gostinform.ru Open in urlscan Pro
185.9.147.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gostinform.ru/
Submission: On March 29 via manual (March 29th 2022, 7:21:52 am UTC) from RU — Scanned from DE

Summary HTTP 109 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 109 HTTP transactions. The main IP is 185.9.147.100, located in Estonia and belongs to SMARTAPE, RU. The main domain is gostinform.ru.
TLS certificate: Issued by R3 on February 15th 2022. Valid for: 3 months.

This is the only time gostinform.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	185.9.147.100 185.9.147.100	56694 (SMARTAPE) (SMARTAPE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:215... 2600:9000:2156:c200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
109	27

17 185.9.147.100 (Estonia)

ASN56694 (SMARTAPE, RU)
PTR: shared-26.smartape.ru

gostinform.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:c200:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 732 pix.eu.criteo.net — Cisco Umbrella Rank: 6760 csm.eu.criteo.net — Cisco Umbrella Rank: 6802	47 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 118 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	240 KB
17	gostinform.ru gostinform.ru	439 KB
9	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	244 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8577	3 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 61	57 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10724 ads.eu.criteo.com — Cisco Umbrella Rank: 6808 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12693 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9264	104 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 6174	16 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 3498	168 KB
4	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3089 mc.yandex.ru — Cisco Umbrella Rank: 1958	125 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 211	109 KB
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1748	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 124 www.google.com — Cisco Umbrella Rank: 20	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5680	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 908	647 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 409	92 KB
0	rambler.ru Failed counter.rambler.ru Failed
109	17

	Domain	Requested by
17	gostinform.ru	gostinform.ru
14	static.criteo.net	ads.eu.criteo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	mc.yandex.com	2 redirects gostinform.ru mc.yandex.ru
9	pagead2.googlesyndication.com	gostinform.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	top-fwz1.mail.ru	1 redirects gostinform.ru top-fwz1.mail.ru
4	csm.eu.criteo.net	ads.eu.criteo.com
4	yastatic.net	an.yandex.ru
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects gostinform.ru
2	an.yandex.ru	gostinform.ru an.yandex.ru
1	www.google.com	tpc.googlesyndication.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	gostinform.ru
0	counter.rambler.ru Failed	gostinform.ru
109	28

This site contains links to these domains. Also see Links.

Domain
mashinform.ru
dragmetinform.ru
classinform.ru
podshipnikinform.ru
reestrinform.ru
zdravmedinform.ru
top.mail.ru

Subject Issuer	Validity	Valid
gostinform.ru R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.yastat.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-03-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://gostinform.ru/
Frame ID: A9F7B6EABF49E28B32271ED0FA80E7B3
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html
Frame ID: 836B15E4323A23CC7AA944AFBAE10F97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=60&slotname=9847723737&adk=1812008156&adf=3370897437&pi=t.ma~as.9847723737&w=468&lmt=1648538506&psa=0&format=468x60&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506530&bpp=4&bdt=387&idt=157&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=7781929918227&frm=20&pv=2&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=922&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h6hv0jRnzg&p=https%3A//gostinform.ru&dtd=182
Frame ID: 490935AD1B0C27C42BA02DB98C0639E5
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=90&slotname=2139769737&adk=1689885382&adf=2000092771&pi=t.ma~as.2139769737&w=756&lmt=1648538506&rafmt=12&psa=0&format=756x90&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506534&bpp=1&bdt=391&idt=192&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d61im4BlDi&p=https%3A//gostinform.ru&dtd=197
Frame ID: BC3B5147294CCF00455C36025CA80EA0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=250&slotname=9164485733&adk=24804720&adf=2469167549&pi=t.ma~as.9164485733&w=300&lmt=1648538506&psa=0&format=300x250&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506536&bpp=1&bdt=392&idt=199&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rjdCjQfgoG&p=https%3A//gostinform.ru&dtd=201
Frame ID: 279C575980A34038E0678FBF9E2FC2B4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&adk=1812271804&adf=3025194257&lmt=1648538506&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgostinform.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506549&bpp=1&bdt=406&idt=246&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90%2C300x250&nras=1&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=253
Frame ID: A4FF87809F78C5E03E15C64C3E441B8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigAA89IIu9CaAARahcP846H6KgigX6hh9Q&u=%7CGQr6P4BuVaDdvsbrEVcmFpoGAByVvF8hQUKcCB%2BZlLk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNgnflBzJEIRfTUsK0v1YyUkElnoVU6GqZKjX9pU5TZHnzgzCJnx5hkZ7QAGd4XConidp39LmPywjiIiBoByvmgrMy5fa-jLAgXlycI5Gx2LOvBZr48Bkafa6_1maHHq9ZX-041n2fV_w8s4Bd_o0U4QIPKWsXlKvbH8G6_RwRd0jr4jxSKy57E5TlPB-IYxYRgf4OcvityOeFix6H-K5xTfawxpY4rTTCPDyBzQ-bhmtfd-9UO41btLAI_2ftXnr2nO1vXKwLxbchyz_AiK69m206pCuPpD6h-fQJQA7YSejgolgGbGdiFF05gIq1PcvG5YSTQAlETfUQifLWiAEnbln_H8PViv6cA90wXIrxGkAiJZ-FYqf4kNZltKbR7IIh-eTLtKDteZ5SW8a0wMSDZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0HPirNCYtLnA5qh7_UPhbWR8AbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNDg4NjMxMzExODg5ODWgAdW20uoDyAEJqQIRYjj-THGyPqgDAaoEtQFP0NeLr52LsKmeEHkXayY6WpN-zzt9gQIpafYJ6mrNBo-6HrlzgCYImA6TO1B-AkqkmFMz_X5qtQpRW3Gus8lzXi5duXsS2O5KfkXflyniGnX_8duisddv4wmjqvPctngi3ErF27Jlr96X7lE53fKwq7OxneUyPUZYRYeyWCeLUZRrqVaU_B7uSXYE8raA2uup-R2PcKhIYR9cd34TDjmC6s9xDlvWE4a_smv0uSPlDqOMi_M7gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rQ3HGhcE9V7YaIg1uQKFT-uk3VA%26client%3Dca-pub-1248863131188985%26adurl%3D
Frame ID: B933BD59AA4204436B4EF6B3A60430E0
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigABSu4KmtOKAA7fx0_NcQE_MW_XJsFtrw&u=%7CGQr6P4BuVaDJntoykH%2FLQCJDYE2kuFjFK0IsYf78lw4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_rqmQpy5dPsKwaXEQO8GSyYWdHLX9DGFawmk-_gqon_km46PGHiNspRtADWRa2BWN6chWjjoNPk4iXUNgvHZeM8ePUMtL3LgUUtTEdTrMZenib7iF3THMPHrzV_3in-xOLdfqu3B2IYBlxsU238q6fHffYnM8SG1exchzxtrNgLpCSJmcAPjmE4c-3CTr7VpHkIz7SHj54YBbE_G4pVvVllW6wWM128M0tDzJvk2ZtJ9YH3GJqSce5zXaka4eMAz6O_71jNKDZ58dMW4mjjV6rk3BUgmgHd0feg7fXfJoA3wzIlMjJBILkqvjHo28LMB6dhFhQWAft9cAtlmPL62O76MeYzrRv-dAWZchM4M_aEpi6Egd7sJEb49DBLWRH8mdPyStoai2Gv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM813irNCYu6VBYqn6wTHv7v4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTI0ODg2MzEzMTE4ODk4NaAB1bbS6gPIAQmpAhFiOP5McbI-qAMBqgS3AU_Qc_84NEgGG4_-0iDPH0PyJtS3qrDJgxXnuIUGl81EwF42e1qzaHmKgc4nx9Qzdq5jgsxxKR0_CtLUI9TROniFS-dANlsgocwHJXAELYLwST3jflphfi23WJSetqWVO5WSJrV0zx0sb_zfcOc33RLu4ZiZVhA7L91SHy70zbBy7VYc_HKtSq2xfUqBu_NwoqL9QYtrUMBYPM4PbkVyqPVAgHcxmalr5sOdCzWfKoJuV0a0nVqetYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cHQ7AqmpS9GnkoCkiwXu176Ft_Q%26client%3Dca-pub-1248863131188985%26adurl%3D
Frame ID: 7B1AD749BC0539AE7A2ED26A2DB677FD
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js
Frame ID: 212A6CE67E8560D43CE6A6842AB526F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AE32BF0290E519FC6EF583167F4C4BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FCEE7F55FFCF3A8384EE17369DEFD7A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Госты, Снипы, Осты - Все государственные стандарты скачать бесплатно | Справочник государственных стандартов и нормативных документов

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

96 %
HTTPS

77 %
IPv6

17
Domains

28
Subdomains

27
IPs

5
Countries

1646 kB
Transfer

3597 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://mashinform.ru/
Title: Справочник оборудования

Search URL Search Domain Scan URL

URL: http://dragmetinform.ru/
Title: Справочник содержания драгметаллов

Search URL Search Domain Scan URL

URL: http://classinform.ru/
Title: Коды общероссийских классификаторов

Search URL Search Domain Scan URL

URL: http://podshipnikinform.ru/
Title: Справочник подшипников

Search URL Search Domain Scan URL

URL: http://reestrinform.ru/
Title: Федеральные реестры онлайн

Search URL Search Domain Scan URL

URL: http://zdravmedinform.ru/
Title: Справочник по здравоохранению и медицине

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=2406861

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://top-fwz1.mail.ru/counter?id=2406861;t=456;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2406861;t=456;l=1

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9592.eBtUDZHLrcrYZElPtjVCYzWcGZU3hocxHidTo26MmAVoxaZO4c9ZtxtGvweFjmxG.cjfWJQ0xMqsVKFKQpKl-epJIhqU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9592.ZhQC36yHTj64pCSfQ8napNfke8pGR2F4Jlm3xA7mo9q1T2-P4St2mFoJ-9hDBsMHWdCTVAb0CXppKc9LSjJpRw%2C%2C.Q0CKXV1fCHeWr_R8PdRj1SMD16E%2C

Request Chain 36

https://mc.yandex.com/watch/22431739?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A666718564306%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A501531370%3Arqn%3A1%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648538505655%3Ads%3A151%2C111%2C224%2C1%2C0%2C0%2C%2C348%2C14%2C%2C%2C%2C836%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/22431739/1?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A666718564306%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A501531370%3Arqn%3A1%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648538505655%3Ads%3A151%2C111%2C224%2C1%2C0%2C0%2C%2C348%2C14%2C%2C%2C%2C836%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr%2814%29aw%281%29ti%282%29

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gostinform.ru/ 30 KB
8 KB 486ms
224ms Document
text/html 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 / PHP/5.4.45
Resource Hash: 4c5bd4277e7aba38413885f410b6f53df41bd3708ab43c9ad4c91199db37c342

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.2
date: Tue, 29 Mar 2022 07:21:45 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
expires: Mon, 12 Jul 2005 12:13:13 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 style.css
gostinform.ru/css/ 14 KB
14 KB 49ms
48ms Stylesheet
text/css 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gostinform.ru/css/style.css?v=3
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 5943e55888db7d6e5399789b5e55290dcd1628fc6bc59b743e83b8cddbe52de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Thu, 27 Jun 2019 11:46:34 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5d14ac9a-37cf"
content-length: 14287
content-type: text/css

GET
H2 200 media-queries.css
gostinform.ru/css/ 2 KB
2 KB 49ms
48ms Stylesheet
text/css 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gostinform.ru/css/media-queries.css
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 33f0ebb0ffcdad2c54c5e348993c8f27b33a691b6d4843a90c1ae373e1c7cedf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 22 Jan 2018 16:54:33 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a661749-6f2"
content-length: 1778
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
92 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 06:09:52 GMT
x-content-type-options: nosniff
age: 4313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93868
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 06:09:52 GMT

GET
H2 200 highslide-full.js Show response
gostinform.ru/images/hsl/ 95 KB
95 KB 97ms
96ms Script
application/javascript 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gostinform.ru/images/hsl/highslide-full.js
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: ca77f9e0d312be25dd3db2b7d297500e46390e883066ffd6d1872b1553a6b4af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Wed, 24 Jan 2018 08:16:51 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a6840f3-17a43"
content-length: 96835
content-type: application/javascript

GET
H2 200 highslide.css
gostinform.ru/images/hsl/ 20 KB
20 KB 95ms
95ms Stylesheet
text/css 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gostinform.ru/images/hsl/highslide.css
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 31d5eee5d3eab1e714ed0f2b2bd7dd9a68e263e099c83601cb087c47c074e625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:56 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37838c-500a"
content-length: 20490
content-type: text/css

GET
H2 200 logo.png
gostinform.ru/img/ 11 KB
11 KB 93ms
92ms Image
image/png 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/logo.png
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 48854a6e75e917e88f068ddef8a38b23208c777acf7e10d61f6936d9635311e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 09:01:41 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a3783f5-2a2c"
content-length: 10796
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 94ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7782bc9b609620131b2480258d3ffce49675163d17df9cf04d760a17fc116b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53827
x-xss-protection: 0
server: cafe
etag: 16599068501713730744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:21:45 GMT

GET
H2 200 button.gif
gostinform.ru/img/ 3 KB
3 KB 48ms
47ms Image
image/gif 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/button.gif
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 02a3b1cb4cd8bd557b82bc380bb9c1453ca332bbae09c26c397094b132e1764e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-d59"
content-length: 3417
content-type: image/gif

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2406861;t=456;l=1
https://top-fwz1.mail.ru/counter2?id=2406861;t=456;l=1

1 KB
2 KB

67ms
59ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2406861;t=456;l=1

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

4c116071d63bdfc7168db9748bba879b094bb5ac0249a442cad33b515c382698

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1428
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Tue, 29 Mar 2022 07:21:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=2406861;t=456;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 context.js Show response
an.yandex.ru/system/ 270 KB
74 KB 121ms
44ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f86bd5928c396ae0022ee528bab6854fa3c222564f1ecfbbd753f17a7102281c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1648538505794476-517956250059937968900156-production-app-host-man-pcode-4
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 29 Mar 2022 08:21:45 GMT

GET
H2 200 head.jpg
gostinform.ru/img/ 40 KB
40 KB 52ms
48ms Image
image/jpeg 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/head.jpg
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: a86a53fe308efef36d5fe5e1499918ee77615fc06620b9c5f057d2bdd12a0714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-9e54"
content-length: 40532
content-type: image/jpeg

GET
H2 200 bk-w.jpg
gostinform.ru/img/ 1 KB
1 KB 53ms
49ms Image
image/jpeg 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/bk-w.jpg
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: dc43a3b8d5871273e2f65501b0502de181fc0c3f902d20fb71c5406bad6e34e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-4f1"
content-length: 1265
content-type: image/jpeg

GET
H2 404 none
gostinform.ru/css/ 206 B
206 B 118ms
115ms Image
text/html 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/css/none
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 9c54998bd769e602c7b96b4f55017e1c46552cdb6b1288954cd2707ef4b77aba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
server: nginx/1.20.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 header.jpg
gostinform.ru/img/ 236 KB
237 KB 52ms
50ms Image
image/jpeg 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/header.jpg
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: d1690e775517516a04b577b0632ccc617a2d68adefa3d5c60796e9637fe8440a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-3b17d"
content-length: 242045
content-type: image/jpeg

GET
H2 200 square.gif
gostinform.ru/img/ 53 B
177 B 48ms
47ms Image
image/gif 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/square.gif
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 37d73ab06b7ae544fefb33d412472d9ec735eb53999115b62ef307c6b2c9578d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-35"
content-length: 53
content-type: image/gif

GET top100.jcn
counter.rambler.ru/ 0
0

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 150ms
122ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 29 Mar 2022 08:21:45 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 143ms
69ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2b4925fdd46a1f64dd4fd132df492eb66baafce87b3c3ef580193e716e5a61ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
content-encoding: br
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-c4e1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50401
expires: Tue, 29 Mar 2022 08:21:45 GMT

GET
H2 200 footer_bg.gif
gostinform.ru/img/ 2 KB
2 KB 49ms
48ms Image
image/gif 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/img/footer_bg.gif
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 7ca1f87d66a50321b316a9dac3384e8db184f4ffebde340ccc5a14c559ea8fbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/css/style.css?v=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
last-modified: Mon, 18 Dec 2017 08:59:39 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37837b-664"
content-length: 1636
content-type: image/gif

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 296 KB
107 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1248863131188985&plah=gostinform.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f65fbbbfc145c9ea7b6a97414a882f09caff018a57f3c2709b7135aed346d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109242
x-xss-protection: 0
server: cafe
etag: 574803720306891808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:21:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/ Frame 836B 10 KB
5 KB 29ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 28 Mar 2022 17:45:34 GMT
expires: Mon, 11 Apr 2022 17:45:34 GMT
cache-control: public, max-age=1209600
age: 48971
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bd7d38b35a060c829fb4.js Show response
yastatic.net/partner-code-bundles/56841/ 13 KB
5 KB 101ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/56841/bd7d38b35a060c829fb4.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cc58fb133efbf595f86355387a566de29aa7d8dc724906df41cfe88a371d4c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gostinform.ru/
Origin: https://gostinform.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4459
last-modified: Mon, 28 Mar 2022 16:29:25 GMT
server: nginx/1.17.9
etag: "0ee1b08875a4a1b94ba0f7ff54eb01de"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2052 13:54:09 GMT

GET
H2 200 76e203fcf6695ccff9ab.js Show response
yastatic.net/partner-code-bundles/56841/ 88 KB
19 KB 135ms
65ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/56841/76e203fcf6695ccff9ab.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

52940a893e8de973774c0d45ebd7f0b5207b2c6f53d9b0d9942d249f954ed743

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gostinform.ru/
Origin: https://gostinform.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18741
last-modified: Mon, 28 Mar 2022 16:29:25 GMT
server: nginx/1.17.9
etag: "dd7f34821796de1c05932e10dee855fd"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2052 13:54:06 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 184ms
117ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gostinform.ru/
Origin: https://gostinform.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2052 13:53:04 GMT

GET
H2 404 143140 Show response
an.yandex.ru/meta/ 31 B
664 B 297ms
297ms XHR
text/html 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/143140?target-ref=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&pcode-test-ids=512022%2C0%2C67%3B547854%2C0%2C19%3B551698%2C0%2C6%3B552748%2C0%2C45%3B406668%2C0%2C24%3B495321%2C0%2C26%3B554178%2C0%2C32%3B204314%2C0%2C53&pcode-flags-map=eJylV9uO2zYQ%2FZVCz0ZBUfd9oyTaJkKRCknZ6wQBsUmdNMA2LdJNUCDIv3coyfbS3qW3qB98AXwOZ4Znzox%2BRFSQmlPbyJY22m7XzFDOtIlu3v6Ivt%2Fdf9tHN5FRA40W0cP%2B7wf2G%2FxOcYWyKvr5bhG1TI%2F4li7JwI01a9pRS7ve7Gw7KGKYFFe5imTk6mjLiF0yoKuZASy1vWJSMeBaksZI5TGhX5F7xRds6ci2kXyAUOrBGCksEay7DGZK%2FoKgGAkGwZZSAeolkKkazZqIFRSTs%2BYVlELJYbW2XK5Y43FALhDJIbRDjh5ngguMR875gjZ9NV9SuJxpXFTxY%2BCpqnC9zKxtp6n7aaiyg2jhndStlYLvrhBnKZ4rSzQkJVaW3vZ2yQl8OT%2FKml1%2FcXsWyglC0UzR9nDD4TOLJI%2BTZ868cphHHJ%2Bz4vzIOse%2BloLuemmgElZ3hHPbU9VQEe6EDKU4mcqt6OuBamM3HYEIlezsjkB5b60awhS4SPCUpF7LreWkpvwUxSSSMEOCYlQdE9KD2tAdiEVsqIKOlFbQrSVtoyh0wIbOf%2FAoN6yl0ueM8zI%2Bcl6gLXDr83b6nldx9RGSeZro4BVM9MR1iRRGSc5Bgb2iXJKWiZXHt%2F%2FnL48qzapHEiSty49pwDOxlJYz8SpcJxBwkh3xh3DGbh2%2FEchRjypdg5TeQHyE206OzWoI42eqAkdZ%2BQdkuEyLS2W9gOsiVp8qFOtYheZ%2FReoh4WLce084NWDBgnR%2Bl44zwtarAJ82k2c9oZEM1IoKH5tWcXZetVlmkrdw0faoPibAt8SYbDvwsH1kWYaSU1CuCxrXUtARswMbenulv4GinCRH2qW8tZ1q7IZpVjPuvAY4xisJyTaFBk%2FQYaQ4ndPJCknXP8Y9fP2292BlUs0wcGytnczPMZdnHUFPxltDyFtBPXW8hQbNcbHAGUz1DD7KsowXSZbGZbnASZUl7iNDRb7AeZqmyQIjHCN0%2BEuCqjwHeIEqFAO8SNPynee3VYziOSarKRVW1tC1Gz%2BMaP%2Fl7v393p%2BCOa6mC1wyyAXyX1O2WhsrTLgMaZbMU%2FANFdjCwIGxsxIWx%2FZ1AvKkvU2CBBnG1WTK4E2gFqtMDfUHj6FBXIGrbIq4kYMY3fd2rYKQsihnV9uydkXNqPmWGBL0QpRWaFoQjmPGtrIjTIRhBU7m2ecs30mqkV0t7XLgXEOb0TA%2BhlmFjjdSK%2FkKrhNuw64Ua8PIIivzJwN27mYUq4NwUFzuVQlwvVuIgqgkjePipAOXJCxBLWxBkyUGp02cluiEPVhwLZVrYAXjatC%2FvJBhWlacA%2FVEkU5fgeV58jjV%2F4zbEVfcqaqW8C3ZXUEmh6WxXfbQLbqXAjzHsI7KwXdIDCu3j01RMl3MeB1urOvztelykAPNI5eaxv%2FhPLfjheFpUeBLOFu6UbF18%2BeajJ9hOASwIXzwxJGgp9HHpyfXQvNeQ1QXPjuPZ2u5usGcQzOE0mlSckqUgCGoYMoSxchZwfE5bL7es6ZXdEtAze1Lu98N1OeeAZ7fx90%2BxX0BzrvfVOjjw6O%2FOMYwZrwqTyfAWgxbrfbN5sPDvV%2FjosymQLXu55WidTM0nF6cV%2BVUXvJmZ0dJXHjMj%2Bjj%2FuHD793d10%2Bfv0Q3bhBGf%2Fz5%2FvP9Xn%2B4u%2F%2F85VN0g3%2F6q1GRlvMomUsCY3jD6LaXKtwnJyjRO9FYeMKAcpE2nPwj1BM7QGjlQHmelwfLg3PMcGXcwXKA41Pzn4%2F0LHeR%2BLteXLgTfv4LLivBHw%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=WLHcHPscnsrFH4eUrlsKH7WGUA48aiT8LhxkZw3obRkvGMFbb2Z3LB%2FqvFzmrn6kilg3Yg%2Bx%2FcZd2V1VpOdNJgVzT2k%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=286474318643202&ad-session-id=5047861648538506660&target-id=30298867&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgostinform.ru&top-ancestor-undetermined=0&pcode-version=56841&pcodever=56841&flash-ver=0&available-width=840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A840%2C%22h%22%3A0%2C%22width%22%3A840%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A560%2C%22top%22%3A429%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=816&grab=dNCT0L7RgdGC0YssINCh0L3QuNC_0YssINCe0YHRgtGLIC0g0JLRgdC1INCz0L7RgdGD0LTQsNGA0YHRgtCy0LXQvdC90YvQtSDRgdGC0LDQvdC00LDRgNGC0Ysg0YHQutCw0YfQsNGC0Ywg0LHQtdGB0L_Qu9Cw0YLQvdC-IHwg0KHQv9GA0LDQstC-0YfQvdC40Log0LPQvtGB0YPQtNCw0YDRgdGC0LLQtdC90L3Ri9GFINGB0YLQsNC90LTQsNGA0YLQvtCyINC4INC90L7RgNC80LDRgtC40LLQvdGL0YUg0LTQvtC60YPQvNC10L3RgtC-0LIKMdCh0L_RgNCw0LLQvtGH0L3QuNC6INCz0L7RgdGD0LTQsNGA0YHRgtCy0LXQvdC90YvRhSDRgdGC0LDQvdC00LDRgNGC0L7QsiDQuCDQvdC-0YDQvNCw0YLQuNCy0L3Ri9GFINC00L7QutGD0LzQtdC90YLQvtCyIAoz0J7QsdGJ0LXRgNC-0YHRgdC40LnRgdC60LjQuSDQutC70LDRgdGB0LjRhNC40LrQsNGC0L7RgCDRgdGC0LDQvdC00LDRgNGC0L7QsiAo0J7QmtChKTogCjPQktC40LTRiyDQvdC-0YDQvNCw0YLQuNCy0L3Ri9GFINC00L7QutGD0LzQtdC90YLQvtCyOiAKM9Ca0LvQsNGB0YHQuNGE0LjQutCw0YbQuNGPINCh0J3QuNCfIAoz0JPQntCh0KLRiyAKM9Cd0L7RgNC80LDRgtC40LLQvdGL0LUg0LTQvtC60YPQvNC10L3RgtGLIAo%3D&uniformat=true&callback=Ya%5B1699713902361%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7979e62bc495dc69dc0ad02ba27cf9d9c7eab30fca0f6823856e02400d2b2bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gostinform.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 07:21:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1648538506001744-1700385103338840151000152-production-app-host-sas-pcode-9
strict-transport-security: max-age=31536000
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 29 Mar 2022 07:21:46 GMT

GET
H2 200 ce602031a5c552892e67.js Show response
yastatic.net/partner-code-bundles/56841/ 661 KB
135 KB 115ms
82ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/56841/ce602031a5c552892e67.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

723fb29987226a44acb35a60d347a4ff69defe2041867fb0e383680eff5e75bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gostinform.ru/
Origin: https://gostinform.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 137896
last-modified: Mon, 28 Mar 2022 16:29:25 GMT
server: nginx/1.17.9
etag: "7301c910c3b94cd335c1eff54dc9a0c2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Mar 2052 13:54:10 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
647 B 271ms
14ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gostinform.ru&callback=_gfp_s_&client=ca-pub-1248863131188985

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1248863131188985&plah=gostinform.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ebfe71509a9e82629b14111944ac8cc498562ba603a5d812b590c7b6cdf4117e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 67ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gostinform.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 56ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gostinform.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4909 23 KB
10 KB 331ms
315ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=60&slotname=9847723737&adk=1812008156&adf=3370897437&pi=t.ma~as.9847723737&w=468&lmt=1648538506&psa=0&format=468x60&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506530&bpp=4&bdt=387&idt=157&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=7781929918227&frm=20&pv=2&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=922&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h6hv0jRnzg&p=https%3A//gostinform.ru&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

737b1a962d9918c5ef6b50b0d31e4e046c42aa1a4ffd208b21e93394c5737eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Mar 2022 07:21:46 GMT
server: cafe
content-length: 9765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Mar 2022 07:21:46 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BC3B 115 KB
33 KB 432ms
432ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=90&slotname=2139769737&adk=1689885382&adf=2000092771&pi=t.ma~as.2139769737&w=756&lmt=1648538506&rafmt=12&psa=0&format=756x90&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506534&bpp=1&bdt=391&idt=192&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d61im4BlDi&p=https%3A//gostinform.ru&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ad08f0115ece93114893effe7fac485a2d81ccebe1893c66130bc4e9ee7ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Mar 2022 07:21:46 GMT
server: cafe
content-length: 34213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Mar 2022 07:21:46 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 279C 23 KB
10 KB 403ms
402ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=250&slotname=9164485733&adk=24804720&adf=2469167549&pi=t.ma~as.9164485733&w=300&lmt=1648538506&psa=0&format=300x250&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506536&bpp=1&bdt=392&idt=199&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rjdCjQfgoG&p=https%3A//gostinform.ru&dtd=201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a73458ae94518e03688295d9c8e65af614ad5be69817cb00225418b88a8fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Mar 2022 07:21:46 GMT
server: cafe
content-length: 9736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Mar 2022 07:21:46 GMT
cache-control: private

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
917 B 60ms
60ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2406861;u=https%3A//gostinform.ru/;st=1648538506490;title=%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=85a70c9beb9f6cff;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1648538506745%3A1648538506764%3A1%3A3405fef4d545de187e7a4263d9d088d6;visible=true;_=0.3037118220924717

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gostinform.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://gostinform.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://gostinform.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://gostinform.ru
access-control-allow-headers: *

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9592.eBtUDZHLrcrYZElPtjVCYzWcGZU3hocxHidTo26MmAVoxaZO4c9ZtxtGvweFjmxG.cjfWJQ0xMqsVKFKQpKl-epJIhqU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9592.ZhQC36yHTj64pCSfQ8napNfke8pGR2F4Jlm3xA7mo9q1T2-P4St2mFoJ-9hDBsMHWdCTVAb0CXppKc9LSjJpRw%2C%2C.Q0CKXV1fCHeWr_R8PdRj1SMD16E%2C

75 B
75 B

35ms
35ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9592.ZhQC36yHTj64pCSfQ8napNfke8pGR2F4Jlm3xA7mo9q1T2-P4St2mFoJ-9hDBsMHWdCTVAb0CXppKc9LSjJpRw%2C%2C.Q0CKXV1fCHeWr_R8PdRj1SMD16E%2C

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9592.ZhQC36yHTj64pCSfQ8napNfke8pGR2F4Jlm3xA7mo9q1T2-P4St2mFoJ-9hDBsMHWdCTVAb0CXppKc9LSjJpRw%2C%2C.Q0CKXV1fCHeWr_R8PdRj1SMD16E%2C
date: Tue, 29 Mar 2022 07:21:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A4FF 0
19 B 53ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&adk=1812271804&adf=3025194257&lmt=1648538506&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgostinform.ru%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506549&bpp=1&bdt=406&idt=246&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90%2C300x250&nras=1&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=253

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Mar 2022 07:21:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Mar 2022 07:21:46 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 37ms
36ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 29 Mar 2022 08:21:46 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/22431739/
Redirect Chain

https://mc.yandex.com/watch/22431739?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251...
https://mc.yandex.com/watch/22431739/1?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-12...

338 B
451 B

35ms
34ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/22431739/1?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A666718564306%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A501531370%3Arqn%3A1%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648538505655%3Ads%3A151%2C111%2C224%2C1%2C0%2C0%2C%2C348%2C14%2C%2C%2C%2C836%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: gostinform.ru
URL: https://gostinform.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

507c78b2443717974142f36405ff3a9fca7549465d472ef128d0f8ad19ce2ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
location: /watch/22431739/1?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A666718564306%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A501531370%3Arqn%3A1%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648538505655%3Ads%3A151%2C111%2C224%2C1%2C0%2C0%2C%2C348%2C14%2C%2C%2C%2C836%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

GET
H2 200 143140 Show response
mc.yandex.com/watch/ 302 B
363 B 35ms
34ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/143140?wmode=7&page-url=https%3A%2F%2Fgostinform.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A1%3Als%3A1647052500850%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A526529338%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648538505655%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr(14)mc(p-1)lt(7400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

be50fedd39669faf52acbe048979cd6f7c77ad372dc0371faae814309e26bc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 302
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/22431739/ 43 B
73 B 34ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/22431739/1?page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A1%3Als%3A666718564306%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072146%3Aet%3A1648538507%3Ac%3A1%3Arn%3A1060280327%3Arqn%3A2%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648538505655%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507&t=gdpr(14)mc(p-2-h-1)lt(7400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gostinform.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/143140/ 43 B
73 B 35ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/143140/1?page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afp%3A836%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A1%3Als%3A1647052500850%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072147%3Aet%3A1648538507%3Ac%3A1%3Arn%3A915821424%3Arqn%3A1%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648538505655%3Ads%3A151%2C111%2C224%2C1%2C0%2C0%2C%2C348%2C14%2C%2C%2C%2C836%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507&t=gdpr(14)mc(p-2-h-1)lt(7400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gostinform.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

GET
H2 200 143140 Show response
mc.yandex.com/watch/ 43 B
73 B 35ms
35ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/143140?page-url=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1uynsm9oyo6zm0qabr2%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A771%3Acn%3A2%3Adp%3A1%3Als%3A1647052500850%3Ahid%3A826183467%3Az%3A0%3Ai%3A20220329072147%3Aet%3A1648538507%3Ac%3A1%3Arn%3A306865114%3Arqn%3A2%3Au%3A1648538507692255499%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648538505655%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648538507%3At%3A%D0%93%D0%BE%D1%81%D1%82%D1%8B%2C%20%D0%A1%D0%BD%D0%B8%D0%BF%D1%8B%2C%20%D0%9E%D1%81%D1%82%D1%8B%20-%20%D0%92%D1%81%D0%B5%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D1%8B%20%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%7C%20%D0%A1%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA%20%D0%B3%D0%BE%D1%81%D1%83%D0%B4%D0%B0%D1%80%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D1%82%D0%B0%D0%BD%D0%B4%D0%B0%D1%80%D1%82%D0%BE%D0%B2%20%D0%B8%20%D0%BD%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85%20%D0%B4%D0%BE%D0%BA%D1%83%D0%BC%D0%B5%D0%BD%D1%82%D0%BE%D0%B2&t=gdpr(14)mc(p-2-h-1)lt(7400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Tue, 29-Mar-2022 07:21:46 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://gostinform.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 29-Mar-2022 07:21:46 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 4909 2 KB
1 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=60&slotname=9847723737&adk=1812008156&adf=3370897437&pi=t.ma~as.9847723737&w=468&lmt=1648538506&psa=0&format=468x60&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506530&bpp=4&bdt=387&idt=157&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=7781929918227&frm=20&pv=2&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=922&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h6hv0jRnzg&p=https%3A//gostinform.ru&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:15:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4909 119 KB
37 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Mar 2022 07:21:46 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 4909 15 KB
7 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:13:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 506
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:13:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4909 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEB4girNCYtLnA5qh7_UPhbWR8AbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNDg4NjMxMzExODg5ODWgAdW20uoDyAEJqQIRYjj-THGyPqgDAaoEsgFP0NeLr52LsKmeEHkXayY6WpN-zzt9gQIpafYJ6mrNBo-6HrlzgCYImA6TO1B-AkqkmFMz_X5qtQpRW3Gus8lzXi5duXsS2O5KfkXflyniGnX_8duisddv4wmjqvPctngi3ErF27Jlr96X7lE53fKwq7OxneUyPUZYRYeyWCeLUZRrqVaU_B7uSXYE8vSC-3kudoGczzRcws9h0YYaGjM04OFpjO8eLiBNDXXYoaZPirAzgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMjQ4ODYzMTMxMTg4OTg1GAA&sigh=eWwvQCN7_wk&uach_m=[UACH]&cid=CAQSGwCNIrLMJs9pQoF5zjzxgcJXR5u8HBtmTfq3GxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=60&slotname=9847723737&adk=1812008156&adf=3370897437&pi=t.ma~as.9847723737&w=468&lmt=1648538506&psa=0&format=468x60&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506530&bpp=4&bdt=387&idt=157&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=7781929918227&frm=20&pv=2&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=922&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=h6hv0jRnzg&p=https%3A//gostinform.ru&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Mar 2022 07:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 29 Mar 2022 07:21:46 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4909 0
0 50ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EImvMNQDPJ2DYgICAAAAA_g7T3MbEEYQirNCYsMCtpGbYwPFygX4ABI&wp=YkKzigAA89IIu9CaAARahcP846H6KgigX6hh9Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 292373
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B933 131 KB
46 KB 294ms
164ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigAA89IIu9CaAARahcP846H6KgigX6hh9Q&u=%7CGQr6P4BuVaDdvsbrEVcmFpoGAByVvF8hQUKcCB%2BZlLk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNgnflBzJEIRfTUsK0v1YyUkElnoVU6GqZKjX9pU5TZHnzgzCJnx5hkZ7QAGd4XConidp39LmPywjiIiBoByvmgrMy5fa-jLAgXlycI5Gx2LOvBZr48Bkafa6_1maHHq9ZX-041n2fV_w8s4Bd_o0U4QIPKWsXlKvbH8G6_RwRd0jr4jxSKy57E5TlPB-IYxYRgf4OcvityOeFix6H-K5xTfawxpY4rTTCPDyBzQ-bhmtfd-9UO41btLAI_2ftXnr2nO1vXKwLxbchyz_AiK69m206pCuPpD6h-fQJQA7YSejgolgGbGdiFF05gIq1PcvG5YSTQAlETfUQifLWiAEnbln_H8PViv6cA90wXIrxGkAiJZ-FYqf4kNZltKbR7IIh-eTLtKDteZ5SW8a0wMSDZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0HPirNCYtLnA5qh7_UPhbWR8AbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNDg4NjMxMzExODg5ODWgAdW20uoDyAEJqQIRYjj-THGyPqgDAaoEtQFP0NeLr52LsKmeEHkXayY6WpN-zzt9gQIpafYJ6mrNBo-6HrlzgCYImA6TO1B-AkqkmFMz_X5qtQpRW3Gus8lzXi5duXsS2O5KfkXflyniGnX_8duisddv4wmjqvPctngi3ErF27Jlr96X7lE53fKwq7OxneUyPUZYRYeyWCeLUZRrqVaU_B7uSXYE8raA2uup-R2PcKhIYR9cd34TDjmC6s9xDlvWE4a_smv0uSPlDqOMi_M7gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rQ3HGhcE9V7YaIg1uQKFT-uk3VA%26client%3Dca-pub-1248863131188985%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

280e083a77cf50e46198a9cc0b7a69c7757c587e3199797633c517f336d189d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Zjqp4SGqnDqm9OY44Bz9wGNMNSgRcjSRIoY59pUhZAMjWqhO6IElxqJvcNTP9DCam7iHKY-q7opjHd52PAcSS-M4XVawK0js9Jq4qjPED_ZLdReWi3Z_RR7cDbDVXs6KxyDXhWTZsPaV3JQ1BMDK2CdPcFBXFMDqFuYARZJAEhzh2pz7aO4cykT-fCW-4cwmEH4PBg4cxquMmD9fKjdhCRfBzdh-utyZLVbjY2hZY44J-bQvF_LbzSUmspYfWCNKDL-wzA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 144913894
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 279C 2 KB
1 KB 48ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=250&slotname=9164485733&adk=24804720&adf=2469167549&pi=t.ma~as.9164485733&w=300&lmt=1648538506&psa=0&format=300x250&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506536&bpp=1&bdt=392&idt=199&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rjdCjQfgoG&p=https%3A//gostinform.ru&dtd=201

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:15:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 279C 119 KB
36 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Mar 2022 07:21:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame 279C 15 KB
6 KB 45ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:20:58 GMT

GET
DATA 200
OK truncated
/ Frame 4909 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d2a198fe42347550f266f9ee2c14fc2ba5762a32d885ccc9f22ca5500b9e5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame BC3B 2 KB
904 B 38ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=90&slotname=2139769737&adk=1689885382&adf=2000092771&pi=t.ma~as.2139769737&w=756&lmt=1648538506&rafmt=12&psa=0&format=756x90&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506534&bpp=1&bdt=391&idt=192&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d61im4BlDi&p=https%3A//gostinform.ru&dtd=197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:20:12 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame BC3B 19 KB
8 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:17:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:17:41 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame BC3B 2 KB
1 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:15:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame BC3B 15 KB
6 KB 40ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Apr 2022 07:20:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC3B 119 KB
36 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Mar 2022 07:21:46 GMT

GET
H2 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame BC3B 28 KB
12 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 11:21:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 279C 0
0 47ms
46ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF8rEirNCYu6VBYqn6wTHv7v4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTI0ODg2MzEzMTE4ODk4NaAB1bbS6gPIAQmpAhFiOP5McbI-qAMBqgS0AU_Qc_84NEgGG4_-0iDPH0PyJtS3qrDJgxXnuIUGl81EwF42e1qzaHmKgc4nx9Qzdq5jgsxxKR0_CtLUI9TROniFS-dANlsgocwHJXAELYLwST3jflphfi23WJSetqWVO5WSJrV0zx0sb_zfcOc33RLu4ZiZVhA7L91SHy70zbBy7VYc_HKtSq2xfUqBu_MyoINvxgT3Q3_EKG3fU-OKoeFKNn0fgSvfLv47-YqBBprr_cKnIoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTI0ODg2MzEzMTE4ODk4NRgA&sigh=e4mgvVBS2IQ&uach_m=[UACH]&cid=CAQSGwCNIrLMj8Qk38dneayrG1E4QFoxb-DWjNnjVRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=250&slotname=9164485733&adk=24804720&adf=2469167549&pi=t.ma~as.9164485733&w=300&lmt=1648538506&psa=0&format=300x250&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506536&bpp=1&bdt=392&idt=199&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60%2C756x90&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rjdCjQfgoG&p=https%3A//gostinform.ru&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Mar 2022 07:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 279C 0
0 93ms
22ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UOb8EN2BMKwC-gGdg2ICAgAAABVbac97PSvPEImzQmL9VylT0kAI50ALDwAS&wp=YkKzigABSu4KmtOKAA7fx0_NcQE_MW_XJsFtrw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 280047
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7B1A 201 KB
58 KB 186ms
168ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigABSu4KmtOKAA7fx0_NcQE_MW_XJsFtrw&u=%7CGQr6P4BuVaDJntoykH%2FLQCJDYE2kuFjFK0IsYf78lw4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_rqmQpy5dPsKwaXEQO8GSyYWdHLX9DGFawmk-_gqon_km46PGHiNspRtADWRa2BWN6chWjjoNPk4iXUNgvHZeM8ePUMtL3LgUUtTEdTrMZenib7iF3THMPHrzV_3in-xOLdfqu3B2IYBlxsU238q6fHffYnM8SG1exchzxtrNgLpCSJmcAPjmE4c-3CTr7VpHkIz7SHj54YBbE_G4pVvVllW6wWM128M0tDzJvk2ZtJ9YH3GJqSce5zXaka4eMAz6O_71jNKDZ58dMW4mjjV6rk3BUgmgHd0feg7fXfJoA3wzIlMjJBILkqvjHo28LMB6dhFhQWAft9cAtlmPL62O76MeYzrRv-dAWZchM4M_aEpi6Egd7sJEb49DBLWRH8mdPyStoai2Gv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM813irNCYu6VBYqn6wTHv7v4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTI0ODg2MzEzMTE4ODk4NaAB1bbS6gPIAQmpAhFiOP5McbI-qAMBqgS3AU_Qc_84NEgGG4_-0iDPH0PyJtS3qrDJgxXnuIUGl81EwF42e1qzaHmKgc4nx9Qzdq5jgsxxKR0_CtLUI9TROniFS-dANlsgocwHJXAELYLwST3jflphfi23WJSetqWVO5WSJrV0zx0sb_zfcOc33RLu4ZiZVhA7L91SHy70zbBy7VYc_HKtSq2xfUqBu_NwoqL9QYtrUMBYPM4PbkVyqPVAgHcxmalr5sOdCzWfKoJuV0a0nVqetYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cHQ7AqmpS9GnkoCkiwXu176Ft_Q%26client%3Dca-pub-1248863131188985%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

26423cea37aa87611157d3950ed566f885ca8e0e6b9e08727ba86330c4861792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OSAJiiGqnDqm9OY4q8FF2gLsV_Up3YTF1EP4rluBe1nnAsl3vnA10eWFombwTrgxd5u5v0qU70qyQkrfCBwbcoq-ekcGzInlvaFRRBlOsVdSj7tJcWLCS8TzBnhFSwQgwYNC_EubTihlInRCmbx-o7WDp_z7jqUJkDCekE-HbT133z2d1jvyANpp080ip2nGOT5iR9a-Axd4uuMIukgwTuwqePW7f3MUX1wNSlDNH_FAX3OqjgDrvqBoxVHdIym86-dCFA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 145185335
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BC3B 0
0 55ms
49ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxSiYirNCYtjtBNGM78EPiNEQ49Co-Wid99nj5AyV9oyIqx8QASDol8EXYJXikIKgB6ABlsab_gPIAQmpAhFiOP5McbI-qAMByAPLBKoEugFP0Gtk7Ypj3bx-AUntMkdtqpB6tCoZIzy8Ay_kSvUys1B2D89219hA9yvIDjjMuIBrN8-UHP5kYmzriWHgwuRvNsWxlYyd9JJJDdAE-gzLV2_5k3rs4ii-BufS7td7QHa2OXkQg1wvcMsheFxq3LTBpxKySovwuqXI4iGUvyUVGpHETuMXiz2W1O7jHZKe8SfuxZ5_lvGyhR0mghLrq4a3E-y8YykXJ8QS6lov96plN_GzGZRAiwK5rAPABKuim8O4A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeOp9I2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEJbkAdIICQiA4YAQEAEYH4AKAcgLAdgTDtAVAYAXAbIXHAoaCAASFHB1Yi0xMjQ4ODYzMTMxMTg4OTg1GAA&sigh=674fzloCIUA&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1248863131188985&output=html&h=90&slotname=2139769737&adk=1689885382&adf=2000092771&pi=t.ma~as.2139769737&w=756&lmt=1648538506&rafmt=12&psa=0&format=756x90&url=https%3A%2F%2Fgostinform.ru%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648538506534&bpp=1&bdt=391&idt=192&shv=r20220324&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=468x60&correlator=7781929918227&frm=20&pv=1&ga_vid=466564712.1648538507&ga_sid=1648538507&ga_hid=2021364795&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371&oid=2&pvsid=1716502872819504&pem=138&tmod=391436965&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=d61im4BlDi&p=https%3A//gostinform.ru&dtd=197
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Mar 2022 07:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BC3B 28 KB
29 KB 43ms
8ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSkdaP9mrhWSaG8bOf3W9wjkT2drZwwaqoeenI0CQ2tupI4tjPg2_YA2gwP0Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d37f632ba7d6e0f51393655bd9e90639efcd6606b665af19c3e6b6df222f952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 20:09:21 GMT
x-content-type-options: nosniff
age: 299545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28793
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 11:00:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Mar 2023 20:09:21 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame BC3B 34 KB
34 KB 50ms
16ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRD8ReiMAGw47OFFDDWFFEkYxuwmtq3EekN2EtgZsXiCzwcuCYl55cWqoRsZw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d29d10cd3186414018bdda033a793c62eacb564e635ac78c527e3430c69ced4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:44:01 GMT
x-content-type-options: nosniff
age: 477465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34987
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:57:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Mar 2023 18:44:01 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BC3B 31 KB
31 KB 68ms
23ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRd1jazTYg4ZrpgUOynhjp0LcyFYodg-Xv73ivtrtylKcdyx51EGWkSxtbP1g&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95677fd6d6a20c4c867c20902412b0c7979bc43337fca8d0bbb5b3132d3d4ba3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 18:58:59 GMT
x-content-type-options: nosniff
age: 476567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31542
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 05:16:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 23 Mar 2023 18:58:59 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BC3B 30 KB
31 KB 57ms
11ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTAP9_L_jgXd6AxUN5cUjTOEa0HFAs8jNmzrNQumGfP-TbD9on4GCEG11r0MJs&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07f41cee6bf3bf65d776eeaa270ab25ce8a06ec0dfb4ef289b7ecf6d218fe866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 12:21:44 GMT
x-content-type-options: nosniff
age: 154802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31079
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 01:49:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 27 Mar 2023 12:21:44 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BC3B 21 KB
21 KB 66ms
20ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR8hKkcj0qA7WHiyUmtQ-nabF1nA5ZltVp-0VwbR_A5wlwKyDN4BArZ6HXrB64&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d8c50902fc8f40aed12b2ca69077f620f6ed789924c657c216e5f2e810c8ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 19:00:12 GMT
x-content-type-options: nosniff
age: 562894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21703
x-xss-protection: 0
last-modified: Sun, 16 May 2021 09:21:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 22 Mar 2023 19:00:12 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BC3B 36 KB
36 KB 66ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRDA7W4RtwN8BrRbGZgGBcSBvqbCjFBTg627QVoQz2i6Lj5CS9X8hYD1DWh3Co&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b1ae454cb16adf594ee90eae21ed4f0667583c6ed7c08e5bafead38c2b5a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:42:16 GMT
x-content-type-options: nosniff
age: 365970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36949
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 04:01:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Mar 2023 01:42:16 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame BC3B 35 KB
35 KB 56ms
12ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJLs0HszY0lQ7yNZY8Q5iPulq4VowJNOw1XUgJ42ZgjtJY-PD3IA2kkd7gyQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b0490dbab86a8b5b431e23cbe2c23300940f44c22dca878778b43bd3eb7a75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 19:42:57 GMT
x-content-type-options: nosniff
age: 301129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35666
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 10:33:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Mar 2023 19:42:57 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame BC3B 14 KB
14 KB 63ms
20ms Image
image/png 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQGzNQ7U2MLcl5xBuMkZonW8KHORuDhtrNCjleCU51Iyqj3x0Jo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

429bb5d14b5317a2eea6758041dd53d34abd09e05017c9f904968268170f8015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:58 GMT
x-content-type-options: nosniff
age: 590328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 10:00:36 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 22 Mar 2023 11:22:58 GMT

GET
DATA 200
OK truncated
/ Frame BC3B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31143ab9744ba1ac21b286ede78fd559644a6e8c63a0baa1a740795318834f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 279C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f78f239c3c2dcac27aabf737489d08d9132dd9ca644d45d6924e56dbb9340c9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js Show response
pagead2.googlesyndication.com/bg/ Frame 212A 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 13:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 13:14:31 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B933 2 KB
1 KB 88ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigAA89IIu9CaAARahcP846H6KgigX6hh9Q&u=%7CGQr6P4BuVaDdvsbrEVcmFpoGAByVvF8hQUKcCB%2BZlLk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNgnflBzJEIRfTUsK0v1YyUkElnoVU6GqZKjX9pU5TZHnzgzCJnx5hkZ7QAGd4XConidp39LmPywjiIiBoByvmgrMy5fa-jLAgXlycI5Gx2LOvBZr48Bkafa6_1maHHq9ZX-041n2fV_w8s4Bd_o0U4QIPKWsXlKvbH8G6_RwRd0jr4jxSKy57E5TlPB-IYxYRgf4OcvityOeFix6H-K5xTfawxpY4rTTCPDyBzQ-bhmtfd-9UO41btLAI_2ftXnr2nO1vXKwLxbchyz_AiK69m206pCuPpD6h-fQJQA7YSejgolgGbGdiFF05gIq1PcvG5YSTQAlETfUQifLWiAEnbln_H8PViv6cA90wXIrxGkAiJZ-FYqf4kNZltKbR7IIh-eTLtKDteZ5SW8a0wMSDZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0HPirNCYtLnA5qh7_UPhbWR8AbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNDg4NjMxMzExODg5ODWgAdW20uoDyAEJqQIRYjj-THGyPqgDAaoEtQFP0NeLr52LsKmeEHkXayY6WpN-zzt9gQIpafYJ6mrNBo-6HrlzgCYImA6TO1B-AkqkmFMz_X5qtQpRW3Gus8lzXi5duXsS2O5KfkXflyniGnX_8duisddv4wmjqvPctngi3ErF27Jlr96X7lE53fKwq7OxneUyPUZYRYeyWCeLUZRrqVaU_B7uSXYE8raA2uup-R2PcKhIYR9cd34TDjmC6s9xDlvWE4a_smv0uSPlDqOMi_M7gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rQ3HGhcE9V7YaIg1uQKFT-uk3VA%26client%3Dca-pub-1248863131188985%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B933 2 KB
1 KB 88ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B933 308 B
637 B 81ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame B933 507 B
835 B 83ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame B933 0
688 B 225ms
152ms Image
text/plain 2600:9000:2156:c200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1648538505
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigAA89IIu9CaAARahcP846H6KgigX6hh9Q&u=%7CGQr6P4BuVaDdvsbrEVcmFpoGAByVvF8hQUKcCB%2BZlLk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpP7WQ_iZpHyNgnflBzJEIRfTUsK0v1YyUkElnoVU6GqZKjX9pU5TZHnzgzCJnx5hkZ7QAGd4XConidp39LmPywjiIiBoByvmgrMy5fa-jLAgXlycI5Gx2LOvBZr48Bkafa6_1maHHq9ZX-041n2fV_w8s4Bd_o0U4QIPKWsXlKvbH8G6_RwRd0jr4jxSKy57E5TlPB-IYxYRgf4OcvityOeFix6H-K5xTfawxpY4rTTCPDyBzQ-bhmtfd-9UO41btLAI_2ftXnr2nO1vXKwLxbchyz_AiK69m206pCuPpD6h-fQJQA7YSejgolgGbGdiFF05gIq1PcvG5YSTQAlETfUQifLWiAEnbln_H8PViv6cA90wXIrxGkAiJZ-FYqf4kNZltKbR7IIh-eTLtKDteZ5SW8a0wMSDZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK0HPirNCYtLnA5qh7_UPhbWR8AbJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTEyNDg4NjMxMzExODg5ODWgAdW20uoDyAEJqQIRYjj-THGyPqgDAaoEtQFP0NeLr52LsKmeEHkXayY6WpN-zzt9gQIpafYJ6mrNBo-6HrlzgCYImA6TO1B-AkqkmFMz_X5qtQpRW3Gus8lzXi5duXsS2O5KfkXflyniGnX_8duisddv4wmjqvPctngi3ErF27Jlr96X7lE53fKwq7OxneUyPUZYRYeyWCeLUZRrqVaU_B7uSXYE8raA2uup-R2PcKhIYR9cd34TDjmC6s9xDlvWE4a_smv0uSPlDqOMi_M7gAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2rQ3HGhcE9V7YaIg1uQKFT-uk3VA%26client%3Dca-pub-1248863131188985%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 1LukSw6fTqbtuX-26y662fiZQTUIlJ2iPoB6sh-Ct8l1i21EhnN3Ww==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame B933 43 B
347 B 84ms
22ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=1l-6mQzVkVSxboZEib7qT0T2nQOSmQhXecmGuv7s66D3Wb53i_CoFi_klDkbQZWtFUFalwm9kpMIqpyK8Vqqj8TxOZdsQV56bw46UueU-_uQDlgQ53MvibVCOaN47in2XL01adWQhSKVK9Ch_YyUSCkIUU4WIa_uxaDdoj8DKRC7kGoK4WbOO19vpxSFZLMZFCl8eHaCvleuvsXp4rp5HM3_j52oiR57wODq_ZO07gdXI6YbpaKo5OuUPbOQbnTwFJCAxpzO-fBNU3tOZgSGPG0hufQomfjjG3g1FNVImSfgVC7V34L67Iu2eDJsbEyFf4aGbGhPjYul1-gMNf2U-Nj5OuraVxG2EBwiUYegnlCVEyeUt7WlzElh0l595YFXTw_TzIbjszPu4CKPKrnrJ7Oe7-EUBtTCZXFZrzqzWSqV81fDbHq51buEqckIuRAVJzT7BA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3694160
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7B1A 2 KB
1 KB 83ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigABSu4KmtOKAA7fx0_NcQE_MW_XJsFtrw&u=%7CGQr6P4BuVaDJntoykH%2FLQCJDYE2kuFjFK0IsYf78lw4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_rqmQpy5dPsKwaXEQO8GSyYWdHLX9DGFawmk-_gqon_km46PGHiNspRtADWRa2BWN6chWjjoNPk4iXUNgvHZeM8ePUMtL3LgUUtTEdTrMZenib7iF3THMPHrzV_3in-xOLdfqu3B2IYBlxsU238q6fHffYnM8SG1exchzxtrNgLpCSJmcAPjmE4c-3CTr7VpHkIz7SHj54YBbE_G4pVvVllW6wWM128M0tDzJvk2ZtJ9YH3GJqSce5zXaka4eMAz6O_71jNKDZ58dMW4mjjV6rk3BUgmgHd0feg7fXfJoA3wzIlMjJBILkqvjHo28LMB6dhFhQWAft9cAtlmPL62O76MeYzrRv-dAWZchM4M_aEpi6Egd7sJEb49DBLWRH8mdPyStoai2Gv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM813irNCYu6VBYqn6wTHv7v4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTI0ODg2MzEzMTE4ODk4NaAB1bbS6gPIAQmpAhFiOP5McbI-qAMBqgS3AU_Qc_84NEgGG4_-0iDPH0PyJtS3qrDJgxXnuIUGl81EwF42e1qzaHmKgc4nx9Qzdq5jgsxxKR0_CtLUI9TROniFS-dANlsgocwHJXAELYLwST3jflphfi23WJSetqWVO5WSJrV0zx0sb_zfcOc33RLu4ZiZVhA7L91SHy70zbBy7VYc_HKtSq2xfUqBu_NwoqL9QYtrUMBYPM4PbkVyqPVAgHcxmalr5sOdCzWfKoJuV0a0nVqetYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cHQ7AqmpS9GnkoCkiwXu176Ft_Q%26client%3Dca-pub-1248863131188985%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7B1A 2 KB
1 KB 83ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7B1A 308 B
636 B 80ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 7B1A 507 B
835 B 81ms
24ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7B1A 0
690 B 222ms
152ms Image
text/plain 2600:9000:2156:c200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1648538506
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YkKzigABSu4KmtOKAA7fx0_NcQE_MW_XJsFtrw&u=%7CGQr6P4BuVaDJntoykH%2FLQCJDYE2kuFjFK0IsYf78lw4%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy_rqmQpy5dPsKwaXEQO8GSyYWdHLX9DGFawmk-_gqon_km46PGHiNspRtADWRa2BWN6chWjjoNPk4iXUNgvHZeM8ePUMtL3LgUUtTEdTrMZenib7iF3THMPHrzV_3in-xOLdfqu3B2IYBlxsU238q6fHffYnM8SG1exchzxtrNgLpCSJmcAPjmE4c-3CTr7VpHkIz7SHj54YBbE_G4pVvVllW6wWM128M0tDzJvk2ZtJ9YH3GJqSce5zXaka4eMAz6O_71jNKDZ58dMW4mjjV6rk3BUgmgHd0feg7fXfJoA3wzIlMjJBILkqvjHo28LMB6dhFhQWAft9cAtlmPL62O76MeYzrRv-dAWZchM4M_aEpi6Egd7sJEb49DBLWRH8mdPyStoai2Gv&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM813irNCYu6VBYqn6wTHv7v4Bsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMTI0ODg2MzEzMTE4ODk4NaAB1bbS6gPIAQmpAhFiOP5McbI-qAMBqgS3AU_Qc_84NEgGG4_-0iDPH0PyJtS3qrDJgxXnuIUGl81EwF42e1qzaHmKgc4nx9Qzdq5jgsxxKR0_CtLUI9TROniFS-dANlsgocwHJXAELYLwST3jflphfi23WJSetqWVO5WSJrV0zx0sb_zfcOc33RLu4ZiZVhA7L91SHy70zbBy7VYc_HKtSq2xfUqBu_NwoqL9QYtrUMBYPM4PbkVyqPVAgHcxmalr5sOdCzWfKoJuV0a0nVqetYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2cHQ7AqmpS9GnkoCkiwXu176Ft_Q%26client%3Dca-pub-1248863131188985%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: WF6KaEaJQQe--ZRjdJLlchZzKBcqvyTCqiMO9KGLAdLK99p7a_4NAQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 7B1A 43 B
348 B 82ms
21ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=Q09Lu6U7Kq9fguxPws2OQ_YCi50bmDHBogFESAxVC6-8b0GKMKmDLjN98g-gmWKlaZB4UD4pxdNSiy575Fzkt9HFko0OoBuEhAk-44slcRD_Vr4guVThqzzVc31lJhqp2oTNha2wO-_zL6yhs6Jl9EG4AATVcVIv47eD7CqTI8rlxrww4ZdTu2vqdZ6V9ygGfkeYR9pFoLdQZ4Uytsl4WFrmTSn0CnpNwW7PRJGQ8Rk7c9k5dOVvQXM8FcvZ8MGhn5uTIJHEZzF61fwhwBfF5himmPmTUSEhosLZDYyxXIXgbyBBTExNel_W8l24-e27kkNm68EWmylgRIRYJDUci9bAZ2qFkrzXB80Vx2dzmELhyOqyDnsL9OAqHF9mZZfjJuqHiPQGYm0z4RtAI50oWR5Tcf2N6bEtHoOy_7jYzXjfQEaFclkuwT6-x6GZW2m8vE4EKw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:46 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2960833
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B933 12 KB
6 KB 69ms
39ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B933 6 KB
7 KB 293ms
13ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=236&s=VyYid8Kt1VbWPl-INd0wF4UB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c6172adb8ef067681fb653febb8db61f5d978cefe06bfa35dbe88cb93bd1a08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30478856
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6577
expires: Fri, 17 Mar 2023 01:42:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B933 0
128 B 61ms
16ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Zjqp4SGqnDqm9OY44Bz9wGNMNSgRcjSRIoY59pUhZAMjWqhO6IElxqJvcNTP9DCam7iHKY-q7opjHd52PAcSS-M4XVawK0js9Jq4qjPED_ZLdReWi3Z_RR7cDbDVXs6KxyDXhWTZsPaV3JQ1BMDK2CdPcFBXFMDqFuYARZJAEhzh2pz7aO4cykT-fCW-4cwmEH4PBg4cxquMmD9fKjdhCRfBzdh-utyZLVbjY2hZY44J-bQvF_LbzSUmspYfWCNKDL-wzA&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 07:21:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B933 2 KB
1 KB 49ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B933 2 KB
1 KB 21ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7B1A 12 KB
6 KB 25ms
25ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 7B1A 14 KB
14 KB 207ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=596&s=Nr-8BUyF-wbgLa6y2QzwEEyJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5298d6aa96d4c31e65e9198beb08bc3de1b5b885f22ece667f35c05ea42e2424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31026746
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14455
expires: Thu, 23 Mar 2023 09:54:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7B1A 0
127 B 26ms
26ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=OSAJiiGqnDqm9OY4q8FF2gLsV_Up3YTF1EP4rluBe1nnAsl3vnA10eWFombwTrgxd5u5v0qU70qyQkrfCBwbcoq-ekcGzInlvaFRRBlOsVdSj7tJcWLCS8TzBnhFSwQgwYNC_EubTihlInRCmbx-o7WDp_z7jqUJkDCekE-HbT133z2d1jvyANpp080ip2nGOT5iR9a-Axd4uuMIukgwTuwqePW7f3MUX1wNSlDNH_FAX3OqjgDrvqBoxVHdIym86-dCFA&sds=2&rev=80956&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 07:21:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7B1A 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7B1A 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Mar 2023 07:21:46 GMT

GET
H2 200 drop-shadow.png
gostinform.ru/images/hsl/graphics/outlines/ 2 KB
2 KB 48ms
48ms Image
image/png 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/images/hsl/graphics/outlines/drop-shadow.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
last-modified: Mon, 18 Dec 2017 08:59:56 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37838c-82b"
content-length: 2091
content-type: image/png

GET
H2 200 zoomout.cur
gostinform.ru/images/hsl/graphics/ 326 B
456 B 50ms
49ms Image
application/octet-stream 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/images/hsl/graphics/zoomout.cur
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
last-modified: Mon, 18 Dec 2017 08:59:55 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "146-5609992efb8c0"
content-length: 326

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 36ms
22ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220324&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca517bf2082ff94dfc74877ca2e1953aaa73eac9957c1b0ddc977200fc83d900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Mar 2022 07:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10484
x-xss-protection: 0

GET
H2 200 loader.white.gif
gostinform.ru/images/hsl/graphics/ 673 B
798 B 48ms
48ms Image
image/gif 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/images/hsl/graphics/loader.white.gif
Requested by: Host: gostinform.ru
URL: https://gostinform.ru/images/hsl/highslide.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: 1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/images/hsl/highslide.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
last-modified: Mon, 18 Dec 2017 08:59:55 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37838b-2a1"
content-length: 673
content-type: image/gif

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
918 B 60ms
60ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2406861;u=https%3A//gostinform.ru/;st=1648538506490;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=85a70c9beb9f6cff;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1648538505655/////0/0/152/152/262/201/262/487/487/489/835/835/849/2125/2125/;ni=10//4g/0/0/;lvid=1648538506745%3A1648538507785%3A2%3A3405fef4d545de187e7a4263d9d088d6;visible=true;_=0.3102018761718748;e=RT/load;et=1648538507782

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gostinform.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://gostinform.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://gostinform.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://gostinform.ru
access-control-allow-headers: *

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Mar 2022 07:21:47 GMT

GET
H2 200 drop-shadow.png
gostinform.ru/images/hsl/graphics/outlines/ 2 KB
2 KB 49ms
48ms Image
image/png 185.9.147.100
SMARTAPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gostinform.ru/images/hsl/graphics/outlines/drop-shadow.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.9.147.100 , Estonia, ASN56694 (SMARTAPE, RU),
Reverse DNS: shared-26.smartape.ru
Software: nginx/1.20.2 /
Resource Hash: e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
last-modified: Mon, 18 Dec 2017 08:59:56 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "5a37838c-82b"
content-length: 2091
content-type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AE3 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Mar 2022 06:48:30 GMT
expires: Wed, 29 Mar 2023 06:48:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FCEE 783 B
1 KB 108ms
47ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e49b7c492efef9389622a051597803989b4286b8716c631857d5f43dc32295c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+FiEotWTb2N0weGmIZ4ikg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 29 Mar 2022 07:21:47 GMT
date: Tue, 29 Mar 2022 07:21:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-+FiEotWTb2N0weGmIZ4ikg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AE3 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vukqqZMEwiKfO5iIQC2Qvig_P1EBwRi6HH-n7W3xhSE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 13:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Mar 2023 13:14:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FCEE 0
0 44ms
43ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220324&jk=1716502872819504&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AE3 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c54TNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 07:21:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4909 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxvTmVQITdrp41oIkg2ddPg5P_b_aUURmRkP4Z2aU34nr6KLCN65wKSbo5LpRmzRnUQMd9gZMkpg3CP6UNHJwp&sig=Cg0ArKJSzHsassZeYYr8EAE&id=lidar2&mcvt=1001&p=0,0,60,468&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812008156&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648538506714&rpt=446&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 279C 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstt2WLBq3qVJgJFa7v4WLS9sXViuqgxDJRRzxg0BYhYd_ZiBpmZx8TEWQBnrcrRp9cyl9nbbzqeinj9SKsIUdck&sig=Cg0ArKJSzArrGdwcvBwREAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=24804720&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648538506738&rpt=525&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B933 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 07:21:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 7B1A 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 29 Mar 2022 07:21:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220324&jk=1716502872819504&bg=!vr2lvfnNAAbzJazn0yU7ACkAdvg8WjWK7sLoUUbNQtHgquzp0BBWQ-5O_ihzg20VQ8-6iHUE3Sv0lgIAAABwUgAAAANoAQcKAEa2Gst_tZOWzzWlaXdzIfOsnqmmxN7KjGK-weavxip9JCgmG4EAXkSUYb2htF7PGKbnhr9-iZzFuKeQGbrHtlSRFLOntm7ymQLH-BQ7MKci7Ro8I0cvtP4b6NV2hkDvto2FduExHTN_AX2qEf0G8K7y9m9BJHBnm_FXoA0p2JzMmDVZPzIco2pe8ZeVBNPwrvbbWdkTYCBcr-6KZCYfY1PBdrsIJAfZSCZ19S7GXwRriMn_fEWT2LnsLLofCt5WWtS-lv4CXWsJDeS22SS2FhH3KczOZA6tF18FlimuCNcCWJ0aOByatQ0vxmTKLSI_pkIjlQRm9afX1KXyMkjVbiMsp_XsWRpL6cunjqd5e1shW-ic0tzel6ntrqvTzrWilB7ZjD-sISSz5NAwFSfMhFXqhOKfmzKrpLLz4bCo0H6iZisUcAOTGSKmYDvwNXv-srqDgXt_CQmLhl052Z046EmUugqmXs4yu6fPN-qo-FffFrbsh6Dqgs5S7Vy0TQQ8JSwPRqB0tk-xcFrap3aOSpIOasCyXMj7zQIb7_QabwkobLJiHyk3JlAYnTWTFLoQloDrGOjVtzxqamHVsr3iTgDiV-fsgOcmIAT4UZz7r3PW0bn0j8g2DYQjsI3t8wkiPJZOKNWnAyt4HoG1LdvXvMGgY4qreQb62me8MYeyva99cAdVxo7Q0dNAOK0ueWL3MWE0QMhhHT26ttTbOrMwDW-a5oL0f65hfhMzA6nh8Bp6VjaLolvbrf6H8pN2zB4KOs80rLhuwu3Gbrt0BEv1d9b5y_Z2UcXVtGvSI7IxxXLwdEavxx9FG0xZjynJTw8TZbJ9cCVsKEInN6mXYXnSn8SbaW8UXRQUntcoeOKSJmu3W_ULqXQlj9aCsqe_vVnYO9_eoLnLD2jEx5rS0LXUmkcydzEuMJhzvEdjCgozQfzw56pskkPUSPJ1E2TUstizTY1Iyv-j5rC56BZDh8zatG2vskj0RxOHfSDCpdy2pGR0aSSst0E-gbHgKxv3eVt_uuzA-E_Kt0cQF2ycQdsjaBPo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gostinform.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Mar 2022 07:21:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: counter.rambler.ru
URL: http://counter.rambler.ru/top100.jcn?2947801

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gostinform.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: h4q60dmilkdr3eevk09a5need6
.gostinform.ru/	1970-01-20 09:55:09	Name: tmr_lvid Value: 3405fef4d545de187e7a4263d9d088d6
.gostinform.ru/	1970-01-20 09:55:09	Name: tmr_lvidTS Value: 1648538506745
.gostinform.ru/	1970-01-20 10:41:14	Name: _ym_uid Value: 1648538507692255499
.gostinform.ru/	1970-01-20 10:41:14	Name: _ym_d Value: 1648538507
.mc.yandex.com/	1970-01-20 01:55:39	Name: sync_cookie_csrf Value: 2948038199fake
.gostinform.ru/	1970-01-20 01:56:50	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 01:55:39	Name: sync_cookie_csrf Value: 1538719638fake
.yandex.com/	1970-01-20 10:41:14	Name: yandexuid Value: 5075655921648538506
.yandex.com/	1970-01-20 10:41:14	Name: yuidss Value: 5075655921648538506
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2084402751648538506
.yandex.com/	1970-01-23 17:31:38	Name: i Value: wSJ71hsZASQh1SIeExu4rP8Dk9FkrpGQDeLzjEqdTtxXybp+KoQux7xkXiTfyoOg8mYJ4e5ucV3hGRwk/Z3qIf/mGu0=
.yandex.com/	1970-01-20 10:41:14	Name: ymex Value: 1680074506.yrts.1648538506#1680074506.yrtsi.1648538506
.yandex.ru/	1970-01-23 17:31:38	Name: yandexuid Value: 8246668271648538506
.yandex.ru/	1970-01-20 19:26:50	Name: i Value: O6iwa98uKJyXWFaXpdgjOoqtkFrMp6Aq9NpCDJ0Ms0SH9YUG9w3YhA75opfxLnFkWzOKtyCAQTRLuyhSh4QhwpxBcFQ=
.gostinform.ru/	1970-01-20 11:17:14	Name: __gads Value: ID=6338926c1d10a616-221edc0667cd00f9:T=1648538506:RT=1648538506:S=ALNI_MbUYF6I1B4hyTCHor65IOUjnwmAyg
.gostinform.ru/	1970-01-20 01:55:40	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 11:17:14	Name: IDE Value: AHWqTUlJiAWx4WUvfGvAlu0Buv-duFgoHUAsFdPKeJOv5VlTglZANz21f68U9nvrnBw
.doubleclick.net/	1970-01-20 01:55:39	Name: test_cookie Value: CheckForPermission
.gostinform.ru/	1970-01-20 09:55:09	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 10:42:40	Name: VID Value: 0h_YIp1bMjI900000c1CH4o9:::0-0-0-75d0c49:CAASEIjCqMqdzq-yBOrYyLzkMKwaYCneNbZYXVJzVzFgjGxMqPGkBgmyRQux2cDY0Gs9n4CFbJDrdKfyygdgLfkwzZEkKyaHcnwE3xKhovR-s1Zlauc77APocWxsEyeMV5nzx93kCQJRfloqGRw7pItS4fv3ug
gostinform.ru/	1970-01-20 01:57:04	Name: tmr_detect Value: 0%7C1648538509088

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://gostinform.ru/ Message: Mixed Content: The page at 'https://gostinform.ru/' was loaded over HTTPS, but requested an insecure script 'http://counter.rambler.ru/top100.jcn?2947801'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://gostinform.ru/css/none Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9592.ZhQC36yHTj64pCSfQ8napNfke8pGR2F4Jlm3xA7mo9q1T2-P4St2mFoJ-9hDBsMHWdCTVAb0CXppKc9LSjJpRw%2C%2C.Q0CKXV1fCHeWr_R8PdRj1SMD16E%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/meta/143140?target-ref=https%3A%2F%2Fgostinform.ru%2F&charset=utf-8&pcode-test-ids=512022%2C0%2C67%3B547854%2C0%2C19%3B551698%2C0%2C6%3B552748%2C0%2C45%3B406668%2C0%2C24%3B495321%2C0%2C26%3B554178%2C0%2C32%3B204314%2C0%2C53&pcode-flags-map=eJylV9uO2zYQ%2FZVCz0ZBUfd9oyTaJkKRCknZ6wQBsUmdNMA2LdJNUCDIv3coyfbS3qW3qB98AXwOZ4Znzox%2BRFSQmlPbyJY22m7XzFDOtIlu3v6Ivt%2Fdf9tHN5FRA40W0cP%2B7wf2G%2FxOcYWyKvr5bhG1TI%2F4li7JwI01a9pRS7ve7Gw7KGKYFFe5imTk6mjLiF0yoKuZASy1vWJSMeBaksZI5TGhX5F7xRds6ci2kXyAUOrBGCksEay7DGZK%2FoKgGAkGwZZSAeolkKkazZqIFRSTs%2BYVlELJYbW2XK5Y43FALhDJIbRDjh5ngguMR875gjZ9NV9SuJxpXFTxY%2BCpqnC9zKxtp6n7aaiyg2jhndStlYLvrhBnKZ4rSzQkJVaW3vZ2yQl8OT%2FKml1%2FcXsWyglC0UzR9nDD4TOLJI%2BTZ868cphHHJ%2Bz4vzIOse%2BloLuemmgElZ3hHPbU9VQEe6EDKU4mcqt6OuBamM3HYEIlezsjkB5b60awhS4SPCUpF7LreWkpvwUxSSSMEOCYlQdE9KD2tAdiEVsqIKOlFbQrSVtoyh0wIbOf%2FAoN6yl0ueM8zI%2Bcl6gLXDr83b6nldx9RGSeZro4BVM9MR1iRRGSc5Bgb2iXJKWiZXHt%2F%2FnL48qzapHEiSty49pwDOxlJYz8SpcJxBwkh3xh3DGbh2%2FEchRjypdg5TeQHyE206OzWoI42eqAkdZ%2BQdkuEyLS2W9gOsiVp8qFOtYheZ%2FReoh4WLce084NWDBgnR%2Bl44zwtarAJ82k2c9oZEM1IoKH5tWcXZetVlmkrdw0faoPibAt8SYbDvwsH1kWYaSU1CuCxrXUtARswMbenulv4GinCRH2qW8tZ1q7IZpVjPuvAY4xisJyTaFBk%2FQYaQ4ndPJCknXP8Y9fP2292BlUs0wcGytnczPMZdnHUFPxltDyFtBPXW8hQbNcbHAGUz1DD7KsowXSZbGZbnASZUl7iNDRb7AeZqmyQIjHCN0%2BEuCqjwHeIEqFAO8SNPynee3VYziOSarKRVW1tC1Gz%2BMaP%2Fl7v393p%2BCOa6mC1wyyAXyX1O2WhsrTLgMaZbMU%2FANFdjCwIGxsxIWx%2FZ1AvKkvU2CBBnG1WTK4E2gFqtMDfUHj6FBXIGrbIq4kYMY3fd2rYKQsihnV9uydkXNqPmWGBL0QpRWaFoQjmPGtrIjTIRhBU7m2ecs30mqkV0t7XLgXEOb0TA%2BhlmFjjdSK%2FkKrhNuw64Ua8PIIivzJwN27mYUq4NwUFzuVQlwvVuIgqgkjePipAOXJCxBLWxBkyUGp02cluiEPVhwLZVrYAXjatC%2FvJBhWlacA%2FVEkU5fgeV58jjV%2F4zbEVfcqaqW8C3ZXUEmh6WxXfbQLbqXAjzHsI7KwXdIDCu3j01RMl3MeB1urOvztelykAPNI5eaxv%2FhPLfjheFpUeBLOFu6UbF18%2BeajJ9hOASwIXzwxJGgp9HHpyfXQvNeQ1QXPjuPZ2u5usGcQzOE0mlSckqUgCGoYMoSxchZwfE5bL7es6ZXdEtAze1Lu98N1OeeAZ7fx90%2BxX0BzrvfVOjjw6O%2FOMYwZrwqTyfAWgxbrfbN5sPDvV%2FjosymQLXu55WidTM0nF6cV%2BVUXvJmZ0dJXHjMj%2Bjj%2FuHD793d10%2Bfv0Q3bhBGf%2Fz5%2FvP9Xn%2B4u%2F%2F85VN0g3%2F6q1GRlvMomUsCY3jD6LaXKtwnJyjRO9FYeMKAcpE2nPwj1BM7QGjlQHmelwfLg3PMcGXcwXKA41Pzn4%2F0LHeR%2BLteXLgTfv4LLivBHw%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=WLHcHPscnsrFH4eUrlsKH7WGUA48aiT8LhxkZw3obRkvGMFbb2Z3LB%2FqvFzmrn6kilg3Yg%2Bx%2FcZd2V1VpOdNJgVzT2k%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=286474318643202&ad-session-id=5047861648538506660&target-id=30298867&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgostinform.ru&top-ancestor-undetermined=0&pcode-version=56841&pcodever=56841&flash-ver=0&available-width=840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A840%2C%22h%22%3A0%2C%22width%22%3A840%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A560%2C%22top%22%3A429%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=816&grab=dNCT0L7RgdGC0YssINCh0L3QuNC_0YssINCe0YHRgtGLIC0g0JLRgdC1INCz0L7RgdGD0LTQsNGA0YHRgtCy0LXQvdC90YvQtSDRgdGC0LDQvdC00LDRgNGC0Ysg0YHQutCw0YfQsNGC0Ywg0LHQtdGB0L_Qu9Cw0YLQvdC-IHwg0KHQv9GA0LDQstC-0YfQvdC40Log0LPQvtGB0YPQtNCw0YDRgdGC0LLQtdC90L3Ri9GFINGB0YLQsNC90LTQsNGA0YLQvtCyINC4INC90L7RgNC80LDRgtC40LLQvdGL0YUg0LTQvtC60YPQvNC10L3RgtC-0LIKMdCh0L_RgNCw0LLQvtGH0L3QuNC6INCz0L7RgdGD0LTQsNGA0YHRgtCy0LXQvdC90YvRhSDRgdGC0LDQvdC00LDRgNGC0L7QsiDQuCDQvdC-0YDQvNCw0YLQuNCy0L3Ri9GFINC00L7QutGD0LzQtdC90YLQvtCyIAoz0J7QsdGJ0LXRgNC-0YHRgdC40LnRgdC60LjQuSDQutC70LDRgdGB0LjRhNC40LrQsNGC0L7RgCDRgdGC0LDQvdC00LDRgNGC0L7QsiAo0J7QmtChKTogCjPQktC40LTRiyDQvdC-0YDQvNCw0YLQuNCy0L3Ri9GFINC00L7QutGD0LzQtdC90YLQvtCyOiAKM9Ca0LvQsNGB0YHQuNGE0LjQutCw0YbQuNGPINCh0J3QuNCfIAoz0JPQntCh0KLRiyAKM9Cd0L7RgNC80LDRgtC40LLQvdGL0LUg0LTQvtC60YPQvNC10L3RgtGLIAo%3D&uniformat=true&callback=Ya%5B1699713902361%5D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
cat.fr.eu.criteo.com
counter.rambler.ru
csm.eu.criteo.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
googleads.g.doubleclick.net
gostinform.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
yastatic.net
counter.rambler.ru
142.250.185.226
178.250.0.160
178.250.2.135
178.250.2.150
185.9.147.100
217.69.133.145
2600:9000:2156:c200:1e:a43d:b640:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
02a3b1cb4cd8bd557b82bc380bb9c1453ca332bbae09c26c397094b132e1764e
07f41cee6bf3bf65d776eeaa270ab25ce8a06ec0dfb4ef289b7ecf6d218fe866
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26423cea37aa87611157d3950ed566f885ca8e0e6b9e08727ba86330c4861792
280e083a77cf50e46198a9cc0b7a69c7757c587e3199797633c517f336d189d9
29f65fbbbfc145c9ea7b6a97414a882f09caff018a57f3c2709b7135aed346d8
2b4925fdd46a1f64dd4fd132df492eb66baafce87b3c3ef580193e716e5a61ec
2d37f632ba7d6e0f51393655bd9e90639efcd6606b665af19c3e6b6df222f952
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
31143ab9744ba1ac21b286ede78fd559644a6e8c63a0baa1a740795318834f63
31d2a198fe42347550f266f9ee2c14fc2ba5762a32d885ccc9f22ca5500b9e5b
31d5eee5d3eab1e714ed0f2b2bd7dd9a68e263e099c83601cb087c47c074e625
33f0ebb0ffcdad2c54c5e348993c8f27b33a691b6d4843a90c1ae373e1c7cedf
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37d73ab06b7ae544fefb33d412472d9ec735eb53999115b62ef307c6b2c9578d
429bb5d14b5317a2eea6758041dd53d34abd09e05017c9f904968268170f8015
48854a6e75e917e88f068ddef8a38b23208c777acf7e10d61f6936d9635311e8
4c116071d63bdfc7168db9748bba879b094bb5ac0249a442cad33b515c382698
4c5bd4277e7aba38413885f410b6f53df41bd3708ab43c9ad4c91199db37c342
4d8c50902fc8f40aed12b2ca69077f620f6ed789924c657c216e5f2e810c8ea1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
507c78b2443717974142f36405ff3a9fca7549465d472ef128d0f8ad19ce2ef1
52940a893e8de973774c0d45ebd7f0b5207b2c6f53d9b0d9942d249f954ed743
5298d6aa96d4c31e65e9198beb08bc3de1b5b885f22ece667f35c05ea42e2424
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
5943e55888db7d6e5399789b5e55290dcd1628fc6bc59b743e83b8cddbe52de1
5b0490dbab86a8b5b431e23cbe2c23300940f44c22dca878778b43bd3eb7a75b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67a73458ae94518e03688295d9c8e65af614ad5be69817cb00225418b88a8fea
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
723fb29987226a44acb35a60d347a4ff69defe2041867fb0e383680eff5e75bb
737b1a962d9918c5ef6b50b0d31e4e046c42aa1a4ffd208b21e93394c5737eab
7782bc9b609620131b2480258d3ffce49675163d17df9cf04d760a17fc116b61
7979e62bc495dc69dc0ad02ba27cf9d9c7eab30fca0f6823856e02400d2b2bb7
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ca1f87d66a50321b316a9dac3384e8db184f4ffebde340ccc5a14c559ea8fbb
7d29d10cd3186414018bdda033a793c62eacb564e635ac78c527e3430c69ced4
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
95677fd6d6a20c4c867c20902412b0c7979bc43337fca8d0bbb5b3132d3d4ba3
9c54998bd769e602c7b96b4f55017e1c46552cdb6b1288954cd2707ef4b77aba
a0b1ae454cb16adf594ee90eae21ed4f0667583c6ed7c08e5bafead38c2b5a0e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86a53fe308efef36d5fe5e1499918ee77615fc06620b9c5f057d2bdd12a0714
be50fedd39669faf52acbe048979cd6f7c77ad372dc0371faae814309e26bc45
bee92aa99304c2229f3b9888402d90be283f3f5101c118ba1c7fa7ed6df18521
c6172adb8ef067681fb653febb8db61f5d978cefe06bfa35dbe88cb93bd1a08d
ca517bf2082ff94dfc74877ca2e1953aaa73eac9957c1b0ddc977200fc83d900
ca77f9e0d312be25dd3db2b7d297500e46390e883066ffd6d1872b1553a6b4af
cc58fb133efbf595f86355387a566de29aa7d8dc724906df41cfe88a371d4c97
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d1690e775517516a04b577b0632ccc617a2d68adefa3d5c60796e9637fe8440a
dc43a3b8d5871273e2f65501b0502de181fc0c3f902d20fb71c5406bad6e34e1
e0ad08f0115ece93114893effe7fac485a2d81ccebe1893c66130bc4e9ee7ad3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b7c492efef9389622a051597803989b4286b8716c631857d5f43dc32295c6
e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219
ebfe71509a9e82629b14111944ac8cc498562ba603a5d812b590c7b6cdf4117e
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f78f239c3c2dcac27aabf737489d08d9132dd9ca644d45d6924e56dbb9340c9c
f86bd5928c396ae0022ee528bab6854fa3c222564f1ecfbbd753f17a7102281c

gostinform.ru Open in urlscan Pro 185.9.147.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

96 %HTTPS

77 %IPv6

17 Domains

28 Subdomains

27 IPs

5 Countries

1646 kBTransfer

3597 kBSize

22 Cookies

7 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gostinform.ru Open in urlscan Pro
185.9.147.100 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

96 %
HTTPS

77 %
IPv6

17
Domains

28
Subdomains

27
IPs

5
Countries

1646 kB
Transfer

3597 kB
Size

22
Cookies

109 HTTP transactions
3 data transactions