0d24e611348bcbf82a36d1068af3bdcd1e718ef8140fc5a76cb8c
81dafe581603f78ca0b9924c62a31577ba7bbaf555ea422e8eb36595d237d26a
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8773c627564a195321c61b6a2fd52735d400d97c0441930676032eb8ee673020
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8ade170cf0041bf13a21f2611cc44e2518bb6533c16b6019f79d925e882941be
8d96fc3098fe72f0eb919c49a0fb7f6ffc5f24c3ea8f7f4d2b6181266a612669
8fbacd5457d319e728d6119c483dcc9faf6df9e75a74f8e2fedbdb12c4272414
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
96019c123ff386c5f51cff4120c1d50973af914b57cf31f1157012296e1958ec
974da4ae96520acacaac4922f1aabefbd12cfda6d91fff5f72f5a431ce47ee77
97f265effdab3ceb6e8927306982e06c89e6e2d0299504939ea114a226011900
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
984e86a3e3cd3a1e31725424167e790fb2fb26a7b646a83fa4a446e128fbe1fb
9de8a7c4eb0310d597c3cbbb76a3e2c53dc4714527f23aae5a9d980fc13da651
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ffef3f2e9efc1e758bb019d82ed23650cdead9f383f263f38e77c9b98dcd805
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
abac79f348b92739c86d1f99535c73904e7e4c99522f04e7942402f08a78226b
acb5e50cd57ddb2bdc61c96c7b67be12f9c31c30512302b1f972515f1498f055
ad2973457e9e9573b2f3de433093041633f2d74ee37657cdc2f1af51a8a383b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1444be514e20cdb4b0851bede140f21487b5a28738f64184a5433dfa2d51e79
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c08dedeb2fd40a91722318ad813015efab01cf5879cbb21689ca19d04aeb6a44
c273b2f583a5abb824f667c86a612f687648a9f3cae9b08562fe58f6857ec581
c3423e2830e0e8512380b5995774e5d31c763daf4acf434d145a6c2e2fbbfa35
c3991576ad70ec6115f1063429038a0646e72069721373db2ee4810cb905fa1b
c5f4815aa1b87b678411fa4425452198c3c68e3915b86036d6daacba5e96b822
ca890ea24699e3b3fc11e8b84c5c3c210d7ce9ba5245cd9dba1d42f13ec7ff07
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00201ae13d8cea6e4a1954cc8702b65d5a741f5cb5cfa81d13444f754c2cb82
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d8337321e05809487f039206ab896b88e31514baecf0592ade209382595fcd7f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e00397129d5c9f4de2565731d60bc0120d1fe4dc78bf0b5cc9ea8c6571e27052
e0bb484dcb65beebef4e8d6068a833171c89c3ce775b733c44f3fcd3dc1bfb64
e18a390d278e08cbefab99a8b3b69f83f9c9bb370a9e44c2e7c6d061164a4173
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51dfc7c1542fba9c99daefb88e311270c7c295864444f89f693d6b67f8360c8
e5adc8ce948c577670bbaa0c4279054fccb8c377e7e884bb7af780f1c970ae8f
eaceb299a61b2bc29b16a4b0f349b054c884010c964a7d91e789373084c50839
eeff1647602fb158a6a1cb49291aae8951e981b9bb247543ad5af130bef49fdc
ef055f93fe235455ea274ea6315bde67c45b4f607bd477532f5f141cb6abb335
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef319448b98ad4c9a0e9a6a8a09f0c2e79ed7479e94a652929bfe6608defd128
ef8c25a61ce9e95b88fb68bf0a2cf22f478ce02a5da92c3708d9bd317add3e08
f13f4ed673e0842319f91d3ae31f9927ade2ecd5f024a550c8f5d6f43c5e4b21
f1b88f429e0878e43e76be34e0dba0debe8b60a4883851de1645f0e57456d21e
f21c876ba71456aa308e62cd182e4c810aa5e24610a72f7214dd4e3b83240dc9
f2712f9ddd2c08fcb7d7b3689bf2e4eceef92a5939ee2179673d22cc8c56b946
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
f3e974f42bddaac647ada00e08552cec3c12f9e45c733bed6d06f3e83f8368a7
f4e8d694198c9e7b1dcfee6996eb2b4224249768d895cb0d80e3a403bb6b6d9e
f6b1300d909d9777dd97614dc1778aaa570ea95e65a9d63958c716f599b8f400
f7839bbae6b196e12e70f4c5d8002344445438909d8d6bd1e804fec386a40c0e
f891f5cede4cb5c8f7df3c9dc664170ea071212c8547a00c406788f45606b797
fa89678f03c1fc289960e153a88c7cd6b2284bea7f5e09121f699c83a30c071a
fade7cf610970143df316575f8d7d991e1fcdf561fd7d95f62fb6ea39f1ea443
fdc219c419b103c97dd30b669a712cd3cd260096428050f5407ccb2bf4691c1e

autoteka.ru Open in urlscan Pro 146.158.48.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

169 Requests

89 %HTTPS

27 %IPv6

64 Domains

84 Subdomains

77 IPs

14 Countries

5705 kBTransfer

11754 kBSize

99 Cookies

0 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

autoteka.ru Open in urlscan Pro
146.158.48.32 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

89 %
HTTPS

27 %
IPv6

64
Domains

84
Subdomains

77
IPs

14
Countries

5705 kB
Transfer

11754 kB
Size

99
Cookies

169 HTTP transactions
11 data transactions