www.eg.ru Open in urlscan Pro
91.215.42.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eg.ru/
Effective URL:
https://www.eg.ru/
Submission: On September 30 via api (September 30th 2022, 10:23:01 am UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 18 domains to perform 88 HTTP transactions. The main IP is 91.215.42.34, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is www.eg.ru. The Cisco Umbrella rank of the primary domain is 486884.
TLS certificate: Issued by R3 on September 19th 2022. Valid for: 3 months.

This is the only time www.eg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	91.215.42.34 91.215.42.34	57724 (DDOS-GUARD) (DDOS-GUARD)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1 6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:400a:808::200a	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
6	135.181.170.67 135.181.170.67	24940 (HETZNER-AS) (HETZNER-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 3	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
88	25

11 91.215.42.34 (Russian Federation) 2 redirects

ASN57724 (DDOS-GUARD, RU)

eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:808::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 135.181.170.67 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: eg.ru

s6.cdn.eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.cdn.eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.cdn.eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s5.cdn.eg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	413 KB
17	eg.ru 2 redirects eg.ru — Cisco Umbrella Rank: 434649 www.eg.ru — Cisco Umbrella Rank: 486884 s6.cdn.eg.ru s3.cdn.eg.ru s4.cdn.eg.ru s5.cdn.eg.ru	318 KB
9	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1420 an.yandex.ru — Cisco Umbrella Rank: 2395 mc.yandex.ru — Cisco Umbrella Rank: 3687	174 KB
8	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	50 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9776	3 KB
6	gstatic.com fonts.gstatic.com	111 KB
6	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 6465	137 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
4	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 9862	380 B
3	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 11047	1 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 9682	16 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6301 adservice.google.de — Cisco Umbrella Rank: 8962	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9240	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	44 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	641 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 663	29 KB
88	18

	Domain	Requested by
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
9	www.eg.ru	www.eg.ru
8	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	mc.yandex.com	2 redirects www.eg.ru mc.yandex.ru
6	fonts.gstatic.com	fonts.googleapis.com
6	an.yandex.ru	yastatic.net
6	yastatic.net	1 redirects yastatic.net
4	ads.adfox.ru	www.eg.ru
3	www.google.com	1 redirects www.eg.ru tpc.googlesyndication.com
3	s5.cdn.eg.ru	www.eg.ru
3	www.tns-counter.ru	1 redirects www.eg.ru
3	top-fwz1.mail.ru	www.eg.ru
2	www.google-analytics.com	www.eg.ru www.google-analytics.com
2	mc.yandex.ru	1 redirects www.eg.ru
2	counter.yadro.ru	1 redirects www.eg.ru
2	fonts.googleapis.com	www.eg.ru tpc.googlesyndication.com
2	eg.ru	2 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.eg.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	s4.cdn.eg.ru	www.eg.ru
1	s3.cdn.eg.ru	www.eg.ru
1	s6.cdn.eg.ru	www.eg.ru
1	yandex.ru	www.eg.ru
1	code.jquery.com	www.eg.ru
88	29

This site contains links to these domains. Also see Links.

Domain
ok.ru
vk.com
twitter.com
www.youtube.com
t.me

Subject Issuer	Validity	Valid
eg.ru R3	`2022-09-19` - `2022-12-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
hetzner.eg.ru R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.eg.ru/
Frame ID: E80889DF51C6453CCA866B87B65939D4
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 4632BF32CFC64EC91059F75A6FE5C905
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&adk=1812271804&adf=3025194257&lmt=1664533376&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eg.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376400&bpp=2&bdt=1303&idt=238&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3212553474751&frm=20&pv=2&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 71AC34ED131B7B30F636F7E27EBC8704
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7988176190403420&output=html&h=280&slotname=3749275189&adk=26332176&adf=535280045&pi=t.ma~as.3749275189&w=1200&fwrn=4&fwrnh=100&lmt=1664533376&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.eg.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376413&bpp=2&bdt=1316&idt=247&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3212553474751&frm=20&pv=2&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2cd2ppsH4E&p=https%3A//www.eg.ru&dtd=251
Frame ID: BB15369A3E8CA3D4AB026C5EF0760E06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&h=400&slotname=4803119637&adk=3972513772&adf=1527034601&pi=t.ma~as.4803119637&w=240&lmt=1664533376&format=240x400&url=https%3A%2F%2Fwww.eg.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376477&bpp=1&bdt=1380&idt=194&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3212553474751&frm=20&pv=1&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x7IeHRJpSz&p=https%3A//www.eg.ru&dtd=197
Frame ID: EB0D2B75DEC33C83672BE067092D472F
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: B282778F84E7B8603A8BECBF119E2DE2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 114D0B5FB711C00E96CCAF85A347E035
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E11DF42BCC5D9208B57F01D842E3E3C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED38006AE93B274231C13E10ED5560FD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Экспресс газета — новости, эксклюзив, истории

Page URL History Show full URLs

http://eg.ru/ HTTP 301
https://eg.ru/ HTTP 301
https://www.eg.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

94 %
HTTPS

83 %
IPv6

18
Domains

29
Subdomains

25
IPs

7
Countries

1320 kB
Transfer

3565 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ok.ru/egazeta

Search URL Search Domain Scan URL

URL: https://vk.com/egonline

Search URL Search Domain Scan URL

URL: https://twitter.com/ExpressGazeta

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkr3EyngKYzpKb366cP9NNQ

Search URL Search Domain Scan URL

URL: https://t.me/egonline

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eg.ru/ HTTP 301
https://eg.ru/ HTTP 301
https://www.eg.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 27

https://counter.yadro.ru/hit;Forvard_Media?r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%2C%20%u044D%u043A%u0441%u043A%u043B%u044E%u0437%u0438%u0432%2C%20%u0438%u0441%u0442%u043E%u0440%u0438%u0438;0.24676072320620723 HTTP 302
https://counter.yadro.ru/hit;Forvard_Media?q;r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%2C%20%u044D%u043A%u0441%u043A%u043B%u044E%u0437%u0438%u0432%2C%20%u0438%u0441%u0442%u043E%u0440%u0438%u0438;0.24676072320620723

Request Chain 48

https://www.tns-counter.ru/V13a***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598

Request Chain 56

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9777.5fFiA6beVnLtr76c4HovxIn0R7HxTJVNQYKv8q-gWQEWqFNm4y3wKZZmHL2DUxMO.P63xYs9--8zg6OWmNs1EsvbJULM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9777.i0T1-enevmDp9-1uZitt1eVeCK3ABUbTLc3OH54RWK9fvUfC_piRuKKMlK0-yfy60zwq9AqOkUFDvDK0jbF_iAlFo3J7AkQWkgl9cMMrf84%2C.wst6o_SEs27m489B6y4Lq0yY_hs%2C

Request Chain 64

https://mc.yandex.com/watch/10525402?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A982854072930%3Ahid%3A829089935%3Az%3A0%3Ai%3A20220930102256%3Aet%3A1664533376%3Ac%3A1%3Arn%3A860089551%3Arqn%3A1%3Au%3A1664533376477050429%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C71%2C61%2C300%2C0%2C%2C801%2C3%2C%2C%2C%2C1293%3Acpf%3A1%3Ans%3A1664533374657%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664533377%3At%3A%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/10525402/1?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A982854072930%3Ahid%3A829089935%3Az%3A0%3Ai%3A20220930102256%3Aet%3A1664533376%3Ac%3A1%3Arn%3A860089551%3Arqn%3A1%3Au%3A1664533376477050429%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C71%2C61%2C300%2C0%2C%2C801%2C3%2C%2C%2C%2C1293%3Acpf%3A1%3Ans%3A1664533374657%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664533377%3At%3A%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

88 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eg.ru/
Redirect Chain

http://eg.ru/
https://eg.ru/
https://www.eg.ru/

139 KB
27 KB

130ms
71ms

Document
text/html

91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

88c5bf4a816112f4f4af24bb5d0ade55f88504de8c8bf613759ee0b486830297

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 30 Sep 2022 10:22:55 GMT
htmlcache: 0
server: ddos-guard
vary: User-Agent

Redirect headers

content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Fri, 30 Sep 2022 10:22:54 GMT
location: https://www.eg.ru/
server: ddos-guard
vary: User-Agent

GET
H2 200 main2020.css
www.eg.ru/assets/css/ 183 KB
23 KB 80ms
76ms Stylesheet
text/css 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/css/main2020.css?v=2022

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

0fc4c5a69993c4c34e2131c97ae01397ef7d5e12453729d612d97c0e6f75edbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 03:49:30 GMT
server: ddos-guard
age: 0
etag: W/"6201e84a-2dce3"
vary: User-Agent
content-type: text/css
ddg-cache-status: MISS
cache-control: max-age=604800
expires: Fri, 07 Oct 2022 10:22:55 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 155ms
41ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
x-hw: 1664533375.dop052.fr8.t,1664533375.cds212.fr8.hn,1664533375.cds140.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 jquery.cookie.js Show response
www.eg.ru/assets/js/ 3 KB
2 KB 73ms
70ms Script
application/javascript 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/js/jquery.cookie.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
last-modified: Sun, 27 Apr 2014 10:07:14 GMT
server: ddos-guard
age: 0
etag: W/"535cd6d2-c31"
vary: User-Agent
content-type: application/javascript; charset=utf-8
ddg-cache-status: MISS
cache-control: max-age=604800
expires: Fri, 07 Oct 2022 10:22:55 GMT

GET
H2 200 create.scroll.js Show response
www.eg.ru/assets/js/ 1 KB
1 KB 79ms
77ms Script
application/javascript 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/js/create.scroll.js?v=1

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

5eba9e218afd1d004a139dd7b3296737a23adbe29b9f1adf63bdd22893256aaf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
last-modified: Wed, 02 Jun 2021 21:01:19 GMT
server: ddos-guard
age: 0
etag: "60b7f19f-445"
vary: User-Agent
content-type: application/javascript; charset=utf-8
ddg-cache-status: MISS
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1093
expires: Fri, 07 Oct 2022 10:22:55 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

356 KB
99 KB

250ms
85ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Server

2a02:6b8:a::a , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b1508091c46d710f18a1557461b67bb7c6edd0736fe4babda5ac4efa29294f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1664533375542824-2130181991114776277-vla1-0271-vla-l7-balancer-8080-BAL-9026
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 30 Sep 2022 11:22:55 GMT

Redirect headers

date: Fri, 30 Sep 2022 10:22:55 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 logo2022080517.png
www.eg.ru/wp-content/uploads/2021/12/ 31 KB
31 KB 79ms
78ms Image
image/png 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eg.ru/wp-content/uploads/2021/12/logo2022080517.png

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

d83e8fb51e0e479b9c3e15297b9b0963ab1660c11ef5aa978010c1ce1923648d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
last-modified: Mon, 20 Dec 2021 08:05:17 GMT
server: ddos-guard
age: 0
etag: "61c0393d-7cd9"
vary: User-Agent
content-type: image/png
ddg-cache-status: MISS
accept-ranges: bytes
content-length: 31961

GET
H2 200 logomob103129.png
www.eg.ru/wp-content/uploads/2022/01/ 24 KB
24 KB 72ms
72ms Image
image/png 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eg.ru/wp-content/uploads/2022/01/logomob103129.png

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

955f0d9382031e3b02def024ed3c204aa71ca361fa148ec0878d7d89d36d9393

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
last-modified: Fri, 28 Jan 2022 10:31:29 GMT
server: ddos-guard
age: 0
etag: "61f3c601-6019"
vary: User-Agent
content-type: image/png
ddg-cache-status: MISS
accept-ranges: bytes
content-length: 24601

GET
H2 200 slick.min.js Show response
www.eg.ru/assets/js/ 41 KB
12 KB 76ms
75ms Script
application/javascript 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/js/slick.min.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2017 13:13:52 GMT
server: ddos-guard
age: 0
etag: W/"58987690-a3e1"
vary: User-Agent
content-type: application/javascript; charset=utf-8
ddg-cache-status: MISS
cache-control: max-age=604800
expires: Fri, 07 Oct 2022 10:22:55 GMT

GET
H2 200 app.js Show response
www.eg.ru/assets/js/ 6 KB
2 KB 73ms
73ms Script
application/javascript 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/js/app.js?v=23

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

f478f091d78adda4c177da29a013c486468c9ac363f6239d06e574e75e7d12b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 21:18:00 GMT
server: ddos-guard
age: 0
etag: W/"60b7f588-1929"
vary: User-Agent
content-type: application/javascript; charset=utf-8
ddg-cache-status: MISS
cache-control: max-age=604800
expires: Fri, 07 Oct 2022 10:22:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 162ms
59ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,300i,600,700,800,900|&subset=cyrillic

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/assets/css/main2020.css?v=2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a18fab105b8c814b4c161946383b6f9d33bc4e1b69b69c3cdf22bd6f6452c9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 10:22:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Sep 2022 10:22:55 GMT

GET
H2 200 a8d9f307b0a12f62ab18.js Show response
yastatic.net/partner-code-bundles/658838/ 13 KB
5 KB 175ms
58ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/658838/a8d9f307b0a12f62ab18.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

25a7bce29a50ddbba1b9bb765a83bc205f7c4f55c4d7070e01d89f3dc816246a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4463
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
server: nginx/1.17.9
etag: "150187bec3fe2ab89d96197ebf6ab69f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 16:56:09 GMT

GET
H2 200 aaf863f179e3b7ad382c.js Show response
yastatic.net/partner-code-bundles/658838/ 88 KB
19 KB 241ms
126ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/658838/aaf863f179e3b7ad382c.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

39f472ec24c4b5fa9212ee9b94e1c061a80be61ec3a923ed53f4444320f50afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18574
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
server: nginx/1.17.9
etag: "52c7131368b8c72bfc0ebee85a8dfa64"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 16:56:09 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 325ms
222ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 16:54:49 GMT

GET
H2 200 a4074028f8b0cc4c3bb2.js Show response
yastatic.net/partner-code-bundles/658838/ 461 KB
93 KB 258ms
155ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/658838/a4074028f8b0cc4c3bb2.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a2f307baa0f285e2c480c20f393ee97de3a653d169daf939ac3f9f0e5bfb079b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 94239
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
server: nginx/1.17.9
etag: "a6b95a2a9652befb6640c44b22da1f30"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 16:56:09 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 211 B
347 B 310ms
134ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.842%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=4085605811&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1080%2C%22h%22%3A0%2C%22width%22%3A1080%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A260%2C%22top%22%3A0%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=1080&pp=g&ps=dbzr&p2=gfib&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a828cdf8e50f7304386f49c23a608d036b4558e4063b86bde029cf57541b25ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376070645-1496296448642778518600107-production-app-host-vla-pcode-271
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
DATA 200
OK truncated
/ 575 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5e3fb24efa2d284c245c1a048c5735b51f34dbc091f982dbb6b2d2dee956a4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 839 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67b5010f19f49057be36acc056cc37491c4641497b4dd61f14226467ebfedbea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 788281c7238b591b2bd157ad8901e69f7246586766f98f7531f5d75ae23af376

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 PT-Astra-Sans_Regular.ttf
www.eg.ru/assets/css/ 112 KB
112 KB 75ms
75ms Font
application/octet-stream 91.215.42.34
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eg.ru/assets/css/PT-Astra-Sans_Regular.ttf

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/assets/css/main2020.css?v=2022

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.215.42.34 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

Software

ddos-guard /

Resource Hash

fe89d94b413008d86393b0075e5576821a34de33a5ecb35cabfb0d563b847dbd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://www.eg.ru/assets/css/main2020.css?v=2022
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 30 Sep 2022 10:22:55 GMT
last-modified: Tue, 08 Feb 2022 03:49:30 GMT
server: ddos-guard
age: 0
etag: "6201e84a-1c078"
vary: User-Agent
content-type: application/octet-stream
ddg-cache-status: MISS
accept-ranges: bytes
content-length: 114808

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 185ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,300i,600,700,800,900|&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 09:20:18 GMT
x-content-type-options: nosniff
age: 349358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 09:20:18 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 239ms
108ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq_p9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,300i,600,700,800,900|&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

929b2433fb151b534da797a5659895b646a4c7a99670d8d7eef1f38b707c9ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 18:05:54 GMT
x-content-type-options: nosniff
age: 490622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12964
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Sep 2023 18:05:54 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 2 KB
1 KB 377ms
218ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.871%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=2545395052&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A120%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=1600&available-height=120&pp=g&ps=dbzr&p2=hizh&puid1=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

84e805f1fc36d3b05e4735e0e7227e4816744cd2cbaf8d032db1ca142e9b9c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376145301-552679016054441216400116-production-app-host-sas-pcode-45
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f1be9809d96fcbde4c6fec887460098d13fb8ee68204df7726f59a92d906297

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 710 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10ff452310e9f210f7d2a8f763082a653ab3226317ff3f269a5c3d2a514f8250

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 245ms
124ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,300i,600,700,800,900|&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 23:01:39 GMT
x-content-type-options: nosniff
age: 300077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 23:01:39 GMT

GET
H2 200 alla-pugacheva114849-780x585.jpg
s6.cdn.eg.ru/wp-content/uploads/2022/09/ 44 KB
44 KB 242ms
58ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s6.cdn.eg.ru/wp-content/uploads/2022/09/alla-pugacheva114849-780x585.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: ed61d612a0f33f082724cf720d701641f8086431a58f380d977ede21cdea4997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Thu, 29 Sep 2022 11:49:05 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 44566
vary: Accept
content-type: image/webp

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 2 KB
2 KB 254ms
120ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.895%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=841896546&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A405%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1085%2C%22top%22%3A703%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=240&available-height=405&pp=g&ps=dbzr&p2=gorq&puid1=&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

edda2e3fab0eb64bfd293acbd845e3fdc95fa0ffd322da330855e446e66102cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376078843-1589521618073213177400114-production-app-host-sas-pcode-198
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H/1.1

200
OK

hit;Forvard_Media
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;Forvard_Media?r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u04...
https://counter.yadro.ru/hit;Forvard_Media?q;r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u...

43 B
528 B

74ms
74ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;Forvard_Media?q;r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%2C%20%u044D%u043A%u0441%u043A%u043B%u044E%u0437%u0438%u0432%2C%20%u0438%u0441%u0442%u043E%u0440%u0438%u0438;0.24676072320620723

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 10:22:56 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Wed, 29 Sep 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Sep 2022 10:22:56 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;Forvard_Media?q;r;s1600*1200*24;uhttps%3A//www.eg.ru/;h%u042D%u043A%u0441%u043F%u0440%u0435%u0441%u0441%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%2C%20%u044D%u043A%u0441%u043A%u043B%u044E%u0437%u0438%u0432%2C%20%u0438%u0441%u0442%u043E%u0440%u0438%u0438;0.24676072320620723
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 29 Sep 2021 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 206 KB
71 KB 392ms
181ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-11a8a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72330
expires: Fri, 30 Sep 2022 11:22:56 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 32 KB
14 KB 239ms
76ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 13 Sep 2022 17:32:31 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6320beaf-7ecc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 30 Sep 2022 11:22:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Sep 2022 09:01:59 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4857
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 30 Sep 2022 11:01:59 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 tcounter.js Show response
www.tns-counter.ru/ 552 B
804 B 239ms
78ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tns-counter.ru/tcounter.js
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Thu, 05 Aug 2021 10:41:20 GMT
server: ms-counter-3.3.5/1.20.2
etag: "610bc050-228"
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=20736000
accept-ranges: bytes
content-length: 552
expires: Sun, 28 May 2023 10:22:56 GMT

GET
DATA 200
OK truncated
/ 390 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9044b9ed7a50e7ee21c556beba933edd7dbd0afbe6efabe47ec2d3f5d69ca9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 538 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c2c0d12fca0ffd36c1133ffe5092b46d86373ded12db3162bd2a7f0605d50f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 lgn48473135114003-240x180.jpg
s3.cdn.eg.ru/wp-content/uploads/2022/09/ 9 KB
9 KB 182ms
58ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.cdn.eg.ru/wp-content/uploads/2022/09/lgn48473135114003-240x180.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: 528ddb2ec7aa026d81e128bd88479c2a800972b0c53d64c23bbd169dd1e9122e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Mon, 05 Sep 2022 11:41:04 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 8798
vary: Accept
content-type: image/webp

GET
H2 200 merem-uzerli124844-240x180.jpg
s4.cdn.eg.ru/wp-content/uploads/2022/08/ 8 KB
8 KB 243ms
58ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.cdn.eg.ru/wp-content/uploads/2022/08/merem-uzerli124844-240x180.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: a562f860ebab1097a8886a909da755f4ed5da1dc8cffeb6918cfc455e1a78000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Wed, 24 Aug 2022 12:49:04 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 7994
vary: Accept
content-type: image/webp

GET
H2 200 vera-brejneva070802-240x180.jpg
s5.cdn.eg.ru/wp-content/uploads/2022/09/ 3 KB
4 KB 242ms
58ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s5.cdn.eg.ru/wp-content/uploads/2022/09/vera-brejneva070802-240x180.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: 5dd5e9a17ea6d2dc262d322ce4d5708412083c4035cdfc5288c3ade28b758e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Fri, 30 Sep 2022 07:09:04 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 3498
vary: Accept
content-type: image/webp

GET
H2 200 boris-moiseev054355-240x180.jpg
s5.cdn.eg.ru/wp-content/uploads/2022/09/ 2 KB
3 KB 299ms
115ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s5.cdn.eg.ru/wp-content/uploads/2022/09/boris-moiseev054355-240x180.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: 819bf4c178742bc8bc4e1167ab96195f7c6dbd19b52cecfae24a72886c9b1e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Fri, 30 Sep 2022 05:44:04 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 2388
vary: Accept
content-type: image/webp

GET
H2 200 anna-sedokova054735-780x585-1074617-512x384.jpg
s5.cdn.eg.ru/wp-content/uploads/2022/09/ 15 KB
15 KB 242ms
58ms Image
image/webp 135.181.170.67
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s5.cdn.eg.ru/wp-content/uploads/2022/09/anna-sedokova054735-780x585-1074617-512x384.jpg
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.170.67 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eg.ru
Software: nginx /
Resource Hash: b7c2bf5d0f6bcc063314ec331825fcdbcca73f4d23e0388d15fe8a10ba574e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Fri, 30 Sep 2022 07:47:05 GMT
server: nginx
x-webp-convert-log: Serving converted file
content-length: 15552
vary: Accept
content-type: image/webp

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 211 B
346 B 266ms
182ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.945%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=3569788854&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A236%2C%22h%22%3A0%2C%22width%22%3A236%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A283%2C%22top%22%3A3442%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=236&pp=g&ps=dbzr&p2=huht&puid1=&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

55f184588d0316e2be48f2b5c522c46d96968dbfc14c1b918b1bc2a5d004a5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376149155-1206228395847291008200106-production-app-host-vla-pcode-186
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 211 B
347 B 258ms
176ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.948%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=2112729766&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A236%2C%22h%22%3A0%2C%22width%22%3A236%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A283%2C%22top%22%3A3442%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=236&pp=g&ps=dbzr&p2=hvjj&puid1=&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

876def17a9a48678412b439e2fcf09cb72902f9342c2313dc2c600beb67829db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376146429-1268451942080833157300126-production-app-host-vla-pcode-447
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/280016/getBulk/ 211 B
346 B 263ms
189ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/280016/getBulk/v2?dl=https%3A%2F%2Fwww.eg.ru%2F&date=2022-09-30T10%3A22%3A55.955%2B00%3A00&pd=30&pdh=1200&pdw=1600&pr1=2822263358&pr=3774788122&prr=&pv=10&pw=5&extid_loader=&extid_tag_loader=www.eg.ru&ylv=0.658838&ybv=0.658838&ytt=223202471182341&is-turbo=0&skip-token=&ad-session-id=3880821664533375845&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1080%2C%22h%22%3A0%2C%22width%22%3A1080%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A260%2C%22top%22%3A3450%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=658838&available-width=1080&pp=g&ps=dbzr&p2=hphw&puid1=&slotNumber=6&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=657518%2C0%2C0%3B651042%2C0%2C26%3B659465%2C0%2C94%3B658041%2C0%2C42%3B652457%2C0%2C99%3B204300%2C0%2C54&pcode-flags-map=eJytWNtu3DYQ%2FZVin%2FOgG3XJGyVRu4QlUSGpXa%2BLgkhTvwVJkTpFgSD%2F3kNd1tKuzY0NA36IA82Z4VzOnPGPDd%2B2QjLTcKVYaUqqqemopI0ylZBmz0smDG9NIZpcbN7%2F%2FmPz78fP3%2B837zf3%2F%2F29ebd5uP%2Fngf%2BFX0nmRYRsfv7xbrOnykj2oWdKm31DO1NJ0RhaqpW9lj1bAsR%2BEqTeCaDkiuY1QwTsQHNec300tEWEB1bXRkta3PB2axpRshWsYvhItPXR9C3%2FcOYizDwvO7noFTOSb3eIkis%2B%2BVC10PbBtCvc4UZR6PsD1oGXW6ZNKenBVFzi1RUSyAxv6Ja5chaTkATRgMHa6bXLfOMfFW%2B5ZihJcaN2iOzA9U702lCUSys3OInT8MXgb4FMUaFOirIvtLp08zJoBsgXtuICxJaZlqaQjGq%2BZ6ZkmhWai9bMfc9KTlG1ml3pTpJEsX%2FCZLedadnBKDShQT2UhgfEyW%2Bv45BkbMFGICAEV9OcoaOFmYDdTzuZzx18CgM%2Fjhw5ArFISo%2BFZFIhOyvLmKR%2BGK5ts9gfE4whqwUtmRxqRJtV9A%2Ffvt8vzKIgxQCOZghcKTkMWuN88cIIuVKMId%2B5YhKRrs2%2BfPzz8%2F3KMoyDLBksURcwXGt2bBj3VrtdRiTMxloXom%2B1rc3tTjpN0iSdJvkIlmK3RvamFA3lrZM0vSQI47EI6xGq%2BrpWaFvmtvfDIPROT8yluEF%2B8Dyzlbx0WyYkjZ8M2FKvljx3mge%2BF4%2FvvWNtMIQL%2BijBH1dZj0R%2BNBH9YDszfS6k7SNJS96r334R4Uht3GPA4J0DPTqpi0RhMpW2rDpsKdWJFr2oecMwxivTwPO8tW3kheObuwJrB5WCaevkMxIRwEzdWwlkmdlxmf1dG3e4TJLg0pxXljgOdm6vdcgzCHMAe1r3q2qF3tPWNaOyxboFZ%2B6p5PTs3cHKKcGaHbMMLaEsy0JWnJLNpARX1GK7RCAr%2B9SLxqx1kgtp93J%2BHKRAJ6Q74XEST3RhPzet0Lxg2ELN1mmWBLAbzJTqTEGLHbMRmo7J4qzGvrdKUUL8bOwKMGAxWZ2NwBkRkjQNyJjWuflLLrGYTKGcNEMyP0kXY8cVQkU2oQcKG6ZyOc1CMgmW2XYYVXXSFB0tS2gqN0hEpsoM1Ih51ceOmdAdNeiRLHqwkcVCcrndZUn8rCV0nilqXtxc8T5jNH2teU7bFmFjcVUcipfbR1S0cFNWlgZJsohjAhlJG%2BsBE9XV9JhD4lha0FLU9fmCOtvkXhCFYw9sJc0D97eYQ%2B%2FxW6P43Spe4gee6%2Fsn6M0nz1jMzbFjw1qXrGQKYskZn0%2BCeLS2akSyCrO%2Bs5PAC7ddGk5bBEmDdG7smEso%2BElPdJLl7j0WYxEF%2FmqUoC0k%2Bhp7G0OMejyuUkgOt7ryMz%2BKnlrHVq9M%2B2k4ZiCR9fmoXKBhN%2Ftj248q04KMm%2BOF5s8HMy7LV8Wkt%2BJNIypZRTFfc2TjEfmLcLZrMNJ1Lqh0l9vaTILnsay062yzbfEAd3kDPyOrXtlxPTTaAgztfqOFu0%2FCJAhWV0rRNdMpcTo1lJvKcYuGk4Y5YRSvxxgugIGKpThYRtphbd6BiWjtRLAimThOubmqL7viIuLFI%2BW2Vhgiww3VI0%2FSzr7Mi%2FzUfef4waSn51KphkptcNH3zIZ3bZRJHMfkdGvkNxeceZlMki60tBV3uJkKje7Ir7jKyKQA5puMopSXN%2Bv0hCf49NPXLw%2Ffvn4%2By4AXBY7KXLbslSJ9ejhzkEWxq%2FQg34b3zRujLsLWoi92bwyvelyGx5f%2B0eEK6JGe%2FuctY8WmfTWi7TTeWp2J0x0K6DifUWv6nLTIGgTier0xxysXm34UobwFoV7540EQEauHfv4PBvnr2g%3D%3D&use-server-side-rendering=1&pcode-icookie=pCMf2IEb5ifSjGOWISmqJHfqs2IiNzM4V0yVa4zjXIFDqffWL8qtaxF2A5X0ECiur%2BT9Vw4o026OZaPjIXbsVPbvpzQ%3D&top-ancestor=https%3A%2F%2Fwww.eg.ru&top-ancestor-undetermined=0&grab-orig-len=596&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0N30KSq3EsTy_7xLGOjeKfb67q3FQfbNN3WkDdm1616u2f_1msP7KHf23OTs73p9Rz4T6sT0kir_-_uIygZkhmJmJ2iAObOUMVOWOUTmVswM_1jCPZo-1kFyUHejRxhztJvboyq0YeQ479Ir-nz6mckfPJu3V-uiUsbh5fhSLeyiJ4hY0v0cAHhwnakns9RauG3pdlkq6QCoMRC1w3HSljtu622TpoA79ieZAV3sMkKmv2udqg1DtgqhoO6zfTpo7SPnJKYHlNzD_X3hltpUxVpaX_UIj_-HzHvftVuWCm9UH1Pf0D559QdUHa4yHYhaOV2yKpTGWWpRqP3gH7hjm9fiaWepOsbIaOA88t4v0ZuFYnmjD2Ip9vbSyvl9_C7Kq9N924b61hfkZtos6NOcX1jB-MxZwyKx2mkRxokIPkSPhRbEkwF-pHwoEslQQtK7gC0ORqAtT0GbPIQr8rvC6S0AM3F8UEgK9Ejr8-5O7gfdQ-_EO7nmhnIxETkq-KppGEoe-D9YOFKWKnGTQA_E%3D&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1525451b08361be2ad6d53847e4945e26180bcd00b05f811a8e15d09160da2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
x-yandex-req-id: 1664533376149214-859158051435379573900115-production-app-host-sas-pcode-495
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.eg.ru
content-type: application/json
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 30 Sep 2022 10:22:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 46ms
46ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1519925982&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eg.ru%2F&ul=en-us&de=UTF-8&dt=%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1630941604&gjid=712938019&cid=1559078021.1664533376&tid=UA-863669-1&_gid=1762466814.1664533376&_r=1&_slc=1&z=749262038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eg.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
438 B 143ms
47ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-863669-1&cid=1559078021.1664533376&jid=1630941604&gjid=712938019&_gid=1762466814.1664533376&_u=IEBAAEAAAAAAAC~&z=1494247972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eg.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 189ecb19a55239ee22d1.js Show response
yastatic.net/partner-code-bundles/658838/ 40 KB
11 KB 61ms
60ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/658838/189ecb19a55239ee22d1.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1dc9f4f7edf723e652ce02ead34344c3ab23e943f5a972ba431c14f260c79d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 11005
last-modified: Wed, 28 Sep 2022 15:12:21 GMT
server: nginx/1.17.9
etag: "e4a6059bc67a50e104c7269082c66a37"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 29 Sep 2052 16:56:20 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
54 KB 155ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4311038577176708

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/658838/aaf863f179e3b7ad382c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d4d6572117d799c74697b2f174fb694a17a359c7847f06ca380e1e31dc29073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Origin: https://www.eg.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54350
x-xss-protection: 0
server: cafe
etag: 15926682669451575969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H2 204 event
ads.adfox.ru/280016/ 0
18 B 297ms
106ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/280016/event?hash=d03e0fd4c869aa93&pm=cyz&p5=knmhv&rand=jnlobtd&sj=91_nz8pHzjXUWjd2AwMvTBSoS3TcE9ElIypzE7nXjTiCchYhIBIeKuRwuxzDDQ%3D%3D&ad-session-id=3880821664533375845&utg=oxum&lts=fkcmxmm&ytt=223202471182341&ybv=0.658838&ylv=0.658838&dl=https%3A%2F%2Fwww.eg.ru%2F&pr=mfsjmco&p1=chgsh&rqs=gGOwJDqZhi-AwzZjxePdxGlv5F-e36Wx&p2=gorq

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

174339598
www.tns-counter.ru/V13b***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598
https://www.tns-counter.ru/V13b***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598

43 B
297 B

79ms
78ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598
Requested by: Host: www.eg.ru
URL: https://www.eg.ru/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=2678400
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*eg_ru/ru/UTF-8/tmsec=eg_main-page/174339598
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
962 B 76ms
76ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=199954;u=https%3A//www.eg.ru/;st=1664533375950;title=%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=100cd1b3e25a16c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1664533376226%3A1664533376239%3A1%3A31d8ccf706d37b8691bea4d0adb721de;opts=jst-ga;visible=true;_=0.7078249890455965

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 160ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/658838/aaf863f179e3b7ad382c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc11c59a6a7e020ec542b36e7815ded928d9ad640234d4152e037cbccf38c40d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54471
x-xss-protection: 0
server: cafe
etag: 5325434953965727289
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H2 204 event
ads.adfox.ru/280016/ 0
230 B 211ms
98ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/280016/event?hash=da83dd9b4b7c4b33&pm=cyz&p5=lduls&rand=hyyynzj&sj=kFutq3RFLYJ0ARVKOEKjmTXO7Ykk4S52iOPRWGEgqxwKNR8Dwm2nR-smNE_rpA%3D%3D&ad-session-id=3880821664533375845&utg=oxum&lts=fkcmxmm&ytt=223202471182341&ybv=0.658838&ylv=0.658838&dl=https%3A%2F%2Fwww.eg.ru%2F&pr=mfsjmco&p1=cqtjo&rqs=gCMju2bgqmSAwzZjSydJqJjfMNFajsPb&p2=hizh

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 10:22:56 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 154ms
61ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-863669-1&cid=1559078021.1664533376&jid=1630941604&_u=IEBAAEAAAAAAAC~&z=156339700

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 156ms
64ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-863669-1&cid=1559078021.1664533376&jid=1630941604&_u=IEBAAEAAAAAAAC~&z=156339700

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/ 348 KB
114 KB 147ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4311038577176708&plah=www.eg.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4311038577176708

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221e485bf86ac18179bf20bdaac320a0a993dde0425cb4462b7e4bc71f1f1250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117019
x-xss-protection: 0
server: cafe
etag: 8716021828414073197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 10:22:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 4632 10 KB
5 KB 174ms
50ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4311038577176708

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 22:20:34 GMT
etag: 9671129459699598864
expires: Thu, 13 Oct 2022 22:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9777.5fFiA6beVnLtr76c4HovxIn0R7HxTJVNQYKv8q-gWQEWqFNm4y3wKZZmHL2DUxMO.P63xYs9--8zg6OWmNs1EsvbJULM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9777.i0T1-enevmDp9-1uZitt1eVeCK3ABUbTLc3OH54RWK9fvUfC_piRuKKMlK0-yfy60zwq9AqOkUFDvDK0jbF_iAlFo3J7AkQWkgl9cMMrf84%2C.wst6o_SEs27m489B6y4Lq0yY_hs%2C

43 B
333 B

97ms
97ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9777.i0T1-enevmDp9-1uZitt1eVeCK3ABUbTLc3OH54RWK9fvUfC_piRuKKMlK0-yfy60zwq9AqOkUFDvDK0jbF_iAlFo3J7AkQWkgl9cMMrf84%2C.wst6o_SEs27m489B6y4Lq0yY_hs%2C

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9777.i0T1-enevmDp9-1uZitt1eVeCK3ABUbTLc3OH54RWK9fvUfC_piRuKKMlK0-yfy60zwq9AqOkUFDvDK0jbF_iAlFo3J7AkQWkgl9cMMrf84%2C.wst6o_SEs27m489B6y4Lq0yY_hs%2C
date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 104ms
92ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
etag: "633583ac-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Sep 2022 11:22:56 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
641 B 173ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.eg.ru&callback=_gfp_s_&client=ca-pub-4311038577176708

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4311038577176708&plah=www.eg.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1deed03e2b2c577d679c73dbb382b9ce2a3188e8b0de2402244c7b4a9fd29d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 388ms
47ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.eg.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 198ms
74ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.eg.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71AC 0
19 B 233ms
127ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&adk=1812271804&adf=3025194257&lmt=1664533376&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eg.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376400&bpp=2&bdt=1303&idt=238&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3212553474751&frm=20&pv=2&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:22:56 GMT
expires: Fri, 30 Sep 2022 10:22:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB15 603 B
67 B 195ms
97ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7988176190403420&output=html&h=280&slotname=3749275189&adk=26332176&adf=535280045&pi=t.ma~as.3749275189&w=1200&fwrn=4&fwrnh=100&lmt=1664533376&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.eg.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376413&bpp=2&bdt=1316&idt=247&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3212553474751&frm=20&pv=2&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2cd2ppsH4E&p=https%3A//www.eg.ru&dtd=251

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:22:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB0D 129 KB
45 KB 436ms
348ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&h=400&slotname=4803119637&adk=3972513772&adf=1527034601&pi=t.ma~as.4803119637&w=240&lmt=1664533376&format=240x400&url=https%3A%2F%2Fwww.eg.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376477&bpp=1&bdt=1380&idt=194&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3212553474751&frm=20&pv=1&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x7IeHRJpSz&p=https%3A//www.eg.ru&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

649a5489d0fbfea62499b4c612da14b447106dcadcb705594c955c16a1fbc338

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSakYWmvPoCFYLsmgodmM8Mdw&gqi=gMM2Y4WYMYiR78EP_O2GgAg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45926
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNSakYWmvPoCFYLsmgodmM8Mdw&gqi=gMM2Y4WYMYiR78EP_O2GgAg&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:22:57 GMT
expires: Fri, 30 Sep 2022 10:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/10525402/
Redirect Chain

https://mc.yandex.com/watch/10525402?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/10525402/1?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%...

453 B
859 B

95ms
95ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/10525402/1?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A982854072930%3Ahid%3A829089935%3Az%3A0%3Ai%3A20220930102256%3Aet%3A1664533376%3Ac%3A1%3Arn%3A860089551%3Arqn%3A1%3Au%3A1664533376477050429%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C71%2C61%2C300%2C0%2C%2C801%2C3%2C%2C%2C%2C1293%3Acpf%3A1%3Ans%3A1664533374657%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664533377%3At%3A%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

da9dcc62330e495423aac4d49dce677ce5b3abac8bc1891821f6e8381207943c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 30-Sep-2022 10:22:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 453
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 10:22:56 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:56 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 10:22:56 GMT
location: /watch/10525402/1?wmode=7&page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A982854072930%3Ahid%3A829089935%3Az%3A0%3Ai%3A20220930102256%3Aet%3A1664533376%3Ac%3A1%3Arn%3A860089551%3Arqn%3A1%3Au%3A1664533376477050429%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C71%2C61%2C300%2C0%2C%2C801%2C3%2C%2C%2C%2C1293%3Acpf%3A1%3Ans%3A1664533374657%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664533377%3At%3A%D0%AD%D0%BA%D1%81%D0%BF%D1%80%D0%B5%D1%81%D1%81%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%2C%20%D1%8D%D0%BA%D1%81%D0%BA%D0%BB%D1%8E%D0%B7%D0%B8%D0%B2%2C%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://www.eg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 10:22:56 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/10525402/ 43 B
160 B 103ms
100ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/10525402/1?page-url=https%3A%2F%2Fwww.eg.ru%2F&charset=utf-8&hittoken=1664533376_6b52864da2417cf127fb51572ab501bb92f554e8adde87c32b80ae28d9046a5b&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ilvk53aw%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A1%3Als%3A982854072930%3Ahid%3A829089935%3Az%3A0%3Ai%3A20220930102256%3Aet%3A1664533377%3Ac%3A1%3Arn%3A576588587%3Arqn%3A2%3Au%3A1664533376477050429%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1664533374657%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1664533377&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5000)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eg.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:57 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 30-Sep-2022 10:22:57 GMT
content-type: image/gif
access-control-allow-origin: https://www.eg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 30-Sep-2022 10:22:57 GMT

GET
H2 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame B282 4 KB
1 KB 135ms
52ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&h=400&slotname=4803119637&adk=3972513772&adf=1527034601&pi=t.ma~as.4803119637&w=240&lmt=1664533376&format=240x400&url=https%3A%2F%2Fwww.eg.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376477&bpp=1&bdt=1380&idt=194&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3212553474751&frm=20&pv=1&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x7IeHRJpSz&p=https%3A//www.eg.ru&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7849
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 08:12:08 GMT
etag: 11900953634711111692
expires: Sat, 01 Oct 2022 08:12:08 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame EB0D 23 KB
10 KB 114ms
38ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 10:19:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame EB0D 3 KB
1 KB 126ms
50ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 10:19:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame EB0D 17 KB
7 KB 119ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 10:19:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB0D 140 KB
44 KB 223ms
89ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 10:22:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 114D 143 B
166 B 51ms
50ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&h=400&slotname=4803119637&adk=3972513772&adf=1527034601&pi=t.ma~as.4803119637&w=240&lmt=1664533376&format=240x400&url=https%3A%2F%2Fwww.eg.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376477&bpp=1&bdt=1380&idt=194&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3212553474751&frm=20&pv=1&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x7IeHRJpSz&p=https%3A//www.eg.ru&dtd=197
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 09:37:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B282 74 KB
26 KB 117ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 05:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26222
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 Oct 2022 05:35:30 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame B282 199 KB
68 KB 130ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 08:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69148
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 Oct 2022 08:06:22 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame B282 11 KB
2 KB 114ms
37ms Stylesheet
text/css 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1962
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 Oct 2022 05:35:28 GMT

GET
DATA 200
OK truncated
/ Frame EB0D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: babb5f688b7affc2ab74b053ea3454337a3905c97b89f712ddc26077a837a460

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 114D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

93ms
92ms

Document
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 30 Sep 2022 10:22:57 GMT
expires: Fri, 30 Sep 2022 10:22:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 30 Sep 2022 10:22:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B282 33 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13218
x-xss-protection: 0
server: cafe
etag: 5545325275904357113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 01 Oct 2022 09:36:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EB0D 0
21 B 94ms
94ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9BrUgMM2Y9TaMYLZ6wSYn7O4B7OR5dxsjd72r6YQye3a98QpEAEguvu_hAFglQKgAZfHi9MDyAEJqQLmZMKWMnSwPqgDAcgDywSqBLYBT9CL4XYIgRe4XQeqqyWAqyV8g1SCVKyD8Btqbhny6fLBYfc-ZO675IWRmeRoU3vUI0jJ57c5YxvXi0dEhB_oXZ8S52ujowuyW9u03LA4hQe0w_xk4OqDAYVXdL0nmo6TL5BqT4VaQUBLDTmC1p2Kn5HgNhr37wMtEeMDZhMrl5Sv0Z6RN-33EDiiboLtZo3NCCbU1sNdjThfBYs0YkrgBQgKbpmG0biNXNOYELprunS4jq4IdzHABO30jJzZA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf17sw6qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEELOtCdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTQzMTEwMzg1NzcxNzY3MDgYAA&sigh=Lq8Bf7AK9RI&uach_m=[UACH]&template_id=494&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4311038577176708&output=html&h=400&slotname=4803119637&adk=3972513772&adf=1527034601&pi=t.ma~as.4803119637&w=240&lmt=1664533376&format=240x400&url=https%3A%2F%2Fwww.eg.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376477&bpp=1&bdt=1380&idt=194&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3212553474751&frm=20&pv=1&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1085&ady=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=x7IeHRJpSz&p=https%3A//www.eg.ru&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Sep 2022 10:22:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Sep 2022 10:22:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B282 6 KB
672 B 156ms
59ms Stylesheet
text/css 2a00:1450:400a:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400a:808::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Sep 2022 10:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 09:57:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Sep 2022 10:22:57 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame B282 36 KB
16 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 06:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 06:25:04 GMT

GET
H3 200 3488809637579780263
tpc.googlesyndication.com/simgad/ Frame B282 10 KB
10 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3488809637579780263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49257f2b0e2f407b405d879814328ec4e6a62c4127d2e785beb4a0aa19f9ffaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 00:33:21 GMT
x-content-type-options: nosniff
age: 294576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10345
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 15:21:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Sep 2023 00:33:21 GMT

GET
H2 204 event
ads.adfox.ru/280016/ 0
66 B 105ms
103ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/280016/event?hash=36c6140189df45d3&pm=cza&p5=lduls&rand=clonhmc&sj=kFutq3RFLYJ0ARVKOEKjmTXO7Ykk4S52iOPRWGEgqxwKNR8Dwm2nR-smNE_rpA%3D%3D&ad-session-id=3880821664533375845&utg=oxum&lts=fkcmxmm&ytt=223202471182341&ybv=0.658838&ylv=0.658838&dl=https%3A%2F%2Fwww.eg.ru%2F&pr=mfsjmco&p1=cqtjo&rqs=gCMju2bgqmSAwzZjSydJqJjfMNFajsPb&p2=hizh

Requested by

Host: www.eg.ru
URL: https://www.eg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 10:22:57 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B282 15 KB
15 KB 156ms
53ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:33:00 GMT
x-content-type-options: nosniff
age: 139797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:33:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B282 15 KB
16 KB 171ms
70ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:33:08 GMT
x-content-type-options: nosniff
age: 139789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:33:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B282 15 KB
15 KB 151ms
51ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:26:06 GMT
x-content-type-options: nosniff
age: 89811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 09:26:06 GMT

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
874 B 77ms
77ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=199954;u=https%3A//www.eg.ru/;st=1664533375950;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=100cd1b3e25a16c8;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1664533374657/////300/300/300/300/300//360/431/492/440/1293/1293/1296/3044/3044/;ni=10//4g/0/0/;lvid=1664533376226%3A1664533377703%3A2%3A31d8ccf706d37b8691bea4d0adb721de;opts=jst-ga-ym;visible=true;_=0.004862739435071761;e=RT/load;et=1664533377702

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:57 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 129ms
53ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8e96aff007f9d123fc73059423f0075c354dacc392cbaccb102a2ec4a77e3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11167
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 10:22:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E11 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:06:59 GMT
expires: Sat, 30 Sep 2023 10:06:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ED38 783 B
536 B 50ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea5ce18d6a8040899fab5593c436ae6d4aad351f220550deafb5a1ef49fef1bb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7B2FFi9q8kDHgVeld3GjeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eg.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-7B2FFi9q8kDHgVeld3GjeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 10:22:57 GMT
expires: Fri, 30 Sep 2022 10:22:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E11 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 06:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 06:25:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED38 0
0 70ms
70ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=1991386832462097&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E11 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5Bu_-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 10:22:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=1991386832462097&bg=!cnGlcTXNAAYQgTJdMIE7ACkAdvg8Wu91Zc6M3ohSyc_ePcUeNXTg4qIRZjbKGJDV_UJYl3WpLKFQvQIAAABVUgAAAAdoAQcKACLDRF9Ff3KvLTOAncNg3NxuwjUuZcd0wOkIoetmlAlS62hKmQKkaHbgjuI8eyXthOIuNxFQOSw9eslLui9mckAZginVE-3ZiQ_75O6D41hkG8xOnyisV9DTJM2BiZdMf6lBsSWGKMDY2vVIIfj9DixtBtnOYMEq5vOTGUPFA7ZFTbnH9LPTdqBkpNOVTLYRmk73EczEZEadVZ59fkmIKFivWUiTPY8P55RemwNCE20OlByhmKF23v70eCDMN1Z0BDtn4YCf7e6UJ59du_cC93p8a7OUQ8xCFbPsYmsVw3qBP25w80H854tkVq6agqttU6YGqqoQ5JSJLQqMwRo8WCLQhYZZqcVDpNO5g-MvQcHumfJ7FNkI6Mt0e4UF_BdD6B0mp90Atq6pALTRAjtXyWgTej-IGCLcVN274s1_4Cx-ygl0Uy81FyczS5zp9aP6_-UWn_JnNkzfltFiF2rOQi29xe65AIP8KHT-D0pH1dcAvkROGGfxzgTUphsq62okKz_Ace-O4BE7HZwQWcAz5QgTnGrNI_zyOJRv_U8KYWwD0xU-dGUYsEWkNxppa5Cn-vZgo-PeNAGlgHYKRegiDcDy6HPyYJxo7oknA8YYD1Xs20yyGD_NAMAh5yzZ2QLQHDhIK5bXhctUa6Ev64vswYsJQBHe0JuGjbsdFqU-IDWJ_fLreos6wfrbE0w3WYQrTOnhPFXWFc9zaMB_8W4VSBUcuPS0nUEBDqAOuljS3Jt4kKv0rCAAdf_MIx3XA3prl-UoLhzBYZGBqokwLhSXSQ6yelP5oiAgnrDT3VehLgIwpX02Bu8agW_J6ta8SmYVI0QdLytUbPLUaqwqvBtc-56mwkUw-8CmeDH-8hIdVlcWbkUAg6Zalf2DVXwLsZvp2XoNIdqBRSH16CuwVKTEP96Ym4KaxRzjNyR3Oukd5vHUYs6IyI7YLXzj0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/280016/ 0
66 B 110ms
109ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/280016/event?hash=28d215227ede4e62&pm=bmn&p5=lduls&rand=maqrcaz&sj=kFutq3RFLYJ0ARVKOEKjmTXO7Ykk4S52iOPRWGEgqxwKNR8Dwm2nR-smNE_rpA%3D%3D&ad-session-id=3880821664533375845&utg=oxum&lts=fkcmxmm&ytt=223202471182341&ybv=0.658838&ylv=0.658838&dl=https%3A%2F%2Fwww.eg.ru%2F&pr=mfsjmco&p1=cqtjo&rqs=gCMju2bgqmSAwzZjSydJqJjfMNFajsPb&p2=hizh

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.eg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Sep 2022 10:22:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Sep 2022 10:22:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eg.ru/	1970-01-20 15:07:49	Name: __ddg1_ Value: zkElOnXoYr0X76rbNWla
eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
www.eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
.yandex.ru/	1970-01-20 15:58:13	Name: i Value: Mdswkbn/n+huJ5lMHIWLu7FdoNT5bB7o/qDEJTEM30eLUAfoPzlOdg7Vzlblpfo1da2d9BpzTOHyoDgJVHAPAW/fbpo=
.eg.ru/	1970-01-20 15:58:13	Name: _ga Value: GA1.2.1559078021.1664533376
.eg.ru/	1970-01-20 06:23:39	Name: _gid Value: GA1.2.1762466814.1664533376
.eg.ru/	1970-01-20 06:22:13	Name: _gat Value: 1
s3.cdn.eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
s6.cdn.eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
.yadro.ru/	1970-01-20 15:07:01	Name: FTID Value: 1ZDiE00Ky0OP1ZDiE00010L0
s5.cdn.eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
s4.cdn.eg.ru/	1969-12-31 23:59:59	Name: srv_id Value: eg-m
.yadro.ru/	1970-01-20 15:07:01	Name: VID Value: 1Pd3bk36r1eP1ZDiE00010Lo
.eg.ru/	1970-01-20 14:21:44	Name: tmr_lvid Value: 31d8ccf706d37b8691bea4d0adb721de
.eg.ru/	1970-01-20 14:21:44	Name: tmr_lvidTS Value: 1664533376226
.yandex.ru/	1970-01-20 15:58:13	Name: yandexuid Value: 7253856881664533376
.tns-counter.ru/	1970-01-20 15:07:49	Name: guid Value: FD4169276336C380X1664533376
.eg.ru/	1970-01-20 15:07:49	Name: _ym_uid Value: 1664533376477050429
.eg.ru/	1970-01-20 15:07:49	Name: _ym_d Value: 1664533376
.eg.ru/	1970-01-20 06:23:25	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 06:22:13	Name: sync_cookie_csrf Value: 2360264818fake
.mc.yandex.ru/	1970-01-20 06:22:13	Name: sync_cookie_csrf Value: 314368473fake
.yandex.com/	1970-01-20 15:07:49	Name: yandexuid Value: 7253856881664533376
.yandex.com/	1970-01-20 15:07:49	Name: yuidss Value: 7253856881664533376
.mc.yandex.com/	1970-01-20 06:23:39	Name: sync_cookie_ok Value: synced
.eg.ru/	1970-01-20 15:43:49	Name: __gads Value: ID=7ed2d20ad185ae32-22a3032934ce0027:T=1664533376:RT=1664533376:S=ALNI_MbtoAQraz0wWXcMFjtEdqPlbMTtFw
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2210655561664533376
.yandex.com/	1970-01-20 15:58:13	Name: i Value: 48rm/hNEXFH5wmmvxT1edBTIkLh3Y2JrI+V9EyU7Fw6m9gN1ESNQxzfLTzLjsp5H3mTJZJkLfJeIWrSSqxWtddRHHD0=
.yandex.com/	1970-01-20 15:07:49	Name: ymex Value: 1696069376.yrts.1664533376#1696069376.yrtsi.1664533376
.doubleclick.net/	1970-01-20 06:22:16	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 15:43:49	Name: IDE Value: AHWqTUljDB6FahWGfIF2ibJmnLePAjtpCKX7N0C8dBofiH4Xhpb-7Fr2rAgWIn5dPSA
.eg.ru/	1970-01-20 14:21:44	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 15:09:15	Name: VID Value: 3M0FjR2v1w2C00000h1ML4IC:::0-0-0-8511c40:CAASEBPSAo2ppwD2LRvRTAVbBcEaYC_MzztVUJYUVgfE_AmfUyM_0EHj5RPgL3DBPg942KrsilQ3lTqIFcYvlV8yJtO2X3yt5xWIoqD7te0O1zLzGfDgPXhtL8Y6IFqWt8sVbo_eRZJJ2TsIkYYoq8p7nyaIPw
www.eg.ru/	1970-01-20 06:23:39	Name: tmr_detect Value: 0%7C1664533378525

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7988176190403420&output=html&h=280&slotname=3749275189&adk=26332176&adf=535280045&pi=t.ma~as.3749275189&w=1200&fwrn=4&fwrnh=100&lmt=1664533376&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.eg.ru%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664533376413&bpp=2&bdt=1316&idt=247&shv=r20220928&mjsv=m202209260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3212553474751&frm=20&pv=2&ga_vid=1559078021.1664533376&ga_sid=1664533377&ga_hid=1519925982&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069963%2C42531706%2C44770765%2C44773745&oid=2&pvsid=1991386832462097&tmod=257377819&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2cd2ppsH4E&p=https%3A//www.eg.ru&dtd=251 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adfox.ru
adservice.google.com
adservice.google.de
an.yandex.ru
code.jquery.com
counter.yadro.ru
eg.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s3.cdn.eg.ru
s4.cdn.eg.ru
s5.cdn.eg.ru
s6.cdn.eg.ru
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.eg.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.tns-counter.ru
yandex.ru
yastatic.net
135.181.170.67
2001:4de0:ac18::1:a:3a
2001:6d0:4001::226
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:809::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2004
2a00:1450:400a:808::200a
2a00:1450:400c:c0c::9b
2a00:1450:400d:804::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2002
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::90
2a02:6b8:a::a
88.212.201.198
91.215.42.34
95.163.52.67
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c2c0d12fca0ffd36c1133ffe5092b46d86373ded12db3162bd2a7f0605d50f2
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0fc4c5a69993c4c34e2131c97ae01397ef7d5e12453729d612d97c0e6f75edbc
10ff452310e9f210f7d2a8f763082a653ab3226317ff3f269a5c3d2a514f8250
1525451b08361be2ad6d53847e4945e26180bcd00b05f811a8e15d09160da2e2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dc9f4f7edf723e652ce02ead34344c3ab23e943f5a972ba431c14f260c79d80
1deed03e2b2c577d679c73dbb382b9ce2a3188e8b0de2402244c7b4a9fd29d2d
221e485bf86ac18179bf20bdaac320a0a993dde0425cb4462b7e4bc71f1f1250
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25a7bce29a50ddbba1b9bb765a83bc205f7c4f55c4d7070e01d89f3dc816246a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
39f472ec24c4b5fa9212ee9b94e1c061a80be61ec3a923ed53f4444320f50afa
3f1be9809d96fcbde4c6fec887460098d13fb8ee68204df7726f59a92d906297
49257f2b0e2f407b405d879814328ec4e6a62c4127d2e785beb4a0aa19f9ffaf
528ddb2ec7aa026d81e128bd88479c2a800972b0c53d64c23bbd169dd1e9122e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f184588d0316e2be48f2b5c522c46d96968dbfc14c1b918b1bc2a5d004a5e7
5dd5e9a17ea6d2dc262d322ce4d5708412083c4035cdfc5288c3ade28b758e3a
5eba9e218afd1d004a139dd7b3296737a23adbe29b9f1adf63bdd22893256aaf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
649a5489d0fbfea62499b4c612da14b447106dcadcb705594c955c16a1fbc338
67b5010f19f49057be36acc056cc37491c4641497b4dd61f14226467ebfedbea
788281c7238b591b2bd157ad8901e69f7246586766f98f7531f5d75ae23af376
819bf4c178742bc8bc4e1167ab96195f7c6dbd19b52cecfae24a72886c9b1e80
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e805f1fc36d3b05e4735e0e7227e4816744cd2cbaf8d032db1ca142e9b9c78
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
876def17a9a48678412b439e2fcf09cb72902f9342c2313dc2c600beb67829db
88c5bf4a816112f4f4af24bb5d0ade55f88504de8c8bf613759ee0b486830297
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9044b9ed7a50e7ee21c556beba933edd7dbd0afbe6efabe47ec2d3f5d69ca9ae
929b2433fb151b534da797a5659895b646a4c7a99670d8d7eef1f38b707c9ff0
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc
955f0d9382031e3b02def024ed3c204aa71ca361fa148ec0878d7d89d36d9393
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d4d6572117d799c74697b2f174fb694a17a359c7847f06ca380e1e31dc29073
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a18fab105b8c814b4c161946383b6f9d33bc4e1b69b69c3cdf22bd6f6452c9c3
a1e6a59e0567f886caaada41007e695d2039c4fe07fb28727dd27ab2029ecd6b
a2f307baa0f285e2c480c20f393ee97de3a653d169daf939ac3f9f0e5bfb079b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a562f860ebab1097a8886a909da755f4ed5da1dc8cffeb6918cfc455e1a78000
a828cdf8e50f7304386f49c23a608d036b4558e4063b86bde029cf57541b25ac
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1508091c46d710f18a1557461b67bb7c6edd0736fe4babda5ac4efa29294f18
b7c2bf5d0f6bcc063314ec331825fcdbcca73f4d23e0388d15fe8a10ba574e67
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
babb5f688b7affc2ab74b053ea3454337a3905c97b89f712ddc26077a837a460
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e3fb24efa2d284c245c1a048c5735b51f34dbc091f982dbb6b2d2dee956a4a
d83e8fb51e0e479b9c3e15297b9b0963ab1660c11ef5aa978010c1ce1923648d
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
da9dcc62330e495423aac4d49dce677ce5b3abac8bc1891821f6e8381207943c
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e96aff007f9d123fc73059423f0075c354dacc392cbaccb102a2ec4a77e3db
ea5ce18d6a8040899fab5593c436ae6d4aad351f220550deafb5a1ef49fef1bb
ed61d612a0f33f082724cf720d701641f8086431a58f380d977ede21cdea4997
edda2e3fab0eb64bfd293acbd845e3fdc95fa0ffd322da330855e446e66102cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00864afefb6ac342587e84e7237328d02cb5507147a4a0d039b03a6fd90baff
f478f091d78adda4c177da29a013c486468c9ac363f6239d06e574e75e7d12b8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc11c59a6a7e020ec542b36e7815ded928d9ad640234d4152e037cbccf38c40d
fe89d94b413008d86393b0075e5576821a34de33a5ecb35cabfb0d563b847dbd

www.eg.ru Open in urlscan Pro 91.215.42.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

94 %HTTPS

83 %IPv6

18 Domains

29 Subdomains

25 IPs

7 Countries

1320 kBTransfer

3565 kBSize

34 Cookies

5 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eg.ru Open in urlscan Pro
91.215.42.34 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

94 %
HTTPS

83 %
IPv6

18
Domains

29
Subdomains

25
IPs

7
Countries

1320 kB
Transfer

3565 kB
Size

34
Cookies

88 HTTP transactions
9 data transactions