urlscan.io logo urlscan.io
SecurityTrails logo

ugt7s7.ru Open in urlscan Pro
172.67.202.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://smartligts.site/
Effective URL: https://ugt7s7.ru/whome.html
Submission Tags: 7400265
Submission: On January 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 8 countries across 71 domains to perform 616 HTTP transactions. The main IP is 172.67.202.211, located in United States and belongs to CLOUDFLARENET, US. The main domain is ugt7s7.ru.
TLS certificate: Issued by R3 on November 26th 2021. Valid for: 3 months.
This is the only time ugt7s7.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.21.73.3 13335 (CLOUDFLAR...)
119 172.67.202.211 13335 (CLOUDFLAR...)
6 81.19.86.1 24638 (RAMBLER-T...)
9 2a00:1450:400... 15169 (GOOGLE)
35 91.192.150.12 42481 (BEGUN-AS)
3 2a02:6b8::1be 208722 (YNDX)
3 81.19.89.17 24638 (RAMBLER-T...)
32 2a00:1450:400... 15169 (GOOGLE)
3 185.110.56.134 24638 (RAMBLER-T...)
4 2a02:6b8:20::215 208722 (YNDX)
2 15 2a02:6b8::90 208722 (YNDX)
8 91.192.150.30 42481 (BEGUN-AS)
12 81.19.89.16 24638 (RAMBLER-T...)
11 81.19.78.89 24638 (RAMBLER-T...)
2 81.19.82.95 24638 (RAMBLER-T...)
2 81.19.82.74 24638 (RAMBLER-T...)
1 91.192.149.54 42481 (BEGUN-AS)
2 81.19.89.27 24638 (RAMBLER-T...)
3 91.192.149.113 42481 (BEGUN-AS)
1 2 104.19.216.61 13335 (CLOUDFLAR...)
23 142.250.186.130 15169 (GOOGLE)
4 11 2a02:6b8::1:119 208722 (YNDX)
1 104.19.217.61 13335 (CLOUDFLAR...)
3 5.188.198.132 49505 (SELECTEL)
2 2a02:6b8:a::a 208722 (YNDX)
4 16 2a00:1450:400... 15169 (GOOGLE)
2 87.240.190.67 47541 (VKONTAKTE...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 2 80.239.201.45 1299 (TWELVE99 ...)
2 138.201.55.248 24940 (HETZNER-AS)
4 82.202.225.227 49505 (SELECTEL)
1 82.202.225.229 49505 (SELECTEL)
2 2 142.250.186.162 15169 (GOOGLE)
2 17 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
20 26 91.192.150.36 42481 (BEGUN-AS)
3 212.11.155.166 8901 (Moscow Ma...)
13 13 148.251.87.137 24940 (HETZNER-AS)
6 21 216.58.212.130 15169 (GOOGLE)
4 7 185.15.175.159 43226 (SAFEDATA ...)
3 37.9.245.57 16345 (BEE-AS Ru...)
1 4 116.202.236.172 24940 (HETZNER-AS)
2 6 217.69.133.145 47764 (MAILRU-AS...)
5 7 88.99.213.228 24940 (HETZNER-AS)
4 4 88.212.252.22 7979 (SERVERS-COM)
8 8 3.120.81.147 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
3 96.46.186.57 7979 (SERVERS-COM)
5 8 80.64.106.149 20764 (RASCOM-AS...)
1 4 185.184.8.65 204995 (RTB-HOUSE...)
3 6 193.232.150.70 48061 (UMA-TECH-AS)
3 3 95.163.53.111 47764 (MAILRU-AS...)
7 7 35.190.16.14 15169 (GOOGLE)
3 95.163.53.109 47764 (MAILRU-AS...)
3 148.251.4.142 24940 (HETZNER-AS)
3 91.220.120.21 202173 (MAXIMATEL...)
5 7 89.108.119.28 197695 (AS-REG)
5 5 217.66.147.165 29209 (SPBMTS-AS...)
2 2 213.87.44.187 13174 (MTSNET Mo...)
1 1 130.193.58.13 200350 (YANDEXCLOUD)
3 81.222.128.214 20597 (ELTEL-AS)
7 91.192.148.14 42481 (BEGUN-AS)
3 91.192.149.14 42481 (BEGUN-AS)
2 91.192.150.14 42481 (BEGUN-AS)
11 2a00:1450:400... 15169 (GOOGLE)
1 82.202.225.240 50340 (SELECTEL-MSK)
8 138.201.55.245 24940 (HETZNER-AS)
8 138.201.55.243 24940 (HETZNER-AS)
8 88.212.252.75 7979 (SERVERS-COM)
4 88.212.234.28 7979 (SERVERS-COM)
6 88.212.234.27 7979 (SERVERS-COM)
6 88.99.129.243 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
3 46 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
1 1 88.212.201.198 39134 (UNITEDNET)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2620:112:f006... 6336 (TURN-US-ASN)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 52.214.235.66 16509 (AMAZON-02)
2 2 3.124.133.36 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 151.101.130.49 54113 (FASTLY)
1 1 69.173.144.139 26667 (RUBICONPR...)
3 3 76.223.111.18 16509 (AMAZON-02)
1 81.19.89.3 24638 (RAMBLER-T...)
1 1 169.50.137.184 36351 (SOFTLAYER)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 18.197.4.101 16509 (AMAZON-02)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
616 77
2    104.21.73.3 (None, )

ASN13335 (CLOUDFLARENET, US)
smartligts.site
119    172.67.202.211 (United States)

ASN13335 (CLOUDFLARENET, US)
ugt7s7.ru
6    81.19.86.1 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: championat.com
img.championat.com
9    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
35    91.192.150.12 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru
ssp.rambler.ru
3    2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ads.adfox.ru
3    81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
st.top100.ru
32    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
www.google.by
3    185.110.56.134 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: static.rnet.plus
api.rnet.plus
4    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
15    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
8    91.192.150.30 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
12    81.19.89.16 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
kraken.rambler.ru
11    81.19.78.89 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: id.rambler.ru
id.rambler.ru
2    81.19.82.95 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
c.rambler.ru
comments.rambler.ru
2    81.19.82.74 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: loyalty.rambler-co.ru
loyalty.rambler-co.ru
1    91.192.149.54 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: rcm.rambler.ru
rcmjs.rambler.ru
2    81.19.89.27 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: stage-developers.rambler.ru
developers.rambler.ru
3    91.192.149.113 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: dsp-rambler.ru
dsp-rambler.ru
2    104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.lentainform.com
cm.lentainform.com
23    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
3    5.188.198.132 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: ads5-3.sselp11.imcmdb.net
smi2.ru
2    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
16    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
2    80.239.201.45 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 80-239-201-45.teliacarrier-cust.com
mc.webvisor.org
2    138.201.55.248 (Reichartshausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-2.sfa65.imcmdb.net
static.smi2.net
4    82.202.225.227 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: sm-server1-1.ssel21.imcmdb.net
stat.media
1    82.202.225.229 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.ssel21.imcmdb.net
target.smi2.ru
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
17    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
26    91.192.150.36 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru
sync.rambler.ru
3    212.11.155.166 (Moscow, Russian Federation)

ASN8901 (Moscow Mayors Office, RU)
stats.mos.ru
13    148.251.87.137 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-rtb-anthill-app-2.datamind.ru
sync.datamind.ru
21    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
7    185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
3    37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)
rmb.ops.beeline.ru
4    116.202.236.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.172.236.202.116.clients.your-server.de
exchange.buzzoola.com
6    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
7    88.99.213.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de
sync.1dmp.io
4    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
lbs-ru1.ads.betweendigital.com
8    3.120.81.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-81-147.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
8    80.64.106.149 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru
begun-sync.rutarget.ru
rambler-sync.rutarget.ru
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
6    193.232.150.70 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp14.sender.ltmse.com
px.adhigh.net
3    95.163.53.111 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: stats.seedr.ru
stats.seedr.com
7    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    95.163.53.109 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: statsd.nativeroll.tv
statsb.nativeroll.tv
3    148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de
sync.dmp.otm-r.com
3    91.220.120.21 (Moscow, Russian Federation)

ASN202173 (MAXIMATELECOM, RU)
tms.dmp.wi-fi.ru
7    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
5    217.66.147.165 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru
sm.rtb.mts.ru
2    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    130.193.58.13 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
pixel.konnektu.ru
3    81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru
ssp.adriver.ru
7    91.192.148.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
img02.ssp.rambler.ru
3    91.192.149.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
img01.ssp.rambler.ru
2    91.192.150.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
sandbox.ssp.rambler.ru
11    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net
smi2.net
8    138.201.55.245 (Reichartshausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-1.sfa66.imcmdb.net
static3.smi2.net
8    138.201.55.243 (Reichartshausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-1.sfa65.imcmdb.net
static1.smi2.net
static5.smi2.net
8    88.212.252.75 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-3.sser5.imcmdb.net
static6.smi2.net
4    88.212.234.28 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-2.sser2.imcmdb.net
static2.smi2.net
6    88.212.234.27 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser2.imcmdb.net
static7.smi2.net
6    88.99.129.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-4.sfa66.imcmdb.net
static8.smi2.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com
7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com
30    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
46    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
3    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
3    31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.158 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
1    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2620:112:f006:bbbb::12 (United States)

ASN6336 (TURN-US-ASN, US)
r.turn.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.214.235.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    3.124.133.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-133-36.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    81.19.89.3 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: prime.rambler.ru
prime.rambler.ru
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    18.197.4.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-4-101.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    2600:9000:223f:a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
Apex Domain
Subdomains		 Transfer
119 ugt7s7.ru
ugt7s7.ru
3 MB
110 rambler.ru
ssp.rambler.ru
profile.ssp.rambler.ru
kraken.rambler.ru
id.rambler.ru
c.rambler.ru
comments.rambler.ru
rcmjs.rambler.ru
developers.rambler.ru
sync.rambler.ru
img02.ssp.rambler.ru
img01.ssp.rambler.ru
sandbox.ssp.rambler.ru
prime.rambler.ru
856 KB
86 googlesyndication.com
tpc.googlesyndication.com Failed
pagead2.googlesyndication.com Failed
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com
7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com
572 KB
48 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
1 MB
43 smi2.net
static.smi2.net
smi2.net
static3.smi2.net
static1.smi2.net
static6.smi2.net
static2.smi2.net
static7.smi2.net
static8.smi2.net
static5.smi2.net
734 KB
43 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
859 KB
25 yandex.ru
an.yandex.ru
mc.yandex.ru
yandex.ru
137 KB
23 google.com
www.google.com
adservice.google.com
5 KB
13 datamind.ru
sync.datamind.ru
5 KB
11 googletagservices.com
www.googletagservices.com
321 KB
10 ampproject.org
cdn.ampproject.org
204 KB
9 google.de
www.google.de
adservice.google.de
2 KB
9 googleapis.com
fonts.googleapis.com
7 KB
8 rutarget.ru
begun-sync.rutarget.ru
rambler-sync.rutarget.ru
3 KB
8 bidswitch.net
x.bidswitch.net
5 KB
7 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
5 KB
7 aidata.io
x01.aidata.io
3 KB
7 weborama.fr
redirect.frontend.weborama.fr
637 B
7 betweendigital.com
lbs-ru1.ads.betweendigital.com
ads.betweendigital.com
4 KB
7 1dmp.io
sync.1dmp.io
4 KB
7 digitaltarget.ru
dmg.digitaltarget.ru
4 KB
6 adhigh.net
px.adhigh.net
2 KB
6 mail.ru
top-fwz1.mail.ru
5 KB
6 championat.com
img.championat.com
198 KB
4 creativecdn.com
creativecdn.com
1 KB
4 buzzoola.com
exchange.buzzoola.com
807 B
4 stat.media
stat.media
29 KB
4 google.by
www.google.by
872 B
4 smi2.ru
smi2.ru
target.smi2.ru
13 KB
4 yastatic.net
yastatic.net
160 KB
3 3lift.com
eb2.3lift.com
1 KB
3 bumlam.com
sync.bumlam.com
2 KB
3 adriver.ru
ssp.adriver.ru
603 B
3 wi-fi.ru
tms.dmp.wi-fi.ru
2 KB
3 otm-r.com
sync.dmp.otm-r.com
205 B
3 nativeroll.tv
statsb.nativeroll.tv
2 KB
3 seedr.com
stats.seedr.com
2 KB
3 beeline.ru
rmb.ops.beeline.ru
2 KB
3 mos.ru
stats.mos.ru
1 KB
3 yandex.com
mc.yandex.com
2 KB
3 lentainform.com
jsc.lentainform.com
cm.lentainform.com
49 KB
3 dsp-rambler.ru
dsp-rambler.ru
64 KB
3 rnet.plus
api.rnet.plus
11 KB
3 top100.ru
st.top100.ru
86 KB
3 adfox.ru
ads.adfox.ru
871 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 yahoo.com
ups.analytics.yahoo.com
1 KB
2 advertising.com
pixel.advertising.com
939 B
2 avct.cloud
ads.avct.cloud
890 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
878 B
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 googleadservices.com
www.googleadservices.com
833 B
2 webvisor.org
mc.webvisor.org
710 B
2 tns-counter.ru
www.tns-counter.ru
712 B
2 vk.com
vk.com
973 B
2 rambler-co.ru
loyalty.rambler-co.ru
40 KB
2 smartligts.site
smartligts.site
1 KB
1 2mdn.net
s0.2mdn.net
586 B
1 smaato.net
s.ad.smaato.net
440 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 simpli.fi
um.simpli.fi
711 B
1 rubiconproject.com
pixel.rubiconproject.com
457 B
1 everesttech.net
sync-tm.everesttech.net
177 B
1 quantserve.com
cms.quantserve.com
463 B
1 ctnsnet.com
gcm.ctnsnet.com
511 B
1 yadro.ru
counter.yadro.ru
287 B
1 konnektu.ru
pixel.konnektu.ru
262 B
1 mathtag.com
sync.mathtag.com
732 B
0 netmng.com Failed
google2waycm.netmng.com Failed
616 71
Domain Requested by
119 ugt7s7.ru ugt7s7.ru
46 tpc.googlesyndication.com ugt7s7.ru
securepubads.g.doubleclick.net
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
tpc.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
cdn.ampproject.org
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
35 ssp.rambler.ru ugt7s7.ru
ssp.rambler.ru
sandbox.ssp.rambler.ru
30 pagead2.googlesyndication.com ugt7s7.ru
securepubads.g.doubleclick.net
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
tpc.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
www.googletagservices.com
26 sync.rambler.ru 20 redirects ugt7s7.ru
24 fonts.gstatic.com fonts.googleapis.com
ugt7s7.ru
23 securepubads.g.doubleclick.net ugt7s7.ru
www.googletagservices.com
securepubads.g.doubleclick.net
21 cm.g.doubleclick.net 6 redirects ugt7s7.ru
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
16 www.google.com 4 redirects ugt7s7.ru
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
tpc.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
15 an.yandex.ru 2 redirects ugt7s7.ru
13 sync.datamind.ru 13 redirects
12 kraken.rambler.ru ugt7s7.ru
11 www.googletagservices.com ugt7s7.ru
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
11 id.rambler.ru ugt7s7.ru
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 fonts.googleapis.com ugt7s7.ru
securepubads.g.doubleclick.net
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
8 static6.smi2.net ugt7s7.ru
smi2.ru
8 static3.smi2.net ugt7s7.ru
smi2.ru
8 x.bidswitch.net 8 redirects
8 mc.yandex.ru 3 redirects ugt7s7.ru
8 profile.ssp.rambler.ru ugt7s7.ru
ssp.rambler.ru
7 adservice.google.com securepubads.g.doubleclick.net
7 adservice.google.de securepubads.g.doubleclick.net
7 img02.ssp.rambler.ru ugt7s7.ru
7 x01.aidata.io 5 redirects ugt7s7.ru
7 redirect.frontend.weborama.fr 7 redirects
7 sync.1dmp.io 5 redirects ugt7s7.ru
7 dmg.digitaltarget.ru 4 redirects ugt7s7.ru
6 encrypted-tbn3.gstatic.com 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
6 static8.smi2.net ugt7s7.ru
smi2.ru
6 static7.smi2.net ugt7s7.ru
smi2.ru
6 static1.smi2.net ugt7s7.ru
smi2.ru
6 px.adhigh.net 3 redirects ugt7s7.ru
6 top-fwz1.mail.ru 2 redirects ugt7s7.ru
6 img.championat.com ugt7s7.ru
5 encrypted-tbn1.gstatic.com 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
5 sm.rtb.mts.ru 5 redirects
5 begun-sync.rutarget.ru 2 redirects ugt7s7.ru
4 static2.smi2.net ugt7s7.ru
smi2.ru
4 creativecdn.com 1 redirects ugt7s7.ru
4 lbs-ru1.ads.betweendigital.com 4 redirects
4 exchange.buzzoola.com 1 redirects ugt7s7.ru
4 googleads.g.doubleclick.net 2 redirects ugt7s7.ru
4 stat.media smi2.ru
stat.media
4 www.google.by ugt7s7.ru
4 www.gstatic.com ugt7s7.ru
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
4 yastatic.net ugt7s7.ru
3 eb2.3lift.com 3 redirects
3 sync.bumlam.com 3 redirects
3 encrypted-tbn2.gstatic.com 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
3 img01.ssp.rambler.ru ugt7s7.ru
3 ssp.adriver.ru ugt7s7.ru
3 rambler-sync.rutarget.ru 3 redirects
3 tms.dmp.wi-fi.ru ugt7s7.ru
3 sync.dmp.otm-r.com ugt7s7.ru
3 statsb.nativeroll.tv ugt7s7.ru
3 stats.seedr.com 3 redirects
3 ads.betweendigital.com ugt7s7.ru
3 rmb.ops.beeline.ru ugt7s7.ru
3 stats.mos.ru ugt7s7.ru
3 mc.yandex.com 1 redirects ugt7s7.ru
3 smi2.ru ugt7s7.ru
static.smi2.net
3 dsp-rambler.ru ugt7s7.ru
3 api.rnet.plus ugt7s7.ru
api.rnet.plus
3 st.top100.ru ugt7s7.ru
3 ads.adfox.ru ugt7s7.ru
ssp.rambler.ru
2 a.sportradarserving.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ads.avct.cloud 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync3.adsniper.ru 2 redirects
2 a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 static5.smi2.net ugt7s7.ru
smi2.ru
2 sandbox.ssp.rambler.ru ugt7s7.ru
profile.ssp.rambler.ru
2 tech.rtb.mts.ru 2 redirects
2 www.google.de ugt7s7.ru
2 www.googleadservices.com 2 redirects
2 static.smi2.net smi2.ru
ugt7s7.ru
2 mc.webvisor.org 1 redirects ugt7s7.ru
2 www.tns-counter.ru 1 redirects ugt7s7.ru
2 vk.com ugt7s7.ru
2 yandex.ru ugt7s7.ru
2 cm.lentainform.com 1 redirects ugt7s7.ru
2 developers.rambler.ru ugt7s7.ru
2 loyalty.rambler-co.ru ugt7s7.ru
2 smartligts.site 2 redirects
1 s0.2mdn.net af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 pixel-sync.sitescout.com af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 prime.rambler.ru
1 pixel.rubiconproject.com 1 redirects
1 sync-tm.everesttech.net a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
1 cms.quantserve.com a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 encrypted-tbn0.gstatic.com a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
1 counter.yadro.ru 1 redirects
1 5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 smi2.net ugt7s7.ru
1 pixel.konnektu.ru 1 redirects
1 sync.mathtag.com 1 redirects
1 target.smi2.ru ugt7s7.ru
1 jsc.lentainform.com ugt7s7.ru
1 rcmjs.rambler.ru ugt7s7.ru
1 comments.rambler.ru ugt7s7.ru
1 c.rambler.ru ugt7s7.ru
0 google2waycm.netmng.com Failed a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
616 117
Subject Issuer Validity Valid
*.ugt7s7.ru
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
*.championat.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-02 -
2022-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
ssp.rambler.ru
R3		 2021-12-04 -
2022-03-04		 3 months crt.sh
*.adfox.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.top100.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-02-15 -
2022-02-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
api.rnet.plus
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
profile.ssp.rambler.ru
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
*.rambler.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-20 -
2022-05-19		 a year crt.sh
id.rambler.ru
GeoTrust RSA CA 2018		 2021-12-07 -
2022-12-07		 a year crt.sh
*.rambler-co.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-31 -
2022-05-30		 a year crt.sh
dsp-rambler.ru
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-01 -
2022-06-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
smi2.ru
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com.by
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
smi2.net
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
stat.media
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
*.ops.beeline.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-06-23 -
2022-06-24		 2 years crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
img02.ssp.rambler.ru
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
img01.ssp.rambler.ru
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.buzzoola.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2022-09-28		 2 years crt.sh
*.ssp.rambler.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-02 -
2022-04-01		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
ltmse.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 55 frames:

Primary Page: https://ugt7s7.ru/whome.html
Frame ID: 385CA284054385E5089E16CE5CE5CF15
Requests: 258 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/saved_resource.html
Frame ID: 058D261D4FC84BA89A1CC20244F18BF0
Requests: 5 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/file.html
Frame ID: 3B3FC9BE9C19D676DEF1CE77FF9C42E7
Requests: 4 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/saved_resource(1).html
Frame ID: 76C2FC7B161C53B41EBB98C8CA4385DD
Requests: 6 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/storage.html
Frame ID: A4C25AE4654F6A675AA999D4F9450451
Requests: 1 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/sandbox(1).html
Frame ID: ACD90A5ECA6258F76A3DF326C744AD6D
Requests: 36 HTTP requests in this frame

Frame: https://id.rambler.ru/rambler-id-helper/1.5.26/storage.html
Frame ID: 84C3DCED17EA80A5AC1B6C10E4EEC515
Requests: 2 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/render.html
Frame ID: C60B95986CDBBF3F3166325D3E2F2475
Requests: 22 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/saved_resource(2).html
Frame ID: 088306B28673BA5CC658615FBDD203FF
Requests: 2 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/container(1).html
Frame ID: C1578D48E8A96830E33C2BE043F7F53D
Requests: 1 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/saved_resource(4).html
Frame ID: 67FDCD60F0AE9CBA8C3BE7FB4BD77C67
Requests: 12 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/aframe(1).html
Frame ID: D15A27184C7E0ABBF9442753795FACAD
Requests: 1 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/container.html
Frame ID: 90A7B72F8E5038876D2E4095B11E1B99
Requests: 1 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/saved_resource(3).html
Frame ID: AFA25B1D46465F426C7A6E8CC88BCE02
Requests: 19 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/aframe.html
Frame ID: 6189F293AA2725691F9010827BCE29AD
Requests: 1 HTTP requests in this frame

Frame: https://ugt7s7.ru/css/sandbox.html
Frame ID: 00AE0B8F0E208E071FAC82AEF3A3BD1D
Requests: 20 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 2884810F659C0F73643EE48460EC3E58
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 5AE6E336C98D2BE530D856DD571FF310
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 985D2D80DC472F6E12BDFC189209CF77
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: D938F3E95529C3C04FFDB7FB1341DAD6
Requests: 9 HTTP requests in this frame

Frame: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 12B89046E02B426FCB0D43BA69431443
Requests: 1 HTTP requests in this frame

Frame: https://c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 37CE33C51343AB10A75570E6D19CAB33
Requests: 1 HTTP requests in this frame

Frame: https://7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2343E239A87B60F925FC72FC43CB5A56
Requests: 1 HTTP requests in this frame

Frame: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0AC092C1DAA58FAC7BABB6C9D1409E8D
Requests: 1 HTTP requests in this frame

Frame: https://5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25CE55D4FB588466898674FB44B9A9CC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV6vflb0o6ej4dziYwfuzcYSgj18NZS93ZJ2pZrrt7DnITyQIik3ZR_NDRoETcz2DQPlWGnbNtttbO8OLYoRiulDpt-KX3X0Mpdbeq97R1dSHfv5-8D5RH2xRP4l84qgvB9rKkBxHnRYMr75xd4k7RJ6BJtKT2_-5m6Zl2qw4ONFcl6OZkPehr7VQ8qB2koDBW9TYEkuOkQFTJ6GRoZyH_MKsirEasP8fFOV7ViqgpGgcaLWTui7FuI0nmQAc6dWFnM72x-Wu2Sj2h4OCnawGYEqRiERgr1Zi8xJPOw663eq2BpS7BBnUmlLV0zOYYOSnwnp8L8qHv&sig=Cg0ArKJSzNytDrov8B6vEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2E67FEE69585329D59C7CC0AAB136286
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4spOuwiBSThzkb7dWbZUrIJ6wR2Jd6zSgRyj27mqpqQXPTSXaxs6hpuzR3Vt3OqceHrmK777DvSsk3IOPDX6vC1I4BWX6Y94w2fBGQwVOLib-6eI5dVwGDvd4n9N7nPQXdUK9VZgki139I8gZNDYZQ1k_3tM4sEu9WtXli_dNdIqDD3liwj0W42gKoFrIekM3Efy8KwvTdZWSTcYBBTLmV6Yp7dVP1ISQryGSrnsnfyPlFTV3o7ma27fFkdzr3c2ZUgKum7G2QoGGUWetYciwla2UQYVLuDly_57ZgVkh4Wk4h1LHiNsRL0Ep22qZD7KqG0r0Kw&sig=Cg0ArKJSzKAFyWouEpMUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7B3ACAB84A4698ECAD8EF8666F86203F
Requests: 1 HTTP requests in this frame

Frame: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0648AB1590CA4B00AC11BDF9489C218A
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8KgsJtdBVV6_kDuCw_jA2W2aJY2cCNX91K83znE380GDMFLAlM0D4PaXmgSQsd2JRUk2T-1_4upYJPStgFco_p3hsG9WN1e8GJou_IczN0bfrCv8xJZKF0bLp5Iljs-b5HQ8UPt7SNKA_oS9iye4yeFrFhQTmedveIl2blSD7KdiSzYZ0hUx2Vspk0w3h--JPgoI9F6ph1vZ7GD-WCqZ4jPYWZVuWBTJDoZ4Tw3l4DQWtu6oUg52MmblqRR85P5bwuxZCxQ1qZ-U1NqSAjxImabcmAP79S4fHUkQkMSmM6o-1Z3FnHOACNm5VGr_UHg&sig=Cg0ArKJSzDasUQIYKTJAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 38FC18D6D55BC16CD3FDB76BD0408DDB
Requests: 1 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=dOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA&script=sfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA&img=krCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA&img=YLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA&img=FUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA&img=ZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA&img=Ru3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA&img=fvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA&img=aji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA&img=QV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA&img=zMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA&img=3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA&img=Bb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA&img=jb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA&img=mk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA&img=FbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA&img=PwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA&img=JYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA&img=lRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA&img=xlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA
Frame ID: 9E15E9A69C2E80B743BB4064B673E951
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: DF03E64F6A1384F20A3FB03375D6B987
Requests: 21 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E53AC1C74B5513A94D072A4806DF6725
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 1FA2D9582CBC613C2E2352EC0DE33F69
Requests: 8 HTTP requests in this frame

Frame: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E34A2B08E40A36096F0892C2C9D233EC
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCC27A070CBC9DBC0E92823D811B11EE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CE2C07E4562AD7D81DC462C45913E5D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C66EF66961B5BE7C3A121AE17E4E01AB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 84DC8F2588036F9A6E2EFE686CA3EA07
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7455656893F3F693BBF77290EC4E2E6B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F2C949906B5B30EB55B4E363CFFC5A9
Requests: 2 HTTP requests in this frame

Frame: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A4F8DBD9A13159AD70517B2B70B768C7
Requests: 1 HTTP requests in this frame

Frame: https://47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7F95F2A4686A276AA7245F9BE4A6A3F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84454EA431AAA5C38E00934DCADC02F3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1ADB47058BA2B05A90962461E1EE68FB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E27A9F4AF27611806D473F5251DBB56F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6221EF64A48F7109E55606A054430F5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 0FEE7C696AA756623680B75384ACB175
Requests: 21 HTTP requests in this frame

Frame: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0C7CEB29DB71D0910568189C0520A954
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E866DDBE960CDCB14EF078BBDF2A5FB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88847CBA93D7D81E234DF1A6759A25BE
Requests: 2 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=jCu93EjOg*mSFO-4FJJK1*-SzN3JcieGqQ1j2qa*mVsokbzntWS0cjcN70DVGOF38fUDoLiEYUHsNiu4QYK-5K5zLmaE5fMXLxkmeUIybmzMpwl5B3izMhzwkAUE69lml68kHFBnTytp0JitjqB8XgIAAAC63LwKAAAAAA&img=NrdG5xioTqk0hyxJE8LoTyerEmxU8DiIMzptYOGXcC9uluodKlHudG4mkhcBnkLePjgJCjKSAXGDRg8fP1kk45OSmAPNItsRFvFIeIb-6o5sTxx0TrbUpkNPRkd3Ts*m0JI6pa*QLg-gvdef7WmyIgIAAAC63LwKAAAAAA&img=asB*me49LyfN3MOT7T8lYrpMWT0WIHEfq2XrziBRl1JbnW9NU0kv8c3TKnlsxe2L*Hx5LzzJnIr5BQNiWzujtjIA1CwQTQ0Gd7HhvZ*Uzp8e-FHpRzSo53vGpVUtLcJgaTbDf1SkNGQcsvnI5umYytYgR9pl2bB0zArD7IFwUbhY6HQe9WieeInOSH0WX0Xqvcam3SeHDyFkHbDXSP6CWCYsltF7K7Q4MFU7V9gIRUcCAAAAuty8CgAAAAA&img=4kccE5WGWC40XzZx6v3WDgPb4somkBXQQ6YQ*VSLPzXYtPIaFGjWGOS5ZZh1szIAgY8manFx880l4Y4ZVJrGH7XWRqUNaBxW8maZrh0EbTr87LPgimTBCHt6*VlO0XzH3IkKA7kvBlZlSHESupHvu7EB*P*FiTi1EFyoEy*gxJCoGvV0yxhSrfdUNqdMkYcEAgAAALrcvAoAAAAA&img=e8Tjj2*TZSCWjKdsOOVQAbegcRh8IzRdiNeI6gJPLXUIHhVggJiooWFqFNCMtC1UMF-x1IOWVh-BSLzG8XYa64y7BwwL7Mt95Y8eY215HjRDjvdY8o0IX7LFL6ChJImnAgAAALrcvAoAAAAA&img=BF4pSaJao7vQH5iZxNm7IHrxjQP9Meyq6udhIVB4LY5GY3mAjAzpQrmVvCdZsZ7BavoQRMUJcP-eHDy3Sjqid8KlrwHy-K6Zbg9KWLJRZarYh5PdJNiYweDRYBFygEFzDtG1j4ZVO1S78Fcvw7sN8gUsxlgir7Depw4o8ngh5sMCAAAAuty8CgAAAAA&img=P7u9Ir8PjyG84WrXb8rkO5re1F*Je31fe4hvDCKqnl2uJsFkS9PCBpliCbdXYyrTRm4*7*9z7bUm5r2J9Unslt-E9OYHEplDW040PIw*1Xv3U5mdHV1Ra-BedUg3owB7AgAAALrcvAoAAAAA&img=Ej*7xzqhHS-P59FnBvYyElgqck49gXXWGfaH7iy8O-I4LaPEPokcVzQ6JCELY9Qm-eHvBhmFkG1TmSqdjuRSnlsykntI42dbmoSa06*K0oV5gkYstMvOx6Hsp2H3CiQ5AgAAALrcvAoAAAAA&img=gZX0EleuRFvWxSTtFAZ*4CnKIFyFE5WymeSf6riJKK-ySQ8DBbUWnJbABEuXN9ZijBgfWjcHrdi95XMrJTRxOXcMHxIERkmM3Das41anFThnw1wmLu2PbW88nLpNKTY1OLpLRTkCWgrETHd3zerY7wIAAAC63LwKAAAAAA&img=8D8X5orDE0wLnx7uGieHNHo1mP*vrTdDMr7mSGkNb4PXyudJHU8JEknAdLFErLW-*l-2ZSRw2f7owqNlB0XKBqxshzTW0ljsw6LQwoLSfVYoOX-cBVp5QQUFK1y8RG1s*btDrDZYJNLGJ8JQ7PMxg8h0JM4epSAXhlXh8jDpVCwCAAAAuty8CgAAAAA&img=KMZG1*1Z2cfYN6Oyv5YyhbhzQR3q3aZlkoacA5xsO*iGd0Ib*L5zKtfxexG-xmUrOHDIDku6pqadwuk87tZXmrvXr5pu1UVKrgjP3AqxPuLwWUT0qA*4889UarWFqOw5VopR5heHQgmopNjr3DjqNDXVmvPsCrjiYMgUyyarOaDAtlwCwZ1oe9Nob0f6LVUAhhG5H0R0br*-ewo7IgQxxyiAoXdhaMFv0EaaoyEn8jcmBIbXW2JhXxp4efHXKM2SOGfgGPNlvXdnVKS7LyGEU-Nebdd51vu2T14PtljOJqcCAAAAuty8CgAAAAA&img=gYnNmhDnn8NVDGvmpssPPM*duWGXg3IY8JKZDxy*oqdqOqlRggFcyN-KSXx4eETfMNo3nALnJDlIshEmzOieqOHP0qdcv1BelQ8Uppg3tUl11awKb7FB1TPH4YNR9Em9AgAAALrcvAoAAAAA&img=aatHNKd6qGvtEIvk8jPhpq8162heT4ckaZnJRlVViZSG6v6w9JXYzXYgQHPQezT668pnFckV1MzsaELtP6U7CsUkXyryA-GWPwLipz*07*CFqgN8AaCRmbaa1q6xEmNO8l0uj6au30Yq9TXtKGejhwIAAAC63LwKAAAAAA&img=s2Je7i78hkGnfB4lc6rQLZc9ZZrTlazs-iKrPsqKDCY9J*utRKuK3ZQ7VIwEURM-zm-jT0oPl725P9CLwH*uf8w4kEjEphtSm14r6Q1mYWDBRle1l3Qu1UodWCVqR6HxpC9c70ktiZ244XR35h9fYLIGkiXHoH8XitHRejaPCW8CAAAAuty8CgAAAAA&img=QkMjnvf0kZe6y4e0lARuAO*WBLPO2-HmNVquiJhJxaTjWoXhqWIZj1f7MuAx69qPn6fsyOTamA4O1Pni-AUONqxwkslFumeaFR8X*xWTuX0EGzOP396-ITCnJiS5mCl77lltENk-5J-kRwvAQQwCS4owtygioFnPe6ZOvuCsfRsCAAAAuty8CgAAAAA&img=A3WedC8-KrqgXObAAjPa*FRv9o-Ao3eUuA9tMoovnJJNfY1dROxPclCevN74rVyD1gk6QcCD-pTY1tGnE1qX3xJZ8XqeDxdRtOe7r8waC-71BXB2VFlm22i2eBmKBOWpDYkf699ePbx30V3J7mIhZwIAAAC63LwKAAAAAA&img=fgGiKRMR3q8mbO7EfPWxlyvf2NNwETZDIW8zyOQcW8NNifflrUe51ataDQMEw43*K5ex3XCtZah0ZzyHTE7ASv*gsr6evCLSJUJfC19acOBaykuZM5oZR-glQeWcPFEmadrFRsv4QRK4AlwQJd7O5QIAAAC63LwKAAAAAA&img=eQHADa8IdKB0j6oqeyeOwE4O-pOw2PRYDFhphwYnSqLBF74JZxDsa7gpZgdyPcaBIi81Rl5P40AZkG3w-PEuLCUpcZCZZ1*gfBg8ps1WCUCEs8QFm5L5yaIi0s-pO-s0QhlJ3KBSOXEvmRfyj88rd9KEa0rukQl7tzwA*Pujz5zm1JUQvwD3Dx4lcJWyU8JvlDLwKwRpuzw4D0WB1FM1gwIAAAC63LwKAAAAAA&img=ODFFmszgozzJu9AtzsHsjvHtwaN5msP*5Vf7xyMiBdEgzS8lAK9Kzs4mw8qjI*CrKukjZK-3Didmc**L6Bcn4cg0zSuwHz9hh40eC6qyjOWyrEQVI63ZIvnIxYCZaCPur-q1Y-kBzzYOthnz15tOjwIAAAC63LwKAAAAAA
Frame ID: 06AEC8C8E10A29DDF3FF6061E3D56C21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEE826FE7F6102B45BD44586B9F8E9DD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 652C1738B8A2D31FE05B3A0609CA11C8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86FB94A6B82EE1712791B66AC7D2A12D
Requests: 9 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=HTMnBauXeIrAQc9KE9BriOQL4NGNjSclaWlPvzz-hTqlC3QQd-CSSkKyOJoYJdBeP2e5GHXNlIqAqN3OWUQmnLB5RSYeVIY*-aqeKHRml9tr5ImkUmHhz5crV9SoZAyeV7duCTUHyud9YX-gnApMxgIAAAC63LwKAAAAAA&img=gFdPR3kLgpapoWwDQOQYuw4Q08HK1t4l9DcZ7ZUS5y3ywxke6tPBccOVO2PuObLdFDMyhv01mkfIYSfti1hHkwYNFv7A0BXOus-z6ay9KIQk-TRqXggPZTd27DvUYl43JT5yXkinmFWzXWLKhZ9B*sNwMOVdEram7i2KKfNyGggCAAAAuty8CgAAAAA&img=6R2JYQb7HsQUiPryXZGo3YJpz3pkWQGJonRS3TD929ptof2DlmUnXXcSBt1dHzTOs--C3QPmuBqyhJNzkI1BKSc1nzOg-pRQQuwcKhQED5x2olUiBf3ZiilmyBY3O2OBAgAAALrcvAoAAAAA&img=*Nisqxon519UDqxeKybvALL70y1**wxOQm*id0JXbDY9XZNWeRSPIO1Ktd5wwURtyMmAZhZtkh78KXvDAeKAUN8g8CiNHYkTGkiCGQOY3S5TSLS**GvQOkBg1JBMMaww1-5-PRtLCMKnQF4YIk4DAQIAAAC63LwKAAAAAA&img=Pc9vZ*P5IiBTM1bixm4vlUgnrTw-sgMbNg7CP0eTUYXD-lK4JUVZluTIN0bgrLqFyeTtSBeaGXJCZL-tunVp74Sq1*f35xtv3MBxq0nhH9brye8D50nRVNkgmJT1jP9F*Q8MHYRHdqF6PXcuGu77cAIAAAC63LwKAAAAAA&img=V1Q-Cr73XcupemkdZDzChevupmx90X9L1e4nQOUya2hYKXWGrRo--Zar*7rnZWQE9RM3CTxxYgTF9m7a*c91K9DuTaC0zNTd71it*USyLcuVZJJ28fr2kTimJbxm6Kr8ahqojzGV40CehecO2Idao2*jFBvUCXHJjtOUFYgoMHsCAAAAuty8CgAAAAA&img=bmPtsLJcs1hjEkREU12QEIK1QFKU8bmI1LWc7WIN8x9wKFmO1qR7rW*uxUAmM4PAoEhswChcks3Au8ERl8KlBNmGKZWYId05WLLeiRr1lDtS-EVuK27Bn1iAuULKBySRcGVYW4i6ThXBI-qkcc0tSQIAAAC63LwKAAAAAA&img=BP1qit3*vjJSY8KwSl6NXozd2GkxK3*JmTe62*XZ6UfoxmZ78HtPITRvYdGGL0Tzte-P8KkmhB0020tRfTbLPuv4OHs5MbSNFEBOx8CQsZpvGLX5L6NRmnffTFDYwLU-dzluc7HBYbbJLY2Q5GuURgYNbdoLMjqe8s1mqSuJaDQCAAAAuty8CgAAAAA&img=3wPjFiYUM0M*m04CoumB80c7OMx1XmRc0zSw07eUWYRlQbCX707j-Xg2rC2RknjzRnfCrvLjR8D7trqIl8ZdRNCgGof5R8EhqAmAkLyz5BzfRBl-Qj7IyYDuc9D7foE6iGHYRyj-uSfkKtmN3FE2*GsdGT*QQ0enpnQoJQo3K4Sl16pV76c5xzDIajIZUlupoCINZ7sPx5ylmUG2DhBs7QIAAAC63LwKAAAAAA&img=T3B8iPjZfFRiYzv0cQ*Y-T6I7EH0tluhWxWVtLa-6WItHzvYeaxkBUz4KRBwdEvA8n8AH8eyuctDVpgF77AtGWx*C4*REf4Gl5ce7G8Q7n1GOJI6ZyvnKUva99PjgkIUwPXchy3UZ5tV6rHu1raTzs-VsvFE9Hux7dPUq7wGb49SLaHgb*wJ3aG73hhiitJ7AgAAALrcvAoAAAAA&img=7HcXdkEDwiAkoor2IQU5vkNtYzXfVY1YkVXRyAr*BNvKBdQkI1kpTyMayP-nWA3tVqJ*SH-wSUhFh4gypJc*5K9v7r51uQ0RbyDFghaH1sSHAfM*z3*cgATnXbitlyPJZnax5dbz6qkGHLuni0za-QIAAAC63LwKAAAAAA&img=3CgwOy7ge-kEjPHXcXZBZKVU4X1JcnZULuvE9WuqNYa2-5an3d0iJz5TY5ZBcAyk7VrSu6uKXGRwyw4UkZkuw*tSbXsrOx*auNbQzvnd9wAOwXnd9lYGhLvnlqmqiFb5L4qg-3cmCeHdfFK-epGZCdgzMpptqpUsvt9n8dlYRzYCAAAAuty8CgAAAAA&img=lSZFZ6d46ABMLc3EiCLCIL3N6hApKrnP1kr5iNDTmsCF75iyxkpLb15vjsU**yKuXhi1qlZlPiGxIF6QfTf6NcUOews*r1U1GGF5mqpzG0qbKE7Zow34uF5*5*aL87B0AgAAALrcvAoAAAAA&img=hyqe1IllmmeSfACr0KtV2I4N8WGeS-FKcZA4jYNQFW4MvXIGcSE-3j2jORIXC*HIFPrE7ehf2UKCzIAk4RbZ*r6YFwNu5NUzqSoONQNkViNSngVWabaQwvMhtRxe3FmeTsPLK2CjqrKWvCTzRHJp6QIAAAC63LwKAAAAAA&img=fUnwtnVMX6QdQHBzqKframATubmX2ppPKeEY3AMU7QxHnryyZ5p9ffqeknOIhzXxA-ztIaVU4us4BHlfZuhF57lGlzdJG8QSSTXighp6xfFvVT5d9fRWQMvCHIpGj4CwdKkGY-9S8AWvbpOZHEWR4vOSKYxHeVltWUOMskSPgdwH4BPoTW2fg4xWGwr3W9v9koRaFXdA26QVI5KNgx-tUDKXWHZ4ckcxUvX-J4oB2h0CAAAAuty8CgAAAAA&img=TZ*ilxkLNogng*yDq6s6MUm-j4PBbwApWaDbCAgLPBUc*Nqtm8gr-31KdD1POJoZRzBePSC4HO2E-hRiM9E-iOtzSWMqfp79vvWNyZiJuc-okM2s4hPilHP0g02QeGmdAgAAALrcvAoAAAAA&img=VCICewSSyAmR23oDJEml3hnQ53eP-m96AdDzVXjluawYsxKg7vsAEqsfyF61*OiiFoUCWH6WEs5qG2byMen*bFfyzONf*4UzRRDaDRFnfDArqG-4ZBs5LXKz5uN5B151Kl34nnT8T00i6trGIZc52wIAAAC63LwKAAAAAA&img=72jTRIvD3-Ez6HwPhUeKP0XFTYISJeN9GrpGhxUXd*HEwBMMwN0nd7DhhWVcm4YVfiWdHytCTpzbwS1h1tI7Sknk03yaj8ynBgmPbtRSFK79*4cile45Qqm*oTyCU6Rhwc7BFJRrJtgMaak8MWvcEHK-1fIowNkozF75vSu4GiD-b-BeWV9xMTJ2z2Z53ubC890O90j-yPB5r*YZmbtzQufLWhFRBcpiBOKVM8MsNNT*qejQ8Ji4AeiWOrXkJI7hXqzskO2mop1TyNfb5pqQsC1OIjKO*6kOsBfAEJnZM-ECAAAAuty8CgAAAAA&img=Trn2ERXE3sLQu4-M6NimmYs1tgFypRcqrcs-mpcrfpFFx2EBanAu5MYUY-zcGNfRegM81kzoN*YJRet9VQShOxbLdjuYUagg1fnJTfu21Ix0J5a4aaulfJenNYNtI8TnAgAAALrcvAoAAAAA
Frame ID: 1D6BECB9AA62537AA7D644132FE6234F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Những điều bạn cần biết về cá cược thể thao cho người mới bắt đầu, cách đặt cược chính xác cho người mới bắt đầu, mẹo - Giải vô địch

Page URL History Show full URLs

  1. http://smartligts.site/ HTTP 301
    https://smartligts.site/ HTTP 302
    https://ugt7s7.ru/whome.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

616
Requests

85 %
HTTPS

26 %
IPv6

71
Domains

117
Subdomains

77
IPs

8
Countries

8873 kB
Transfer

22265 kB
Size

109
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://smartligts.site/ HTTP 301
    https://smartligts.site/ HTTP 302
    https://ugt7s7.ru/whome.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://an.yandex.ru/mapuid/adfox/51662%3A10087?jsredir=1 HTTP 302
  • https://an.yandex.ru/mapuid/adfox/51662:10087?redir-setuniq=1&jsredir=1
Request Chain 123
  • https://an.yandex.ru/mapuid/adfox/22561%3A18274?jsredir=1 HTTP 302
  • https://an.yandex.ru/mapuid/adfox/22561:18274?redir-setuniq=1&jsredir=1
Request Chain 165
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A711354631746%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A365896366%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Ads%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C1100%2C101%2C%2C%2C%2C1721%3Adsn%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C987%2C101%2C%2C%2C%2C1721%3Awv%3A2%3Aco%3A0%3Ast%3A1641129102&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A711354631746%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A365896366%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Ads%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C1100%2C101%2C%2C%2C%2C1721%3Adsn%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C987%2C101%2C%2C%2C%2C1721%3Awv%3A2%3Aco%3A0%3Ast%3A1641129102&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 166
  • https://mc.yandex.ru/watch/188282?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A915941007%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3ANh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/188282/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A915941007%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3ANh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 167
  • https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196 HTTP 307
  • https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196&sct=1
Request Chain 205
  • https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/ HTTP 302
  • https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
Request Chain 207
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9506.zHW2aIUNfwmWlzFPCf2rb0lNYE6w4PzTqi51Scy-T2X4x7x4HxnP5CpU6A00peVn.STrPAM7afDaqwAvksemRnUrzZYc%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9506.qHfxZvfmTWLGmvf024KSfzWl3Lwvv3yJbkZUWsqU7mdcnnxw8fbZuVyuwXBcMM0Fh5cvFrnu7g1TJodNmsB0oeBkkGjNgZ1wv9hcD-Q6sRA%2C.SVsVpliEUzQM89RmfvO6btSVvUs%2C
Request Chain 252
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jqTRYYS8ApKX-gb8_aH4BA&random=241247210&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192&ipr=y
Request Chain 253
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jqTRYZW8AtrogAeGl6HIDA&random=1480352542&sscte=1&crd=CNPgGw HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=3616380350 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=3616380350&ipr=y
Request Chain 254
  • https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A727917361910%3Ahid%3A1013331319%3Az%3A0%3Ai%3A20220102131142%3Aet%3A1641129102%3Ac%3A1%3Arn%3A534595712%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129101289%3Ads%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C277%2C0%2C702%2C702%2C0%2C416%3Adsn%3A0%2C0%2C103%2C1%2C1%2C0%2C%2C311%2C0%2C703%2C703%2C0%2C417%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A727917361910%3Ahid%3A1013331319%3Az%3A0%3Ai%3A20220102131142%3Aet%3A1641129102%3Ac%3A1%3Arn%3A534595712%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129101289%3Ads%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C277%2C0%2C702%2C702%2C0%2C416%3Adsn%3A0%2C0%2C103%2C1%2C1%2C0%2C%2C311%2C0%2C703%2C703%2C0%2C417%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 256
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1430471658 HTTP 302
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Request Chain 257
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly91Z3Q3czcucnUvIl19fQ HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA HTTP 302
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1 HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=yandex&nolog=true HTTP 302
  • https://an.yandex.ru/setud/tinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=1204374944
Request Chain 258
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND1147893466 HTTP 302
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&a=185&e=9CD1965270ED4718D54BAD426D6FA9B6 HTTP 307
  • https://sync.rambler.ru/set?partner_id=vi&id=z-lwk6lYPbVFtLi7QfjS HTTP 302
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Request Chain 260
  • https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=00001069-46ef-f99f-17d0-390406878420 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=00001069-46ef-f99f-17d0-390406878420
Request Chain 261
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
Request Chain 262
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4&cs=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
Request Chain 263
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D43215f87-299b-41d9-97ad-22a7e9cf93aa&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1a4261d1-a48e-4000-8a9c-c4ce7bc6612f&expires=30&ssp=between&bsw_param=43215f87-299b-41d9-97ad-22a7e9cf93aa&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=43215f87-299b-41d9-97ad-22a7e9cf93aa
Request Chain 264
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Request Chain 265
  • https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420&tc=1
Request Chain 266
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
Request Chain 267
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D825 HTTP 302
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=825
Request Chain 269
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Request Chain 270
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4 HTTP 302
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=aNr8Sb1AahXDY9Sr%2F1Yl0g HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253DaNr8Sb1AahXDY9Sr%25252F1Yl0g%2526id%253D%257BUSER_ID%257D HTTP 302
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g%26id%3D%7BUSER_ID%7D HTTP 302
  • https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g&id= HTTP 301
  • https://x01.aidata.io/0.gif?pid=9503528&uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&exu=aNr8Sb1AahXDY9Sr%!F(string=%20%20)1Yl0g
Request Chain 271
  • https://rambler-sync.rutarget.ru/sync?00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.rambler.ru/set?partner_id=segmento&id=oSebgDA6DDtl
Request Chain 273
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Request Chain 299
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
Request Chain 301
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usPwgLEKAG0x.AikABlF-GurMLg
Request Chain 302
  • https://rambler-sync.rutarget.ru/sync?00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.rambler.ru/set?partner_id=segmento&id=BWYBdhQcYeFI
Request Chain 303
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420&bounce=1&random=2970896965 HTTP 302
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Request Chain 304
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D888 HTTP 302
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=888
Request Chain 305
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
Request Chain 306
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Request Chain 308
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Request Chain 313
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA HTTP 302
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1 HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=yandex_dmp&nolog=true HTTP 302
  • https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3433113589
Request Chain 314
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
Request Chain 315
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00001069-46ef-f99f-17d0-390406878420 HTTP 302
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4 HTTP 302
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4&bounce=1 HTTP 302
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=aNr8Sb1AahXDY9Sr%2F1Yl0g HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPObOIpbVSpOx_zG9Tqg4ag%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253DaNr8Sb1AahXDY9Sr%25252F1Yl0g%26sign%3D3556300022 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/PObOIpbVSpOx_zG9Tqg4ag?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g&sign=3556300022
Request Chain 317
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND2080694681 HTTP 302
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&a=185&e=9CD1965270ED4718D54BAD426D6FA9B6 HTTP 307
  • https://sync.rambler.ru/set?partner_id=vi&id=m11rWhSYPAx8HqH7Qer0 HTTP 302
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Request Chain 318
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1353788000 HTTP 302
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Request Chain 453
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
Request Chain 466
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 468
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4 HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b&ru=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3201865%3Bpid%3D874693e2-6bcd-11ec-ae6b-901b0ea4a41b HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3201865;pid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b
Request Chain 469
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://sync.bumlam.com/?src=bw1&uid=d647ef3d-d9ae-5102-8a85-f2bbeb545635 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiPycaOBlIFvp7KygpiJGQ2NDdlZjNkLWQ5YWUtNTEwMi04YTg1LWYyYmJlYjU0NTYzNQ** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiPycaOBlIFvp7KygpiJGQ2NDdlZjNkLWQ5YWUtNTEwMi04YTg1LWYyYmJlYjU0NTYzNaIBEIgGsKhrzRHspukAJZDIJDc* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiPycaOBmIkZDY0N2VmM2QtZDlhZS01MTAyLThhODUtZjJiYmViNTQ1NjM1ogEQiAawqGvNEeym6QAlkMgkNw** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiPycaOBmIkZDY0N2VmM2QtZDlhZS01MTAyLThhODUtZjJiYmViNTQ1NjM1ogEQiAawqGvNEeym6QAlkMgkNw** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=8806b0a8-6bcd-11ec-a6e9-002590c82437
Request Chain 473
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Request Chain 474
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D927 HTTP 302
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=927
Request Chain 475
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Request Chain 477
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA HTTP 302
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1 HTTP 302
  • https://sync.datamind.ru/cookie/emitter?source=yandex_dmp&nolog=true HTTP 302
  • https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3701956541
Request Chain 478
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1036298988 HTTP 302
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Request Chain 479
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND967473115 HTTP 302
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Request Chain 481
  • https://rambler-sync.rutarget.ru/sync?00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://sync.rambler.ru/set?partner_id=segmento&id=5kPLR4fgHjx2
Request Chain 483
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4 HTTP 302
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Request Chain 486
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00000000-61d1-a48d-1876-8c11019109aa HTTP 302
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
Request Chain 507
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
Request Chain 530
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1&google_push=AYg5qPIpUGfdvoEjolcsL9OK4ZWy0eCpbZLTQtGACy5JjFykUz2bEOb1svu1HEKdUBTqUNrp_A5igyy3pVziTRItC5cjoyj1P3jA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM2MDg4MDgxMDYzNDI5NTQzNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1
Request Chain 531
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 532
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOfW1I-XlCkL-6O7n5_8gxI&google_cver=1&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE_wVPgl1Y82I-Iwfs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE_wVPgl1Y82I-Iwfs&google_hm=hTMjVrRrS4SrtKB4PZQloRQ
Request Chain 533
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEmmA336dVLGWilIuIUG05w&google_cver=1&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_Tjo7Ts4URH-WagR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_Tjo7Ts4URH-WagR
Request Chain 534
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPKfvF1KiMUjalmYtlU9hVxnuMxIHTBiq7ccnIzF1NRzyS1_shGUS6JSEmqnVcJLKMrmjv36WUQQVd8skCoC8gM_D_ubRBvt HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=097262cf-752f-44c6-a9b2-c84a32fd735d&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Request Chain 535
  • https://match.360yield.com/match/ebda?google_gid=CAESEEKPc-t6d7RUPDlIjbHwam0&google_cver=1&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEKPc-t6d7RUPDlIjbHwam0&google_cver=1&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD
Request Chain 536
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ&apid=UP880ca3c7-6bcd-11ec-b031-06c61451f302 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ&apid=UP880ca3c7-6bcd-11ec-b031-06c61451f302&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ODBjYTNjNy02YmNkLTExZWMtYjAzMS0wNmM2MTQ1MWYzMDI%3D&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ
Request Chain 544
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Request Chain 545
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENgtWDcPCyzlPgLhVRwXr0s&google_cver=1&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyWxU82beqLCQZgkzNsLFQH8c2o0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hYOVc4VTItSC03MklI&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyWxU82beqLCQZgkzNsLFQH8c2o0
Request Chain 546
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH
Request Chain 547
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa-_9PLg0t81MQJq_suFbc&google_cver=1&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY&google_gid=CAESEMa-_9PLg0t81MQJq_suFbc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY
Request Chain 588
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 599
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
Request Chain 614
  • https://um.simpli.fi/gp_match?google_gid=CAESEHgwloW4XKE4jTJ69MHadQA&google_cver=1&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKPN__L28zEADAgIFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40E9644F3892451AB00F7B62A226C3BE&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKPN__L28zEADAgIFQ
Request Chain 616
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEmmA336dVLGWilIuIUG05w&google_cver=1&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36HhOiT_mXRBnABGJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36HhOiT_mXRBnABGJ
Request Chain 617
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwXu72xHoDeBA HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3c2f8d7b-3a7d-4d76-a5bc-b5d2aaf865a0&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwXu72xHoDeBA&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Request Chain 618
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEG3x3M1wj5ZOjQG6R07C_w0&google_cver=1&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh2M5kKO0Ii4Sm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh2M5kKO0Ii4Sm
Request Chain 619
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa-_9PLg0t81MQJq_suFbc&google_cver=1&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_zInGytdcpmd-RPDPSKmh-tsEcMAMzCRa7SpxeIXrHQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_zInGytdcpmd-RPDPSKmh-tsEcMAMzCRa7SpxeIXrHQ

616 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request whome.html
ugt7s7.ru/
Redirect Chain
  • http://smartligts.site/
  • https://smartligts.site/
  • https://ugt7s7.ru/whome.html
550 KB
98 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f46c2af5260815461be10e868c09a724c3fd69e469d210d2b8aa1608dc6b151

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJe7MX2%2B5csZmpWBK4tFQ4fB5IzFQk%2BWVxYa1vGgsMZGe%2FhITmGu5wJeX2rcVAhv5aEfUjhuoVizhiAWvvPQmzSEE01p%2Bf7ePalIjYac7xAE%2FUwK09eqwCQCd50%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c0b5dac3bc8-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sun, 02 Jan 2022 13:11:39 GMT
content-type
text/html; charset=UTF-8
location
https://ugt7s7.ru/whome.html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uImI%2BRXgkE%2BkM3rQHGwiGx64IUgRIy%2FM7qjElL%2Bj0ItElFBlm4UVvvOibvxeL2k%2Bq%2B6L5waq%2F%2FpinR6Nc7VJIe7WFtV8LUdu1x29U2e2DwzrnmrNkmPNrSbzNOoOx6ji42o%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c0908c33a53-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
_style.css
ugt7s7.ru/css/ 		831 KB
148 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/_style.css
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1fc9f233483c734a251bb7a17fdd2324faf80fd2bd3faba06c1089da45acfc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-cfd26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g447thHnX5e6Osb9FS4WoAP0fpzNn8Kc5aWZ2AEqJf0Ny9FUtGtVFLMCojS%2B0n7PsUoeoYzj%2FHCogPvcSQUq5930woaz22%2BmadET%2BjYtLYaXQEZwfwrGjxBgals%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78cf3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
_script.js
ugt7s7.ru/css/ 		1006 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/_script.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16df8032ad8c88c7ce561a799d2eba80d6fdbb90d33f94c7c4b5934295196e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-fb817"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBkhGu%2FadkkWunmXDxwL%2FSVQEb%2BZhj9QmWGekfXSNZHelRS9KBHvwGM077dxfoOzaVowoo%2FwtD3f2mriyAx9tSBIkTU0kJtENddUTkcWCDODMMuM1BudxToJFQI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78d43bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
capirs_async.js
ugt7s7.ru/css/ 		578 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/capirs_async.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43e2c60c1c7c0ac47463df85db69c8a8eddf2ef65c884f98eaa327a0aa635a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-90893"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDkvHuRAbzO7U99N%2BDhuMvGGky9ZjkFOdcENCkxelZU8wtxbEXba%2BfBZisD1wK87UWl7B3vSFM3%2Fij%2BNT5MeYa0uXf%2F97B8a9SdxWTE0m0mtA2x8Xqbr7TxDmfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78d53bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
chto-nuzhno-znat-o-stavkah-na-sport-novichku_1591798890366659541.jpg
ugt7s7.ru/css/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/chto-nuzhno-znat-o-stavkah-na-sport-novichku_1591798890366659541.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
370e84225ba11f3c73383cbcbdc8a0e83e45d0e3a9e3cd657da7bde860b50490

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
114887
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-1c0c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFEsX0ArQp9hdxMeOnx%2FkAp3dn%2BtryC%2FUTWLj828xUZ8%2FQjh8kEmyXed%2FCKDVenNj2RLNmiqTtIU5T2PZETT1qX1pBe2b%2B6yfPQcO%2BwRJYMfG%2BkSgdMZHDFqnRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0f9ef7d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:16 GMT
context.js
ugt7s7.ru/css/ 		307 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/context.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8872bba7bb071f052bc62cacbe0857334b6a2b199acfb5e9cf30dc7bd0d3d35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-4ca9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v%2BD1KcxhYTtiNt38MoBC4TG7AHiLLjwoWtiWO3rGGa%2FEyRJCcTJKQkMhJ%2FhYbdxx9xNBjrlwOwabbBoNG6PxsxbmQj6PVFG9zMmiCboRBy2iyo6s1R6Yut48pQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0f9f09d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:16 GMT
recommender.js
ugt7s7.ru/css/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/recommender.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0202d59436339ba688fdbd48ebf86cf65bb66d4a3507e7697d34bff093d907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-5952"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hNKSvCmB3WazAEmTLp8SCYYggKEkNNaCjUpAKPPR7rZv8bfLosnKr%2FHCjBJLRp2ymEgPugRXFMAdNIsIr1taxGlcNA7CgLnVnhVyKaPyG0e2KrhGpR%2FL0s7rLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf12d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:17 GMT
sdk.js
ugt7s7.ru/css/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sdk.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf294cf6c76ba0eebcb764f18bb0468e4f9f6b527c0f8c14d124fa3e2c47b34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-19d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaJ47K6JPXBTr5gjhdaq8VP8r5SLNHotqDYUE2tV8N6VBnKdivnlXqRSN%2FbLl3ls9angszP2hR8JJMHtC4AcsTKHetOzSz1geVzfhQdvtqp6x%2Fxplpw5PkeEFHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf16d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:17 GMT
sdk(1).js
ugt7s7.ru/css/ 		153 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sdk(1).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59edf97034f2a96fc56fa27bb9208e1dd00e586263bde35a2a84797790d7f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-265f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Og5Cv35yseSCJ6PT2Z4yfk4CsunftD7jgh8phMghhyt3qJOvZ3pfBoz%2BQ6GXi96GyN7csHjVgOBslDoFWo32IqpzXJefWXlvBkucyG2zAqAQMjZHqG6Rzu6FVkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf1bd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:17 GMT
sdk(2).js
ugt7s7.ru/css/ 		162 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sdk(2).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4840dc681695df24a6300b26e0574ecd3cb69b2084d8e8fd8a626303fd0ea576

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-289cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMiLHJTduv0y%2BybWZ3VN9dp8I2IfCO10CmiRbUkKwSdX4cPlxhLHnZASHm2eVTA3A8AY893x5HCLZcA%2F1e3gfK6WPnIs9PWwkQIUsXX7X2ti8zjYa5yrwaxuHc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78d63bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
tag.js
ugt7s7.ru/css/ 		194 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/tag.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd37284a3841f5f82188e6992c2797e8a2c678baa70b536bbad5cbe5bcc783e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-309ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIVik2VbGxUvdtPelLm96jnW%2FDUbGMeYlfjsfgxUm7QeKhKepqPMQ3mUJ33o2RLtaAJPaFom1M0YneNOMMlCR2c7bgGd9AIUFz2HvM69bfE2oifI8gyTPh8ROsY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf26d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:17 GMT
embed.min.js
ugt7s7.ru/css/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/embed.min.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dea1e5288ed99f478e4666d59028dc6e2a81ebff156844c3a7c47bff17088271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-4084"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxteFeHWyL9DrxzuSOoSfY5PJIlO5foi40QbenKLFalbTGVPMA%2BjGGyMHnxMnw%2F2fDxhDy5gWD2XIjBrjdvnzi2aSBSo3H7GVS8M8r2B3kydypzvmmZKgZq%2FYmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf28d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
top100.js
ugt7s7.ru/css/ 		199 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/top100.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a8ea10aa7f4c6489430c8b5b6a56fe48602447ec0791b45606474e06d0f2c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-31cb4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pe3upcTl41%2BbGywWWnwu5OMBLG3LN9bGwoGS0niNgnN6SZdcz%2FxPcy4WesKG11o7spnmISpCPDoei5Riz8EjkeTuYYMcBMkSlNiEGYhkIcQRtLP2voYYOOMvvEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf29d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
tcounter.js
ugt7s7.ru/css/ 		552 B
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/tcounter.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoqh9CxUMgUGxGYZwne3Wak5PF%2FyHiKNF8eGyiTYFGld9%2BsyC%2BIcPDKYOphMOsmqMkd8xlWUcDtkRd2v0DfC%2FB7ZmQB8LHE3fvvPrUv1rMOmrnG04Q%2BdSmLRj6o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf2bd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
analytics.js
ugt7s7.ru/css/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/analytics.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-c41d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXieePg%2BMeZ%2BKL8JG6ZdDbYlU0HOOpEkKSdzxh3%2Fry91sF10n%2BM7IPO6z1x5wx9o0iQFr7yInpkNvgXTpqndJLNo%2FOndvC8pimVhypco9jG4GWXhKxdsMLmH8Ew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf2fd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
lazysizes.min.js
ugt7s7.ru/css/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/lazysizes.min.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-1e5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s05Xmi4%2FAS6rVZVpspvpKPrVgbFtjOnuVXObX9Tg4Sj6tO0lBWXqf6XvdHBAjeZroAdm5nyJhATUnMg9dxx%2Bg9SY2gMLptDl%2BmBFUC8IsrTVi%2FAKICnqNtOBkP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf30d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
custom.css
ugt7s7.ru/css/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/custom.css
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7b1889e548067d2f0c258377caedab53dceafd5eaccf0da048fa99e9f690a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-8e7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dKQcKloJ4SymMJCR%2Bnh9VgPPWnD5BejmxVlIatSFcU7fgGPGSMf3MTGZqTGUjaMX5fgKp9v0kE9umKLnyG139H6UFQkczfvZemnUKvhfXuGmb6%2BPHwQXClh8MH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78d83bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
sdk(3).js
ugt7s7.ru/css/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sdk(3).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff2cd66a2264398e777b859aaf0d69b25c7a5d86f1a633cecc5fa8768dc9588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-38e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFgbArpFjm4tad1ICK2hJYSqGGb9bUZZZtyaE0ZB6yTt7fMI%2FDVnYxOqn5K%2F8IUUWMWLDcX2CA%2FfilM91mGeEd%2BRkG1WXgDtfQANKWRqDCm6v87Dpgdq6EK5I3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf31d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
ads-min.js
ugt7s7.ru/css/ 		40 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/ads-min.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932b483420091cad5d60ce25c2bc72d5bcb2feec5b1cc15b44c76a06f201fffe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
40
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmDEseb9uha4sVrjRPxE14jgsA5OIxo0LTGgpjxMRqpAXY1jUDk6k3s%2FjKClWojRnJIjct93an4IGOxBRicWCAvWoFtgPBXzgjWPo5J0JENkwAVOtPg5uFvwDrs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0c78da3bc8-CDG
expires
Wed, 02 Feb 2022 13:11:40 GMT
gtm.js
ugt7s7.ru/css/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/gtm.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996df6750b8a9abf597467616ceeccea172009f1460cd792e7d1af512bd1ad9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-151e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JyYk5DTZoHipR5EX0BPevC%2FzpxMNV2CYsR%2BdDyl5q7%2FjJ%2Fy384nNyi6vji9j%2FD5kcQe%2FJ12yXV2lxKnGTziItLuAk0bSvrBIiVE1eyHYOF2DzvAlwcSS5OoEeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf33d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
gtm(1).js
ugt7s7.ru/css/ 		76 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/gtm(1).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
131af85b780177363212133650a8a504b7acca8731c549fd4787a8e04d90efde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-13171"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bo5Y6XA0OBjp5vqDkSNN%2FYKEvAkjnROaZMBQfJ1c5y%2F2WZIkjHF3HgDcvpdEnJj4tEqZK5hn7fR6s6YoV76J3nUiyNZuqeuDJg0mKv229ie%2Fdnuh%2FdvqofBMHSU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf36d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
getid(1)
ugt7s7.ru/css/ 		38 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/getid(1)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e71143f9e3681b4579c88310e0b04fe5139c7a8f984e605196c990e6af075e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"26-5d447df6904c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRsA%2Fr8y1%2B8aRzWvZJwe9lyAOESycevrmMMCIWW4U1wnpjrVi186NsfiNM525pTDrnIDXFArcqyOK4rnDycFXHYVfXWKsz3ULVqP9NxnKslSf%2F3GiOuBkJrj46U%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c0faf38d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38
usability.js
ugt7s7.ru/css/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/usability.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7317d29dfc9c043d03219d9042bdbb60afc6e49c43031891dd9d0beef9c110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-7c3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzKoxOfoSXUjEWci4ZnoNNsKQC0Z3s50xQdg48OANh7%2Bq6NpZ3533YUC0fLyMZgrXCQnCaUUpy%2F461tEV6Lv8msYmWzVR7cQgEEHpIgTHfTxYtwFSY2RMkyVnUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78db3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
media.js
ugt7s7.ru/css/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/media.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c7c404948dc421969b3ff93d72478d8066a3f4026ed6a9d5da00974e8fd303

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-48d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7eXCVjQNP4F8xfBUdYvbWljLNqz6y6ha9ThKv%2BhPRkcewLyGP6EhbYHzrz7phoQ69rgcmzv9Im4m5EQ6285jW5fgQiVdJqYsp243LUk4jJny5gR1os1tOMS%2BeE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78dc3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
widget.js
ugt7s7.ru/css/ 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/widget.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451a7009759f8faf72dfcf8b211e44ec94cba5fa6835f9413c3948d48e4d0bd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-203d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD2wEcY43sRBjiteLLJkbsbJWG1TQO7vRBVD8WKA4slHYYOpuQ4ij36GEpryV%2Fu95XI%2FhHFpoSO5dcmjQex7iMzgqK9u2qfOeeKcBMhjkr6ed%2FWy6zU81bIi7Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf40d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
api.min.js
ugt7s7.ru/css/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/api.min.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa877d70f417b15872e2be0a758a9836a777b207e043e3255508b09f010fa28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-2be5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guAk32VKyY5Y81EAhaMrnH0OM0zsAuzkGD0LwL6Fl3Wk2lLglXWSSCZkl5N5d0JGgpI0R8Dz%2FUnmLv6zH9YoKV8xGbU1mm0rf5k%2BPOif2ET41fLel8y5yQZHYx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0c78dd3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
whome.html
ugt7s7.ru/ 		550 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/whome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f46c2af5260815461be10e868c09a724c3fd69e469d210d2b8aa1608dc6b151

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNdc2TSZ9NJYGvzzMwQHQiKpmpJ4dtYGxDFcgdh4rLjVQhPZR8iRa07trdZlGt52PbSkIf4aztrp2hC9GuuM%2BacZu9pI8072ubm2NYaXibUpIY3gR9BUFOrkGP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-ray
6c743c0c78de3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Data
ugt7s7.ru/css/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/Data
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398a6181a061a1b4e9e1e893b11ea4ec1207829ce2cbbed9e1c9430088ca4bb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"610-5d447df6088d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQMzO1q9OdLsymrQldnUQ58xqAJ4onlxzGDSTknAfkSP69cI9luyFSuv2zkyHsNm7p0wmOHpaLvq3X%2FhjrRiV%2FrgLjm%2B4SOpQ3nm7353Wf4wSRz4epMt4NA5LvI%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c0cb95e3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1552
championat.com.769474.es6.js
ugt7s7.ru/css/ 		176 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/championat.com.769474.es6.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c2baebf9307a81c5fe9346c79d5f8e01e7544eea68f74c38b9796ae20cdca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-2be83"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSrBTrh79CCf0vZjCssBol%2Bh9Ve2fp0gENlKwNpCgKClURqtt9ayegv6g6tHEChJrNQs1K4x4R1QcE62ubMgL579rOnFzk2sIiCB0wxYo7ZdNdXuJa88R9%2Fdh14%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf43d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
e0a6e9e854383f3fcb47.js
ugt7s7.ru/css/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/e0a6e9e854383f3fcb47.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82ea8fb2948d1a9c54552b4d7220c48b4b318174977fd11e408306f4d925776

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-34e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d5ADA%2F9HYYQ%2B%2BrJDiGh%2FJfjjjFFk2FQ0BvcaWAoeAAmDGnsFh9QqgBKsWGpRr%2B1nJzR7wEzVEtdUClQbgQYewuME%2FQQ1S%2B6wZGZI7T%2BESmJK1sPfWTLSFS6BYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0cb9603bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
89ef3239e354fd14ed81.js
ugt7s7.ru/css/ 		80 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/89ef3239e354fd14ed81.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95dff572ea6990027a35656318742dc8695728f2a263a5b04e46163ea28931a7

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
W/"61cc5106-13e9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsV7EfMz31MTLw8oN9QEZn92vaFN6F1iBaZb97V8GsEb%2FACjIUaI9eewsXek%2BlJ0J%2BKqmB2Api0LtcjzGESYeqfM7UQxRQdbjBu3WIztVZdmgLv48wLhxCskVIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0cb9633bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
host.js
ugt7s7.ru/css/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/host.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-83a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P0SU5cLo7SQO3tzG0TORbVl8deEbbZwGziRAhxuckZ2jviYTiAi8cpYY1gNBpV%2F2Db0ygnEuxJYu6IxCKNT3FrPYvasFtYsSLefVBxZyvdvb8xHzsTcnIEeoqI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf46d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
d5a064a255392b8ac16c.js
ugt7s7.ru/css/ 		626 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/d5a064a255392b8ac16c.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a7694928ec9efa94b61d98cd70535eeb00dd1bf34f2689044938b583fbd5ca

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-9c67d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dz1od3XazBm%2FYZqY7cJKqikIVrqaAWO3QtgVlTzjYV4e1tKF8oqtjsXG5Xpj%2BEAD8xAa2mbtI%2B8aupmeWYzHoIUlHeCNzok5E4qIPadHBgIuy4I%2BHV7bujkErro%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0cb9663bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
saved_resource
ugt7s7.ru/css/ 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"0-5d447df6c314a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IkDt7h4rU8DXUS6ejTiwuhHavVypUE6xJMnNAHtPWUx%2B3lwOgTuYbpZDnRAXm6JhErEcBXUuRA6s9M%2F5tb8BehViORUfnBD7tj35R7%2BTly8Od4a8tur99rMkGOM%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c0cb9673bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
9
ugt7s7.ru/css/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/9
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c09fe32554932375d5ab08c355e14fd06105d355eca1d507fda38da7382ff9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"4052-5d447df6088d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hA5zV9a9F88sPpmpa9UTF5MWWI2x%2FCBdpYdfvhE6iAhFUwzz%2BM6CkuhLwto2G%2BGSr%2BCCiNpADzbyBc2fjRCE629lqBWGGRLa7jZNuyNl2U87F34AdSpZzXQxdU%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c0cb9693bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16466
translateelement.css
ugt7s7.ru/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/translateelement.css
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-4924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSko8KoXWzXnSZTdKyrY3GzNQ1UBqN98nLK7qkLx5SPPh9QV8Kg7iQ93hchN0y0%2BPqkxGflO3aEn1thUmcZdf3VqZrLIqD%2FD4m70Uqk2qDBaWCdekjPwgaDrLxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c0cb96a3bc8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:40 GMT
logo.svg
ugt7s7.ru/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/logo.svg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0d5781311660c2d4f05816041497b33ad71acd98621a24f9783dae3f0a7bca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-6ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk4LC6hbnphjyp5Fe2Wc%2BS7lOSbQaKkbiTf216xiZqCJwEc6BjM79t%2B93JVwchXddymc9ArYB%2B1KzdCy3pU%2B6BxkmFmQC9fP1JXO8FPcg%2BXPAA5fXKug2K4HBBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
6c743c0faf47d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
index(2).js
ugt7s7.ru/css/ 		143 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/index(2).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6267d4f123679bdcffcc2c888dfc9450e6a0fb190611c530470382163d3a9923

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-23c8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Td%2B%2FugXhfnmswOLiZsZG5xTbJxzzvGvSjH49KVMe26g6INGc1oq%2FX5umZ8NvpqDSAIqMr66QYhU8%2BTfGNb1wNEMTTDI%2Bv2nRpDJCShc8v5%2BPzyvbfmEKi%2BF53Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf49d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
en.png
ugt7s7.ru/css/ 		125 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/en.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8a0c4aac49389cc949f0b133430fa1787491420fbe568583d02c2251c6c08c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
125
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zcKuA101MOBs%2Fsxp%2BIZhdEOehQlYmvIkTo%2FgiYyrkbHxxqNXSLaVsNkuv%2B0Tu5LludXkL9nyUersYMr0KusL70E6UZiS18Fwwkk8xPLjMGeibNJlkq%2ByLf6HmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf4ad6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
16215037681560212360.png
ugt7s7.ru/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/16215037681560212360.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff94cfaa773b763e3ed2c1d285dd992322d5634cec5f633727bf9d6f16342e79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2669
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"61cc5106-a6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cC37tRdF5ZGBxOk0Q%2B45IA9d20BDZ6sbSSg0dXiz%2F%2BPHgjN%2F36xzKGGvMbR4E0tdBM08dDR2MHC2N5QVBz0%2Fxa9RKLnyZFHuv7KU1ReFvWTxR03fv2LtfTZMwIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf4dd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
16233350481308170427.png
ugt7s7.ru/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/16233350481308170427.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23da05438074b2aec6e28871fd0f5f94de8dfd03a6b94826e3ae201e70525961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1903
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"61cc5106-76f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZonzbwcWoxblxZ3FNLzMyjtxStN%2BwZgj639Mr86i2V88%2BQ%2F7vckN5MZxuSPAYvPa0ECFl01PJQ14LajGSbXjHbOOGGHE8BMVweSZWVFpbDdymPTFUQrTZv8AK2E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf54d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
1630527650978956591.png
ugt7s7.ru/css/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/1630527650978956591.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0d17588c3f715bf27a7b0cb4a50d3fdba961572413c2ddbf09eb9facc87425

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2219
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"61cc5106-8ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erogZUR%2Fh2lReGvkR%2FYZM1s7oxdERXMzlM%2BYHC4lbNEFH2PGN%2BkLaPUsE3RAxwaw5f5dw7GS4YvI7QI%2FYQSPETzw1t0N2p5UPRmVD9Shg7W1SFgIXGoKVVmFNVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf57d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
158834547577813641.jpg
ugt7s7.ru/css/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/158834547577813641.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05ead113fb16f0c8b39d7621f118db2ad2d9b87f5ca5d97d0ebf51253117524

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14335
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"61cc5106-37ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiRzZvWjnKpyqMwNahC0%2FueEv7P9Ps%2BYmiPHie631f7GRjiTtL4wnxBHggDDj6Dlb58quzWZApYDBlK2QLd873BCaKV%2FYn0gM%2FdsKxh2MXwDnqMu6qs2OhBWhKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf58d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
chto-nuzhno-znat-o-stavkah-na-sport-novichku_1591798890366659541.jpg
img.championat.com/s/735x490/news/big/x/n/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/s/735x490/news/big/x/n/chto-nuzhno-znat-o-stavkah-na-sport-novichku_1591798890366659541.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
370e84225ba11f3c73383cbcbdc8a0e83e45d0e3a9e3cd657da7bde860b50490

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:40 GMT
X-Balancer
kr-lb03.lb.rambler.tech
Last-Modified
Wed, 10 Jun 2020 14:21:31 GMT
Server
nginx/1.21.3
ETag
W/"5ee0ec6b-49d4a"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Upstream
10.144.40.11:80 : 10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
114887
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
X-Upstream-Status
404 : 200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
kak-pravilno-vybrat-match-dlja-stavok-na-futbol_1588658918634972738.jpg
ugt7s7.ru/css/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/kak-pravilno-vybrat-match-dlja-stavok-na-futbol_1588658918634972738.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e5b4ad4a1e0c8fb2379e67edf306c9140d6ad64b345e2cbc7014975d95aaf1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77974
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-13096"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24kGJhBZyneLpZXI8aFdbTO7rpjMRbrqEcZAjY5CEmoy3vMKrDW3GowGbovXbyRCz6I%2ForuuAW4mff%2BhI2FRUUphU2zWLi6HkzeMrqab37366qc%2BB321rGmQb3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf5bd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
bankroll-menedzhment-v-stavkah-na-sport_1584621742592623563.jpg
ugt7s7.ru/css/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/bankroll-menedzhment-v-stavkah-na-sport_1584621742592623563.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec543652c8c9baa1fe0f7797c6c36f23db3b5c7558ccae21411f7b329fd8e67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
90520
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-16198"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpfQmwSjlPNy9Uy1ER1hKtSbnmWf3PGlkHKpvte%2F8z7sn9HNcVB6qAU9C4pOErIL%2F9beonJe%2BhPcJpwTpJHMSAnM7JUgTOe8gy3D7X7mTp8rkN%2BxOp1bPUQy7no%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf5cd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
lionel-messi_16406836191328586839.jpg
ugt7s7.ru/css/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/lionel-messi_16406836191328586839.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e6c1002f9a4c4411a94ee238b51a48d85b77640b9cd9a1e2f63744fea17d00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
89688
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-15e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zDdebBn7gA%2B6NdgWrOXbsfL0vc048pOPMoihJzdYJE8CLNC%2FTaYcCxs2XRVedss8xJ4XoYykSWaqxEkDtLBfkZ4C6FdKG8tVq%2FCT0ShO7f1QBFLxetkDXZ%2Fafc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf5fd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
istoriya-pobedy-anny-scherbakovoj-na-chr_1640247886869584350.jpg
ugt7s7.ru/css/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/istoriya-pobedy-anny-scherbakovoj-na-chr_1640247886869584350.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451879c66628ca593bbe53b20321e7ba5e9cec2102223d9e02c1a20c6493d157

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
138129
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-21b91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bjb%2FBXBF0fWeXesaehqLvWFmlcJtJ0%2BihPvMB3yFald3%2Be5mm0QdwgRvwzLZ4im3ZTYZ9XaCEm7Xe4Ifi6AuNvbz%2BztOIkxclN9bzHNtCfXua3pLacKrISQShbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf61d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
idei-dlya-podarka-dlya-sportsmena_1640353275396934089.jpg
ugt7s7.ru/css/ 		193 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/idei-dlya-podarka-dlya-sportsmena_1640353275396934089.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e8c4dcc729a99c30eb55a3f935abcb9d7d4f3cd500c052d47b231d162567f32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
197663
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-3041f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8uSWEVOoq%2FRpC9CIGwiYXZvijLuoS0Vh3T5bOQGRNfj46PZUCzVf%2BA5hVexygF0TVkZSe8Ax%2BpHZgtko%2Fpi0%2FV2LDUrYaQZ29OOhALcdc7AwjkhheAZCC%2Fl9ic%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf64d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
logo_lenta.svg
ugt7s7.ru/css/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/logo_lenta.svg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-137a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmJz6apt3YmN8DMFg0KAPT02RJY9pBSvB2Pg5nEZ%2BUsT3utAAg7fGWfYdLW4eD9wcegXKn1K8oyeIqoH4GE39G16F0h2Yer86V6oHYWnOO4it7xhdfoxaJMP374%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
6c743c0faf65d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNjI3MzI2L2EyMTRmMGRkNDhiZDAxYjhkNWJhNDlhYWRiYmE4ODdmLnBuZw.webp
ugt7s7.ru/css/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNjI3MzI2L2EyMTRmMGRkNDhiZDAxYjhkNWJhNDlhYWRiYmE4ODdmLnBuZw.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6006fe7a58797d0c3eabdc514beb320f5f56f88088e5b6bfac1e7b4c9f2b0106

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8212
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-2014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdiGuqgQo%2FUX3%2BZML%2F13Ukf2MllZ4YTV3bDnIFnZkuJVO5d1NBX6jC8tvvn15%2F9fizKUUrJwz8MeYI%2B0eH%2F9HMQ1wT01RBaJVhWZUUtMFyy9zFXOy0hq8xAS6Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf67d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI1Mjc2L2VjMTAzNjI2MWNiODRkOWM3NzViNTI4N2YxM2U0YzEwLmpwZWc.webp
ugt7s7.ru/css/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI1Mjc2L2VjMTAzNjI2MWNiODRkOWM3NzViNTI4N2YxM2U0YzEwLmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87e2489fb8571124db769a1b958b46f654c4f406b7ed0b993c2e3df6c5a9fe82

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25492
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-6394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNsqYPLirZapLzIaOqmKbzX7dwVLHURUIuAO3%2BPPdxcstvlxDJuMKIiuovXvnXAvHCKdyOz5M1WMuulvkOhA%2Bpm3SAK4QIL%2BnEif%2FeLyfXHo9D66iqJSjxeq%2FrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf6dd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQ4NTM2NS8zMGIwZTRiYTIzZjVhN2NhOWI0ZTQzZDcyMTVlMmVmNi5qcGVn.webp
ugt7s7.ru/css/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQ4NTM2NS8zMGIwZTRiYTIzZjVhN2NhOWI0ZTQzZDcyMTVlMmVmNi5qcGVn.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c59fc6daf57a78f87435d8d4be08a80e32fbc6d41255434d03218dc3af292e

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
41530
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-a23a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJ%2Fw1lU8By%2B2ZGwmqnNwY007BGyU27no6oygSGwclRxvXGfaHCJcSaMxenMCegbEAorQuVz3LxVxBmB1O5%2F%2F0PeCQfaD1CpR4gbI5%2FErZN55j1UJkdwd9t1rSnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf6fd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvNDI3MDg0L2EyMGFiNTA1NDhiNjM3OWQyZGQyZTFiOGZhOTk5Y2YwLnBuZw.webp
ugt7s7.ru/css/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDIvNDI3MDg0L2EyMGFiNTA1NDhiNjM3OWQyZGQyZTFiOGZhOTk5Y2YwLnBuZw.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecd885357e6cf19201278a51366752baff2c8706717e2e6d535a9fff31dfca7

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11390
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-2c7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be5piQrAgOfHsrgE%2B9gWyje8qnBTLYQ6%2BckKWUNSTCWI%2BvICYes0LE9gu167RJDCXr%2BzM4BycPIJ%2B1F9I7%2BEAhc8rqP46W%2FevWLm1nZAvcXU5NquDylFwMJtlnM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf72d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvNDI3MDg0L2U5MmRkOGM5ZWY4NGJkYjEzZTUwYWE0ZGQwY2VjZGU1LmpwZWc.webp
ugt7s7.ru/css/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvNDI3MDg0L2U5MmRkOGM5ZWY4NGJkYjEzZTUwYWE0ZGQwY2VjZGU1LmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd2f32ba6eb80b66d35ad9f5815a6109e9f52476895b314281fa01d3f612389

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
23020
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-59ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDQc%2BBansJpsT71A%2FnaVin7QaRTGapOVMi6oT42XQU9KoWbjszj%2BS9H95QzmHq8ZEYPTIAGpmgCEldPB9SZ3Yw8lXlTVs8k6s%2FtS5pWI7nVKNbZ%2B6b0YDYrPFvg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf75d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvNDI3MDg0LzM0NzFlY2ExNzcxOGFiOTFhNTgzMjJhNzFhMmVkYzJkLmpwZWc.webp
ugt7s7.ru/css/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvNDI3MDg0LzM0NzFlY2ExNzcxOGFiOTFhNTgzMjJhNzFhMmVkYzJkLmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b04df514562f4bd342f7d3dfccb57daaf6fad092ce30b116a19499d35d58cfc

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6146
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-1802"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvO5mnFBf2676bC4o2OsNJgxKDWlvWyXh8jsHgF7FBQbI1WAy2yHORQhDv81u9L5d8bj7wp4AFHTWd8QLwZotJoKL8hlIDIqIhpS9IGQJNy2A3ldOhVuWmBa2GE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf77d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2JiYzgzODg2NzY4NjExNTRiYzZlZmMyMTJlNjdjY2RlLmpwZWc.webp
ugt7s7.ru/css/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5L2JiYzgzODg2NzY4NjExNTRiYzZlZmMyMTJlNjdjY2RlLmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0188e22f9fe58731f093b3183a909f4c047b0b01d7feee86eddf647beb63dbb8

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12416
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-3080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpEbUGiTO6IXCl8BIkGCVNw1oXYN6kPFehM1iytjI2NraRtPjrokwdzmYiWrbtVAMA7eBbOvYogj0ho43%2BKbJnxSfOmjqmSb3hpQnKEKbJNOpteSmK6RGG%2FNwcA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf78d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI1Mjc2L2ZmMDU0ZWI4ZjM2MGRhYjE0ODA2OTk5ZWJkYjlmZDY2LmpwZWc.webp
ugt7s7.ru/css/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI1Mjc2L2ZmMDU0ZWI4ZjM2MGRhYjE0ODA2OTk5ZWJkYjlmZDY2LmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b403b8e52c06f3327b746266da1ecf9cd4fb7a6f55c01eeca13b40dd083199

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6014
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-177e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AN%2BQ%2FYRiDNKoLhUjnH3pbF%2BY9fr9OoDICZin99UPSAgK1Ehrodca9ap3QdAqtl2kRuhzrXzPabMRsNmVHWYH1kqs0ebDijLwciez2crSadBzC1a75faTHDr0Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf7ad6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNTY2MzQ0LzE0M2ZlNDMzMWJhMjJiNjdiMzlmN2M0YWI5MzY1ZjI2LmpwZWc.webp
ugt7s7.ru/css/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNTY2MzQ0LzE0M2ZlNDMzMWJhMjJiNjdiMzlmN2M0YWI5MzY1ZjI2LmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5ec3e0eba9cee12f3ada38f189d0d671ad971a208e513ab76bb79c51ab242e

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13110
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-3336"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93tiNfi1bpw6sjs91h7%2FAYIz6wzrzgTMCWPe7OeCbKRlcLQKz2ll3%2Fd9bTCaC2vCB5WtTlIoYpGdiDcLW42Uv5Cuod8DqNMRQlo587RTD1k%2BEgzzCFEl%2FODjY94%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf7dd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyODA4My9hZjAwOGMwZmEwZWNmZDA2ZTY3YmM2ZWJhZWJkNDYxMC5qcGVn.webp
ugt7s7.ru/css/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyODA4My9hZjAwOGMwZmEwZWNmZDA2ZTY3YmM2ZWJhZWJkNDYxMC5qcGVn.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a9e4eafdc0f5dd1ba04a385e62b8d3b645c3b10dae5d6c6d0a86838402cd91

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14178
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-3762"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYJyDw6qs9%2FYiVlWuhwYAubmXZZIAxPTVKAzyiY3JISrlelTCcITPWDjSHHlfzCgbDfIkLw0PFqWDIesGGCAGLmPn4QmGOVf7JLR4bbL6tgjOs%2FcJSKphNaUzFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf7fd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI2NDUzLzIxYzIzNjVlNGVhZmNmZTVkOWM1M2M5NjA4OWIwNmIxLmpwZWc.webp
ugt7s7.ru/css/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI2NDUzLzIxYzIzNjVlNGVhZmNmZTVkOWM1M2M5NjA4OWIwNmIxLmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5118294651aabdc87865c9b9d7931b581ff9d12a54f31e2141fd93683146fe

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10928
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-2ab0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FOwUAWq5NnzraoWl0hHCclOBQdEXHTxMUOs4O8QTZita3%2F%2BnQZBE31Yv0kbvo57Ax8vJififafZIb7xmy547kmas%2BdrvftmaE46ugaiTA%2BePK25llZMpIdwU08%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf80d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNDI1MzMzL2FhNTIxMGU4NjljYjM4OTc4MmIxYWY5ODRiNDFjMmI2LmpwZWc.webp
ugt7s7.ru/css/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNDI1MzMzL2FhNTIxMGU4NjljYjM4OTc4MmIxYWY5ODRiNDFjMmI2LmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59055732ac368b6ea6c1d8cdd93c46b7d1c8589db5804e60282eb7128dc52fb

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7954
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-1f12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZYKBOSxVB8KKZzsOq2%2F2XlfsP8Kld%2F4xSK40PoUqmCOeGJEqWMl1mj%2FVrmw4XUVsiOveau3VYUhGvwNoTkL%2FtpGxsKqe1gDqKihM5RzhBMeBMw6WCg%2F8zov4I4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf83d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI2MTE4LzE1YzViYzgxYjg4NTM5ZWM1ODU1ZGE1ZDQ0NDU3ZDViLmpwZWc.webp
ugt7s7.ru/css/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTIvNDI2MTE4LzE1YzViYzgxYjg4NTM5ZWM1ODU1ZGE1ZDQ0NDU3ZDViLmpwZWc.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55bfbf9006b0c20c972bf5a74d6a6c685915038126a0b80141292266751787a

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8182
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-1ff6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0A5tAi8AdycAcwCP5%2FyYXjT3Q32TLtgUevKx2B2Nn7a8HuTm6LcFa4ShA4o5R64bmwX3fPZqPAnzfNJikmJ3eAwots7AeAW6EnePYKR6DoHC7gN46NAsTG6i%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf86d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzYyNzMyNi9lNzgyNmQyOTE0YTU5NzI5ZDY1MWE4MGE0MDY2MmZiMi5qcGVn.webp
ugt7s7.ru/css/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzYyNzMyNi9lNzgyNmQyOTE0YTU5NzI5ZDY1MWE4MGE0MDY2MmZiMi5qcGVn.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6326563e692936edb1842955d0340c9c1b4549b6ae34919fda0dbc6143d0abb5

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10046
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-273e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1f%2F7v%2FZg0Bm8GHA2qVnai%2BHSMJnE%2F%2BHow3bVdhYYr%2FpW3SvcKDQCA%2BXONTdrTsWY2J1Xero8SAYz22CUoGRYE%2BsSUGF9IRb6q9YWd2wOerNKxSqoIqn2x17zUIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf88d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQ2ODY4Mi8xNzM3ZTljZjAyZGNkZmM3ZWM1MjMzY2NiOTQwZWEwMi5qcGVn.webp
ugt7s7.ru/css/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQ2ODY4Mi8xNzM3ZTljZjAyZGNkZmM3ZWM1MjMzY2NiOTQwZWEwMi5qcGVn.webp
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cefab70ed949c1aa116a319767c9c54f934af8931ee9b78dcb04a9e74a05d6d

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15082
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-3aea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p%2FVt%2BgZINPA%2B0xsrJ%2F1QBZpq86Ur3GA36HSm5vdLOUq65qB9Xq0FXhzMltS5u8jWHTqaDBYMGsX3fr3pw6im9fTw%2Bvum4UbW%2BGUdDbjaqjQ9%2FQQ9d5YAnX4M%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf8bd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
i.js
ugt7s7.ru/css/ 		0
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/i.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3T2EJ3KGlfL%2FMwKT6QtTynQhxncvZ45EKFsQ8yvDdBrFP%2B1giQtyJ1xbBlELTMgspURXcdOwwkeQ8%2F4wkBw3Dqa1EvUbtrzEIfp86rQMfFdeoFOYO6V1CHSArGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf8dd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
triggers.js
ugt7s7.ru/css/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/triggers.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b4b6c732d0d0ea4de02f42fb9bbe4b819b9b8a24d3538f96497dec6fde5a32e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-2dce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FkAVGvu5dNLUCcYjUe4v%2FiiqR35Qu27xYnL7%2FvU4WrQh9DzNn0HnagxIw0eUx%2FEyYPDN5U4zL7smgVyJbqmXpN4NKS4qx3tWLlarDj5SlR2NsgCDxLA29Z2OU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0f6ea6d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:17 GMT
bundle(1).js
ugt7s7.ru/css/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/bundle(1).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXw4%2FgHa2u%2BUrrTAiJ4vCsfrNCpA2Wg1SfZl2x1jI1ThMItMfiCagT%2BjZuyNL4Pz09ju08nEOvVy6lZjIsM39eGqg8WIPse6KfWnFbgIE8H0GWXfEYfraF6eF5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6c743c0f6ea9d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
auth_events.js
ugt7s7.ru/css/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/auth_events.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe8d52e5f35b18fe36309545b7ae1bb614faa6166cf85aa96b8a3553317f38e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-91a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl%2FAgJ4moO%2Bz3SVmaYESiY3Olh8fl7MHh7fqzu%2BuPLT38gw6aZLWmm1M0z1WFQCQqDE%2FhNYdvghMAooSRvBCDjX5BIXL5%2B2onW0t2fweW90AMlv00WVD9aAxJNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf8fd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
championat.com.769474.js
ugt7s7.ru/css/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/championat.com.769474.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ffa9981ea4a6f5970546a44c2304f006973b4043b84b72a3c547da0e6e2ec7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-660"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMjWOV4aRp1A%2BfYlX2UaJnfzhMkqoN8SuGQBmuXW0uRckeKtNWBmaJzDKW0T5LbzOzTnmZEW61PoBzuW1%2FeFu091pJSPWgEY4%2Fo74giU5OVLkjQAjoXxC74%2B43U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c0faf92d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
translate_24dp.png
ugt7s7.ru/css/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/translate_24dp.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
846
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-34e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgL%2Bf%2BDNF%2BHtx%2B8uA2mIbY%2FFU%2B61U3HpuQz3jpJHzHlzUHtwBHuYgdHGfwokmNl4DWEqVt6yH7CxvUS9BpxWcBX8CAOSiuYvUyJ2YrLTDOg%2FX46WwGSg0%2B2tSNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c0faf93d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
css2
fonts.googleapis.com/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4cd9b1e524be163d8535b0c5a2fb35c324934004d84f4957016f88704037078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:47:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:40 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500;900&display=swap
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0700d9b3b616a1d6db6c073e30bc6c7a710b9963318b1cc31b90d701eb7eead4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/_style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 11:19:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:40 GMT
userip
ssp.rambler.ru/ 		13 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:40 GMT
x-passed
0bal1
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
getid
ads.adfox.ru/ 		38 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=3856544865
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cba06688454c4b504c7c8294249b21e63c52176a237d77dbc2c3a6b2f0a9faf8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
top100.js
st.top100.ru/top100/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
f7a8ea10aa7f4c6489430c8b5b6a56fe48602447ec0791b45606474e06d0f2c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 09:50:41 GMT
server
nginx/1.19.4
etag
W/"61c1a371-31cb4"
vary
Accept-Encoding
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=3600
content-type
application/javascript
expires
Sun, 02 Jan 2022 14:11:40 GMT
1640363258595486989.png
img.championat.com/brand/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/brand/1640363258595486989.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
34fb3561d2318b388dcf585105f30691852f3779b65e08c5ce422ace5efe1c39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:40 GMT
X-Balancer
kr-lb03.lb.rambler.tech
Last-Modified
Fri, 24 Dec 2021 16:27:38 GMT
Server
nginx/1.21.3
ETag
"61c5f4fa-af0c"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Upstream
10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
44812
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
X-Upstream-Status
200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
16079464721005433586.png
img.championat.com/brand/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/brand/16079464721005433586.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
7a07a05265c72a40584a7977578e14a43ba517ea0a58c6d1ed5b59bc5a24a8a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:40 GMT
X-Balancer
kr-lb03.lb.rambler.tech
Last-Modified
Mon, 14 Dec 2020 11:47:52 GMT
Server
nginx/1.21.3
ETag
"5fd750e8-e23"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Upstream
10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
3619
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
X-Upstream-Status
200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
16291972661429086059.png
img.championat.com/brand/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/brand/16291972661429086059.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
3e10f66065fad2dacd31daafde87f167fec51fe361d7558fe5891d250dd3e311

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:40 GMT
X-Balancer
kr-lb03.lb.rambler.tech
Last-Modified
Tue, 17 Aug 2021 10:47:46 GMT
Server
nginx/1.21.3
ETag
"611b93d2-683"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Upstream
10.144.40.11:80 : 10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
1667
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
X-Upstream-Status
404 : 200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1608833560414676486.png
img.championat.com/brand/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/brand/1608833560414676486.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
859ffa6647516c0fd079253b4aefcad43f0298fe303ab1d8be8ae64eefea9c6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:40 GMT
X-Balancer
kr-lb03.lb.rambler.tech
Last-Modified
Thu, 24 Dec 2020 18:12:40 GMT
Server
nginx/1.21.3
ETag
"5fe4da18-7945"
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Upstream
10.144.40.11:80 : 10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
31045
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
X-Upstream-Status
404 : 200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
407025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
386254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:39:34 GMT
x-content-type-options
nosniff
age
372726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:39:34 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:23:17 GMT
x-content-type-options
nosniff
age
438503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 11:23:17 GMT
saved_resource.html
ugt7s7.ru/css/ Frame 058D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa33403ce1e62335f928800168be1aacaa387820009d2208a6750b0db404d06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TetaXFKy%2BuYDVZuPkYC09XKTQqOBGWv2bo7T6hpx5BsSwQzNtA2KUYuiPT1y5rJLpNp55e9%2BKumE7GpGDdBbkPjHR8oe0xSy2Rw9xjv3p7Yc8dvXkZQ4nZnsrNQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c10487bd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
embed.min.js
api.rnet.plus//Scripts/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.rnet.plus//Scripts/embed.min.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.110.56.134 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
static.rnet.plus
Software
openresty/1.19.9.1 / ASP.NET
Resource Hash
dea1e5288ed99f478e4666d59028dc6e2a81ebff156844c3a7c47bff17088271
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2019 14:25:50 GMT
server
openresty/1.19.9.1
x-powered-by
ASP.NET
etag
W/"b585182097f3d41:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
file.html
ugt7s7.ru/css/ Frame 3B3F 		19 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/file.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9500962e87d29b77ca82039925092432f738c1e68e68f5cb1aa7bffeb446d734

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Brhr8irdCFyrMgdNqRdYeuzhOQmRlC2nMOZmrmzfWFgtBvrZZDU1qDD35EVnB1pqmTEAqmKO1IOuerv%2Bb4RM9T%2BEaPiQiThBNd0o27RkB03HQW%2FTbqF6N5c7t4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c104887d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ad025bfdd3e63bb89713eebf6c849e0d651babd48b4aa85a335496224e7e22b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		126 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
373102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:33:18 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 20:39:33 GMT
x-content-type-options
nosniff
age
318727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 20:39:33 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 15:40:00 GMT
x-content-type-options
nosniff
age
336700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 15:40:00 GMT
truncated
/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0de968b72b77d0eac9b83b057675ad39731d99d3d133b998fd46fbedc8bcf9c

Request headers

Referer
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
application/font-woff
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 20:14:30 GMT
x-content-type-options
nosniff
age
320230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 20:14:30 GMT
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 20:07:40 GMT
x-content-type-options
nosniff
age
320640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 20:07:40 GMT
KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:38:38 GMT
x-content-type-options
nosniff
age
196382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12692
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 06:38:38 GMT
KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic0CsTKlA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f7fc8533714e8196ff254ba2d574b7be8e2921a61cf86ccf44438edd8eb25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:00:46 GMT
x-content-type-options
nosniff
age
439854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12584
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 11:00:46 GMT
saved_resource(1).html
ugt7s7.ru/css/ Frame 76C2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource(1).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb0255125a103007051bc4d9fc2dfa5104bdcdb878c8fa5d6a5a6c7a9f04322

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiMCq0%2F528c7WvPinXT5Hrh8%2BqZ0idHOL7Cw4l0WnIe0xc%2BWqwduWyFqaZ8rD3OBLdAjtJNiKaUNBAbJsTWgpIf5VUKjLFliV54wYT2uZUlCjI1d9U6Q9z%2FOGYg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c111a11d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
579625690f97110fef5f.js
yastatic.net/partner-code-bundles/51484/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/51484/579625690f97110fef5f.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b94fab3bac24c7ed4b445ff76243c9eeb8c1c3516984cc62b9365c39c39c2098
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4456
last-modified
Mon, 27 Dec 2021 15:48:44 GMT
server
nginx/1.17.9
etag
"671c0a58204bd1eba08bd21ba5f1db5f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2052 19:47:41 GMT
1f1a65e05ba66585a076.js
yastatic.net/partner-code-bundles/51484/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/51484/1f1a65e05ba66585a076.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e6d8e21a76f073ba5b66ec29a675587cd809144ef66a9f18e0d5d7532aedaf53
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17070
last-modified
Mon, 27 Dec 2021 15:48:44 GMT
server
nginx/1.17.9
etag
"cb7e25ef46fe8f375e0b2ab17b002588"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2052 19:47:41 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2052 19:44:19 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b8419a5d46a1a7d4c9ce128a07a63ecac483c5fcea1950694cfae290b49eb63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		536 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6ce5befa3b0ca1acf61319ff2e477a7ce5d652313bc323a1b06612f4e4a3d40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb4c67203f9888a8d46287c8f8ad00c3f4285034b480d69277796caa4ae569f6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 06:44:49 GMT
x-content-type-options
nosniff
age
196012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 31 Dec 2022 06:44:49 GMT
KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:01:51 GMT
x-content-type-options
nosniff
age
396590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5580
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 23:01:51 GMT
188282
an.yandex.ru/meta/ 		27 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/188282?target-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&pcode-test-ids=483201%2C0%2C47%3B466940%2C0%2C27%3B462894%2C0%2C41%3B481684%2C0%2C3%3B452125%2C0%2C20%3B483267%2C0%2C75%3B462728%2C0%2C99%3B477460%2C0%2C17%3B478733%2C0%2C19%3B482094%2C0%2C88%3B474276%2C0%2C92%3B483938%2C0%2C63%3B466679%2C0%2C10%3B483562%2C0%2C44%3B437233%2C0%2C-1%3B203222%2C0%2C59%3B478381%2C0%2C83%3B473705%2C0%2C8&pcode-flags-map=eJyNVtty4jgQ%2FReeyZYt3%2BdNtgXWri15ZTlAUikVSVy7qWIgRUhqZ6bm37flS8CGMZMHwIpPd%2Bv00Wn9mBCGw5SoiMckKtQioZKktJCTL%2Fc%2FJh%2FrzXs1%2BTKRoiST6eRQvR3oMzzbKDCcYPLzYTqJaVHjYzLDZSqVTEhGFMlyuVJxKbCknF2N5Vl1rIzEFKsZhXAhlYAlKheUCwqxZjiSXPQiGX8Y%2Bs88i2bX0W55WkIpYSklZwozmp0X02z%2BLIBXBygZnXEBqN%2BBNGxECWZzIDOl0V9AheDlPFEpn9OoFwP2ApV0pXV77MW0kIdQHbNt0G0etE0ap9M2vcA8BR5ZhfZSmaisIPpREqFKFsMnDmPFWbq6EtixUcMstAa2F%2FEsTwn0KCRAE7QKFouEX2XLRb7jNB3CBZDD5oosczVLMfwYlqzkKj9TgYJ8ILiCChJ3Shmv3bNc0%2FpFzivJeoHNYVTk1lHpnGkKBjUpynCeX6ksMO0jG4Vsek1EMZSq7Zueb%2FSwvmV7fo3NtTJUdxZvaUw4JNctCnkns7jMQZbnZ6D673UQNTDcUwG1as0xI2mjICwEX%2FT7DCWvFgkR5BexcDzjS5WJCKoraEhTzTBErY%2FKaD3IsyyjO5Apx1qxWgA461F72L9XPZjO3cBA70UhNCEDzHmuT9CsTNMalRMRESb1KQapSHyKrx3I7Ivb8ZoNd4aoYzQ20ju495Pv1RZywydqv27%2BWW821f4bPD6%2BbDaPu%2FX%2BGX7%2Fu9u%2FfN9tD%2BtN78GwTB8W1s%2Fr18PLRxXttm9AwdNht4fVr7vnar%2FF7f9g4XX3dqj20Xq%2Fe3%2BrNqe449Lb1%2FX%2BoA4vm2rycHlPQoYqxIzpDsDRKUa5PMKSENRx%2Bq6NTMe6%2FO5FnYQglQXrx7g3Xd9F3hQ5MIsc%2BPJ935xajm36%2FhRZgWPpL8fw3Clybdu2pshApmF0r1hG4LoA94wAWgj5bdt%2FGJxMw2xrUgUhTPGwIGKwlUm1XT9uqr53uyhoRsiMLsEOmvYrQbTbjnJmuX5gd0iVgWITQueJVEyOC9d2rNb1c15oZwcXi8g4xIcR00D0u517xJfV2gjottofXp5qJTYLyak4f0dkl%2FV6lHUR98V3rPKOMAQcao%2BdM4VM9bcFfklyZY1u00EoaKw%2FwjCPC%2FCwFN%2BtlHYSBXeC%2BThLnuE7XssSASdU%2BgxQllJ2BYeCFlckOOYLJTiXiudk3Hw9N0BNtSle8RLsg97pab0ct2zTN9rRXApwfEYWqnHKK06PWoXr2dO6fcIZWeW6VqaKDIMLtg44PsdcN7CNz1h%2FloWsTVrLmMC06BcCs3d4JWhln%2FF61ugNaAcuIkGuMOaDD7RYsFva2NMVRZioGbmwPyE7R7s0dGtLvHlcb7fV%2FqaTrvowhzS63uekkTyHy2ZEisHdYTifwLuQf1KF5GWUKAbjmsO4zsZV4tluQ3bEGdQtle5Tz2wkVzjGuaS3fZ0%2BHTb9UD6M10ZwRAsm5FjEIAJB7ziTGGZg3MNvqvVzf%2FfIaHsX8ZLViZeJGM8JM909NSvYRQGKOrtuDYEwna2GsxUGL10qUaqYZxh8EtxLChoO4PvNQKRue1GvL0xDK3dMG6TUT%2Bi4qCNa6jy1Y%2BihPu7jHqpZ%2Ffk%2FIfXtxw%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=jdUjRU1OViXKczlG32aUPO7%2BxH%2BJsmKbxPDfs6puEUgG11lz7Q2%2BEV%2FzrUIPfN4TyyZ8yCmQKjLBriIxDSPvVPYMvUQ%3D&imp-id=16&partner-stat-id=15&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=156182190751746&ad-session-id=9129021641129100989&target-id=90500639&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fugt7s7.ru&top-ancestor-undetermined=0&pcode-version=51484&pcodever=51484&flash-ver=0&available-width=1050&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1050%2C%22h%22%3A0%2C%22width%22%3A1050%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A275%2C%22top%22%3A1116%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=996&grab=dE5o4buvbmcgxJFp4buBdSBi4bqhbiBj4bqnbiBiaeG6v3QgduG7gSBjw6EgY8aw4bujYyB0aOG7gyB0aGFvIGNobyBuZ8aw4budaSBt4bubaSBi4bqvdCDEkeG6p3UsIGPDoWNoIMSR4bq3dCBjxrDhu6NjIGNow61uaCB4w6FjIGNobyBuZ8aw4budaSBt4bubaSBi4bqvdCDEkeG6p3UsIG3hurlvIC0gR2nhuqNpIHbDtCDEkeG7i2NoCjFOaOG7r25nIMSRaeG7gXUgYuG6oW4gY-G6p24gYmnhur90IHbhu4EgY8OhIGPGsOG7o2MgdGjhu4MgdGhhbyBjaG8gbmfGsOG7nWkgbeG7m2kgYuG6r3QgxJHhuqd1LCBjw6FjaCDEkeG6t3QgY8aw4bujYyBjaMOtbmggeMOhYyBjaG8gbmfGsOG7nWkgbeG7m2kgYuG6r3QgxJHhuqd1LCBt4bq5byAKMkPDoWNoIGNo4buNbiBuaMOgIGPDoWkgY8OhIGPGsOG7o2MgCjJDw6FjaCBjaOG7jW4gdHLhuq1uIMSR4bqldSDEkeG7gyDEkeG6t3QgY8aw4bujYyAKMk5o4buvbmcgxJFp4buBdSBi4bqhbiBj4bqnbiBiaeG6v3QgduG7gSBjw6EgY8aw4bujYyB0aOG7gyB0aGFvOiB0aMOhaSDEkeG7mSDEkeG7kWkgduG7m2kgY-G7nSBi4bqhYyAKMkPDoWNoIHjDoWMgxJHhu4tuaCBuZ8OibiBow6BuZyB0csOyIGNoxqFpIMSR4buDIMSR4bq3dCBjxrDhu6NjIAoyQ8OhY2ggxJHhurd0IGPGsOG7o2MgY2jDrW5oIHjDoWMgY2hvIG5nxrDhu51pIG3hu5tpIGLhuq90IMSR4bqndSAKMkjDo3kgbGnhu4d0IGvDqiBjw6FjIG5ndXnDqm4gdOG6r2Mgc-G6vSBsw6BtIGdp4bqjbSBy4bunaSByby4gCg%3D%3D&uniformat=true&callback=Ya%5B8780682837811%5D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1641129101249864-1717863716998162374700243-production-app-host-vla-pcode-207
strict-transport-security
max-age=31536000
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT
949a63dc6b0357e0e5d2.js
yastatic.net/partner-code-bundles/51484/ 		625 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/51484/949a63dc6b0357e0e5d2.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
cfb2db441843afa6001a335972da84db30d9b2723d9772d338e00cfd2eea1507
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
130664
last-modified
Mon, 27 Dec 2021 15:48:44 GMT
server
nginx/1.17.9
etag
"cde9f784e36f20449c7baea330d04f59"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2052 19:47:41 GMT
bundle(1).js
ugt7s7.ru/css/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/bundle(1).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObgQ0Pb0kYemDPkAGztrD7pI82JR6s7EnYKD%2BxZlmdgfuBpinPN7vgFTVFaVK3LsuVL%2FA%2FkkVTbmiUWhyY9h7cXyw5Bke34%2FrGdnj8rjLiF4h%2BCT0r0Cem5x%2F9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6c743c11db33d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
api.min.js
ugt7s7.ru/css/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/api.min.js?callback=rPlus_embedCbFx
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/embed.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa877d70f417b15872e2be0a758a9836a777b207e043e3255508b09f010fa28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
314
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-2be5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URxC%2F%2BpesUE%2Fx9LhNtRmKr60GT4Xh%2F%2FY3dNCRinNl201TWajNHUkJRkpwwcKUjPKKkq1Z3CBq2%2BQJRXOMDBhKl8GzMJgiA2JRwskpqNu2s4rb7%2BX69m%2BD5yDhKM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c120b82d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:27 GMT
51662:10087
an.yandex.ru/mapuid/adfox/
Redirect Chain
  • https://an.yandex.ru/mapuid/adfox/51662%3A10087?jsredir=1
  • https://an.yandex.ru/mapuid/adfox/51662:10087?redir-setuniq=1&jsredir=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/51662:10087?redir-setuniq=1&jsredir=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adfox/51662:10087?redir-setuniq=1&jsredir=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT
sync2.204
profile.ssp.rambler.ru/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=51662%3A10087&pid=85&ruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
0bal2
server
nginx
date
Sun, 02 Jan 2022 13:11:41 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34cec36547d91551ff5b928d791d21254c2840d23276fb35e0258547745ab077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 16:09:09 GMT
x-content-type-options
nosniff
age
334952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5912
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 16:09:09 GMT
KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2
fonts.gstatic.com/s/roboto/v29/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TzBic1CsTKlA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,400;0,700;1,400;1,700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700&family=Rubik:wght@400;500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2786347f609a2dbd55d468e6cd090e172545608446832f89f4524424b09063ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 18:10:20 GMT
x-content-type-options
nosniff
age
414081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5924
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 18:10:20 GMT
usability.js
st.top100.ru/top100/1.25.11/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/1.25.11/usability.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
eb7317d29dfc9c043d03219d9042bdbb60afc6e49c43031891dd9d0beef9c110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
x-upstream-addr
10.136.28.29:80
age
3098
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime
-1
x-varnish-hostname
1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime
1
content-length
12003
x-amz-request-id
5efc1416-bfd9-439b-acf7-54a0dc874d29
x-upstream-connecttime
0
server
nginx/1.19.4
etag
"c8d7b34ce90804dd66c829b948a0296d"
vary
Accept, Origin
x-varnish
652388636 646475545
via
1.1 varnish (Varnish/6.1)
x-bytes-snd
0
accept-ranges
bytes
content-type
application/javascript
x-time
0
media.js
st.top100.ru/top100/1.25.11/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/1.25.11/media.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
e0c7c404948dc421969b3ff93d72478d8066a3f4026ed6a9d5da00974e8fd303

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
x-upstream-addr
10.128.18.23:80
age
2460
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime
-1
x-varnish-hostname
4aaf1f22a2f4990af6501c825af6cdc7
x-upstream-headertime
1
content-length
7563
x-amz-request-id
bca2fefc-3888-4347-bd96-9aecf010164f
x-upstream-connecttime
0
server
nginx/1.19.4
etag
"166eb50beb73e6407735d61c586aaf1e"
vary
Accept, Origin
x-varnish
477664608 462871112
via
1.1 varnish (Varnish/6.1)
x-bytes-snd
0
accept-ranges
bytes
content-type
application/javascript
x-time
0
userip
kraken.rambler.ru/ 		13 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://ugt7s7.ru
date
Sun, 02 Jan 2022 13:11:41 GMT
x-srv
1node0043.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
storage.html
ugt7s7.ru/css/ Frame A4C2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/storage.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0afdc3069bcc20b910d59cb9ec7e1656c9d3fa909989a32f26e001eb23f93ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwG4p772Ig81QPJFSMMuHCbTRfXhzYC%2BUs0%2ByKUUEk9B52Lz4QHHS76RaeP6mxKOsBDcU%2BDig7paxnTGbhOC2RVdd1aN%2Fq4vImWOpaUvoA8A8Q0x2TcnuM2DSoE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c12dd0fd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sandbox(1).html
ugt7s7.ru/css/ Frame ACD9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sandbox(1).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6b0b47625cceb65d36d7737a23784d7c91aee2e99e9c9bcf8676f234ee8aba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23qI96FYe6Pl1ByZ%2BQugNZysuVLxYBCTCTpxzy0Wmg9FdaUQuwOUicSnEK8V1lG%2BMPSX90bzanBM75DCs6d9RSG5XchfvmBf0NGtY0KoE7hZ%2Fh06gmg%2FAMFMXhI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c12dd13d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
gpt.js
ugt7s7.ru/css/ Frame 058D 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d08ad08f30c77f59e103a231a38d1e5f33a789a2f7eef05cb193ff8d6eb9ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-13993"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmaLdd5sZYCuqFrJVogKRB2liyTNSl43zHpL%2FECcW8JB%2FpVfXXAkp9ddgYdBWKGTwZF7VvsRJBwkLhVZwPQLA%2B1E%2F9UPsu7Bu08HrNGdbo%2B3rNdJKvXdVjpreC4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c131d6ad6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
pubads_impl_2021120601.js
ugt7s7.ru/css/ Frame 058D 		348 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/pubads_impl_2021120601.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-56ecf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USU06Y57ULK25KH3vM6qZgq%2B1ZbyLXNCkcO3gIFqDU8emzVYXjvboOkUlGJcA%2FvTsJ1T4BlHxd5Hlwd0rUmy57%2BcV4nT6I8%2BFMUPP0KZGI35HwCmmoY2y0byxi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c131d6dd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
f(5).txt
ugt7s7.ru/css/ Frame 058D 		107 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(5).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=up2%2FDRnjFJ4CytKasSL179pfoMK4jxearO%2FOBF2kIUNDBPxf6RDPGVmWBmZbVM6yuqzEa8fHfpfqaGI%2BYCahtskEJXi6cuTrumuGVzboy6W4EZ74FXxJa78DxgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
cf-ray
6c743c131d70d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
index(1).js
ugt7s7.ru/css/ Frame 3B3F 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/index(1).js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/file.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a4d8a0b69143cbe239c8f8323bc43e1bdaa1ae683b0a1d52f7aae30c07adac6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/file.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-136e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCeN7E0QwkHf%2FVr5PAnpY4v5l33PNG4x5SVCsvoIwGAs1aYpVCcJCIlLsnQ5JNVMRxObAOsFKaQ9TInduq10eUa9B1%2FvXgfEmlqmK59k2DbfoFOOlc1Lx%2BfQNjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c131d73d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
61b0d30bb4b32236109537.jpg
ugt7s7.ru/css/ Frame 3B3F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/61b0d30bb4b32236109537.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/file.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856fee986643a80d07e8de3cfadc5b1eee1b60d03a58489f0c252b3143dc8f51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/file.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43939
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"61cc5106-aba3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F%2BM8PqLnB9kGNPQPLphhRHQ5ogoG2qZHSXoM81E%2BxTavx5BcSkFVTRxxcmd9ArZo87GRf6iQ1x388dHXp3y81eZ155%2FDNXYbkXyRtwn3ti5iKH86sscCdLvF10%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c131d74d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
22561:18274
an.yandex.ru/mapuid/adfox/
Redirect Chain
  • https://an.yandex.ru/mapuid/adfox/22561%3A18274?jsredir=1
  • https://an.yandex.ru/mapuid/adfox/22561:18274?redir-setuniq=1&jsredir=1
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/22561:18274?redir-setuniq=1&jsredir=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adfox/22561:18274?redir-setuniq=1&jsredir=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT
sync2.204
profile.ssp.rambler.ru/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=22561%3A18274&pid=85&ruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
0bal2
server
nginx
date
Sun, 02 Jan 2022 13:11:41 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
gpt.js
ugt7s7.ru/css/ Frame 76C2 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d08ad08f30c77f59e103a231a38d1e5f33a789a2f7eef05cb193ff8d6eb9ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-13993"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxSwEgygm6f0fMxZMnEZLKPZCU3iZX9%2BB8yxdnvxa5A7Sj9Vf%2BJ%2FXi6%2FtZLyuCBeYDczOsSG6vByetGHz%2Bgafy7cWaBm6lAUdSIuJOWtiBXDN9ycJDOfl%2BqNx48%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c131d77d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
pubads_impl_2021120601.js
ugt7s7.ru/css/ Frame 76C2 		348 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/pubads_impl_2021120601.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-56ecf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PR%2FmNzO%2BAEDsMYDgcaSEWQ%2F62vfI7JpP7X6w36TRuTKP07W1CkqSLpXox%2FkDJ%2F9kL%2Fs4sE0uYJ7StqN2issJ2ZOxxzfJ1QFgClEWVzUb4Oo3HSqmY6aBhCx6HFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c131d78d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:31 GMT
f(5).txt
ugt7s7.ru/css/ Frame 76C2 		107 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(5).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCFs%2BhFrEhCah6UOmIer8dfgLrD3akozOazMmCi9Q58M6I5c%2F6q8%2BXNdNBwWyey1h2K3KKFgAm2NqNzo%2BImGxpDbToWQYMQN1FavYSvF8Np7FA%2B%2FyTgSc919GrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
cf-ray
6c743c131d79d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
storage.html
id.rambler.ru/rambler-id-helper/1.5.26/ Frame 84C3 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/rambler-id-helper/1.5.26/storage.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/auth_events.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 /
Resource Hash
e7e91241475a34cc797af5ba181a15165cc8bc78e8dc6effaf6bdf440403f92d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
X-Content-Security-Policy default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html
x-amz-request-id
43377ba4-3d88-4a1f-8ee8-39dc32991e29
etag
W/"cd9cbf0732ea13b60f391d71e7071431"
cache-control
max-age=1209600, public
vary
Accept, Origin
x-varnish
476994197 475445028
age
1821
via
1.1 varnish (Varnish/6.1)
x-varnish-hostname
4aaf1f22a2f4990af6501c825af6cdc7
x-bytes-rcv
0
x-bytes-snd
0
x-time
0
x-upstream-addr
10.128.18.23:80
x-upstream-connecttime
1
x-upstream-headertime
0
x-upstream-responsetime
-1
content-security-policy
default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
x-content-security-policy
default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
p3p
CP="CAO PSA OUR" CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding
gzip
render.html
ugt7s7.ru/css/ Frame C60B 		25 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/render.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78479eacb8dffc6a7b10ee7107fbe18b6a5716efb5fa957084bfc4cc52b720ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62lD5BzMM6Ojcrgphk12ex2JZBYtcGEmfsxydrTqrOnAjpu6mlcQpjHEeWSjqwYNxTFgKN4alo0QECzGYaZSmxXmEcjegO1USwOyffdr2lFbNNYW6SB%2F4mTyYlA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c132d8bd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
saved_resource(2).html
ugt7s7.ru/css/ Frame 0883 		292 B
690 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource(2).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643d572b967cbb79e42fc8c4723791b6b4fc33e7e6c4177371c33b50f199d8dc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQtR2EFUpvJQIstoPjIPW5Q6wsjaVTqhFoLuEduHY9gLGKTCgez3sKcoVzV72LrwqU6sudjIp1SRjpZkmX2hYQvJTu5J1j7ITsDOVSQlBjHKXhWgQiHS9rd9%2BD8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c132d8fd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
getRsidx
id.rambler.ru/api/v3/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ugt7s7.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
application/json
content-length
199
x-content-type-options
nosniff
access-control-allow-methods
POST
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
access-control-expose-headers
x-server-response-signature
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
getInfo
id.rambler.ru/api/v3/profile/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/profile/getInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ugt7s7.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
application/json
content-length
199
x-content-type-options
nosniff
access-control-allow-methods
POST
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
access-control-expose-headers
x-server-response-signature
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
getRsidx
id.rambler.ru/api/v3/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ugt7s7.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
application/json
content-length
200
x-content-type-options
nosniff
access-control-allow-methods
POST
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
access-control-expose-headers
x-server-response-signature
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
icons.svg
ugt7s7.ru/static/i/svg/ 		196 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/static/i/svg/icons.svg?1639650712802
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jI%2FkuT4JKoynxZNYcNvDvjZu6ykoWGNiUzi03yh2a%2FeNyH1KPZRZe3OyCgP3NA0ArrQHnh28y1KqaKXVO1t1VLUfssh3gXsEhGJeKvT5hU0gBuG9gB7fyPRLjc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6c743c132d90d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
comments-count
c.rambler.ru/api/app/5/ 		625 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.rambler.ru/api/app/5/comments-count?xid=news_4559605&xid=news_4559567&xid=news_4559613&xid=news_4559555&xid=news_4559455&xid=news_4559593&xid=news_4559441&xid=news_4558833&xid=news_4558207&xid=news_4558189&xid=news_4559459&xid=news_4558199&xid=news_4559613&xid=news_4559441&xid=news_4559571&xid=article_4056685&xid=article_4056685&xid=article_4056685&xid=news_4559605&xid=news_4559571&xid=news_4559567&xid=news_4559565&xid=news_4559613&xid=news_4559555&xid=news_4559459&xid=news_4559455&xid=news_4559593&xid=news_4559453&xid=news_4559449&xid=news_4559441&xid=news_4558875&xid=news_4558833&xid=news_4558207&xid=news_4558189&xid=news_4558823&xid=news_4558199&xid=news_4558187&xid=news_4558195&xid=news_4554649&xid=news_4558181&xid=news_4558167&xid=news_4558175&xid=news_4558149&xid=news_4558163&xid=news_4556913&xid=news_4558039&xid=news_4557241&xid=news_4557231&xid=news_4556919&xid=news_4557233&xid=news_4556927&xid=news_4557249&xid=news_4557209
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.82.95 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
d0740d7aaa9efdb636f85313593461e60280263f69fd956e29e0c01a2d32b036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
server
nginx
x-api-version
0.72.0
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-backends
comments_upstream_water
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 11:38:13 GMT
x-content-type-options
nosniff
age
5608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 02 Jan 2023 11:38:13 GMT
16196193011100987106.png
img.championat.com/brand/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.championat.com/brand/16196193011100987106.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.86.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
championat.com
Software
nginx/1.21.3 /
Resource Hash
65694a3608a1a8018a3b9a5f5949b34d506042d588de1f52e2c4012e9b809334

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:41 GMT
Last-Modified
Wed, 28 Apr 2021 14:15:01 GMT
Server
nginx/1.21.3
ETag
"60896de5-ace"
Content-Type
image/png
X-Upstream
10.136.24.32:80
Cache-Control
max-age=315360000, public
Content-Length
2766
Connection
keep-alive
Accept-Ranges
bytes
X-Balancer
kr-lb03.lb.rambler.tech
X-Upstream-Status
200
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
ugt7s7.ru/live/now/ 		196 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/live/now/
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eysb3aL0WwWLeIKlfUlTlXysSQXXGiqMONXNa3IG4tEvBM23hFUic0juFnmIHxWBLIZSO5PLVD87YXn49buOOy774sFFr8Fpuc2bfXxxMBxfwkuNlU6iiKGHMx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
6c743c135ddcd6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
4056685
ugt7s7.ru/counter/set/news/ 		196 B
680 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/counter/set/news/4056685
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoftejPT7hKJLoOAXdjsXQDlgrGLxnyMp2vfvPJHyiCGYuXLysMFreJQv0BFqywXZ7V4WMaljbUt0W2bl%2BPYzSFZmo2%2Fpz%2Fnw1lyNeROzMoZC6V1uH7nges5gIg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
6c743c136df9d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sdk.js
comments.rambler.ru/widget/v3/ 		162 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comments.rambler.ru/widget/v3/sdk.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.82.95 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4840dc681695df24a6300b26e0574ecd3cb69b2084d8e8fd8a626303fd0ea576
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.rambler.ru https://rambler.ru wss://*.rambler.ru https://loyalty.rambler-co.ru https://api-loyalty.rambler-co.ru https://api-loyalty-stage.rambler-co.ru https://ontd.ru https://ads.adfox.ru https://www.google-analytics.com https://www.tns-counter.ru https://st.top100.ru https://fonts.googleapis.com https://fonts.gstatic.com https://yandex.st https://yandex.net https://yastatic.net https://yandex.ru https://yandexadexchange.net https://*.yandex.st https://*.yandex.ru https://*.yandex.net https://*.yastatic.net https://*.yandexadexchange.net https://criteo.com https://*.criteo.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://dsp-rambler.ru https://pagead2.googlesyndication.com https://*.doubleclick.net https://*.doubleclick.com https://*.googlesyndication.com https://*.google.com https://*.google.ru https://*.googleanalytics.com https://*.googleapis.com https://*.googlevideo.com https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.tpcsyndication.com https://*.2mdn.net https://*.gstatic.com https://*.youtube.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data: ; font-src 'self' https: data: ; report-uri /csp-report;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-srv-addr
10.132.106.77:8080
last-modified
Tue, 23 Nov 2021 19:22:54 GMT
server
nginx
etag
W/"619d3f8e-289cb"
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding
br
cache-control
public,max-age=300
content-security-policy
default-src 'self' https://*.rambler.ru https://rambler.ru wss://*.rambler.ru https://loyalty.rambler-co.ru https://api-loyalty.rambler-co.ru https://api-loyalty-stage.rambler-co.ru https://ontd.ru https://ads.adfox.ru https://www.google-analytics.com https://www.tns-counter.ru https://st.top100.ru https://fonts.googleapis.com https://fonts.gstatic.com https://yandex.st https://yandex.net https://yastatic.net https://yandex.ru https://yandexadexchange.net https://*.yandex.st https://*.yandex.ru https://*.yandex.net https://*.yastatic.net https://*.yandexadexchange.net https://criteo.com https://*.criteo.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://dsp-rambler.ru https://pagead2.googlesyndication.com https://*.doubleclick.net https://*.doubleclick.com https://*.googlesyndication.com https://*.google.com https://*.google.ru https://*.googleanalytics.com https://*.googleapis.com https://*.googlevideo.com https://*.googleadservices.com https://*.googletagservices.com https://*.googletagmanager.com https://*.tpcsyndication.com https://*.2mdn.net https://*.gstatic.com https://*.youtube.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' https: data: ; font-src 'self' https: data: ; report-uri /csp-report;
content-type
application/javascript
whome.html
ugt7s7.ru/ 		550 KB
98 KB 		Manifest
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/whome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f46c2af5260815461be10e868c09a724c3fd69e469d210d2b8aa1608dc6b151

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=covPxczrDRgyAOlJ9Vmfl03UPSkSt1IoH%2B2CJDqH9XzWZFuTOtMYNLWqA6SIHu39P0Ijvk4dXBf3AqYcK4xcNMQwbIgDkeclW4Bigg99e5QjTCss3HCwLbtqkM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-ray
6c743c13c99a331c-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
getRsidx
id.rambler.ru/api/v3/session/ 		740 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
901a68f229867f3c87785a705e43010174e68f8e1e8a51f9269042275996e1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
nginx/1.21.0
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-server-response-signature
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
content-length
740
userip
kraken.rambler.ru/ 		13 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://ugt7s7.ru
date
Sun, 02 Jan 2022 13:11:41 GMT
x-srv
1node0043.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
/
ugt7s7.ru/wstoken/ 		196 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/wstoken/
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTpzApbuLO%2FTSlx7SyIcHWTFE%2FnUU7LjT6M4BXLwgvVaLCxuoZxNuVZPWDqEK78jTJzlSnBV6Dahi704zqLFFETTkStLETgxabrulhzuF4UKGqTFxhzwTgrGloQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
6c743c138e32d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sdk.js
loyalty.rambler-co.ru/profile/ 		153 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loyalty.rambler-co.ru/profile/sdk.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.82.74 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
loyalty.rambler-co.ru
Software
nginx /
Resource Hash
c59edf97034f2a96fc56fa27bb9208e1dd00e586263bde35a2a84797790d7f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sun, 02 Jan 2022 13:11:41 GMT
via
1.1 varnish (Varnish/6.1)
x-upstream-addr
10.136.28.29:80
age
170
x-upstream-responsetime
-5
x-varnish-hostname
1b57bbd3bcf9b7a988d53aa4ba029c05
x-upstream-headertime
0
content-encoding
br
x-amz-request-id
758dae59-d457-4e2e-a40a-fae0d48ef71c
x-upstream-connecttime
1
server
nginx
etag
W/"203f418e689614f1e64a835dd89b2c88"
vary
Accept, Origin
x-varnish
653428611 651711248
cache-control
max-age=300, public
x-bytes-snd
0
content-type
application/javascript
x-time
-4
sdk.js
loyalty.rambler-co.ru/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loyalty.rambler-co.ru/sdk/sdk.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.82.74 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
loyalty.rambler-co.ru
Software
nginx /
Resource Hash
1cf294cf6c76ba0eebcb764f18bb0468e4f9f6b527c0f8c14d124fa3e2c47b34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sun, 02 Jan 2022 13:11:41 GMT
via
1.1 varnish (Varnish/6.1)
x-upstream-addr
10.128.12.52:80
age
3465
x-upstream-responsetime
-5
x-varnish-hostname
5hkou6eigfeid4joyieqhaejuachoh0aq
x-upstream-headertime
1
content-encoding
br
x-amz-request-id
5f63f16c-0512-40d2-8352-89bf959618d0
x-upstream-connecttime
0
server
nginx
etag
W/"0610a36aa0ff45606764474f6b403443"
vary
Accept, Origin
x-varnish
751030275 764873218
cache-control
max-age=300, public
x-bytes-snd
0
content-type
application/javascript
x-time
-4
auth_events.js
id.rambler.ru/rambler-id-helper/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/rambler-id-helper/auth_events.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sdk(1).js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 /
Resource Hash
fe8d52e5f35b18fe36309545b7ae1bb614faa6166cf85aa96b8a3553317f38e0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
X-Content-Security-Policy default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sun, 02 Jan 2022 13:11:41 GMT
via
1.1 varnish (Varnish/6.1)
x-upstream-addr
10.144.27.51:80
age
1845
p3p
CP="CAO PSA OUR", CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime
-1
x-varnish-hostname
ahkou6eigheid4joyieghaej3achoh9ai
x-upstream-headertime
0
content-encoding
gzip
x-amz-request-id
d84fafe0-870a-4b8a-ba63-b0567056d1a9
x-upstream-connecttime
1
server
nginx/1.21.0
etag
W/"b7c3e987d20c4b6ba9e7fdd40b981f81"
vary
Accept, Origin
x-varnish
1040493223 1039113621
cache-control
max-age=300, public
x-bytes-snd
0
content-security-policy
default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
content-type
application/javascript
x-time
0
x-content-security-policy
default-src 'self'; img-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'none'; font-src 'none'; child-src 'self'; media-src 'none'; object-src 'none'; form-action 'self'; connect-src 'none'; report-uri /csp-report;
recommender.js
rcmjs.rambler.ru/static/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rcmjs.rambler.ru/static/recommender.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.149.54 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
rcm.rambler.ru
Software
nginx /
Resource Hash
fc0202d59436339ba688fdbd48ebf86cf65bb66d4a3507e7697d34bff093d907
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Mon, 20 Dec 2021 09:46:52 GMT
server
nginx
etag
W/"61c0510c-5952"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=3600, must-revalidate
x-passed
1bal2
content-type
application/javascript
getInfo
id.rambler.ru/api/v3/profile/ 		744 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/profile/getInfo
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/auth_events.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
789781aafb1f981f1a4c80d09fcc466026438b6a2482956ce44c418d04f687f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
nginx/1.21.0
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-server-response-signature
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
content-length
744
widget.js
developers.rambler.ru/likes/v1/ 		129 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://developers.rambler.ru/likes/v1/widget.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/_script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.89.27 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
stage-developers.rambler.ru
Software
nginx /
Resource Hash
451a7009759f8faf72dfcf8b211e44ec94cba5fa6835f9413c3948d48e4d0bd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 15:11:39 GMT
server
nginx
etag
"61af79ab-b9f6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public
content-length
47606
getRsidx
id.rambler.ru/api/v3/session/ 		740 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/auth_events.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
30b93a7fb0e296dc127e767121e011beb38e57b592d3b7a5176d5574760d574b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
nginx/1.21.0
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-server-response-signature
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
content-length
740
api.min.js
api.rnet.plus//Scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.rnet.plus//Scripts/api.min.js?callback=rPlus_embedCbFx
Requested by
Host: api.rnet.plus
URL: https://api.rnet.plus//Scripts/embed.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.110.56.134 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
static.rnet.plus
Software
openresty/1.19.9.1 / ASP.NET
Resource Hash
baa877d70f417b15872e2be0a758a9836a777b207e043e3255508b09f010fa28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:40 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 13:26:38 GMT
server
openresty/1.19.9.1
x-powered-by
ASP.NET
etag
W/"b851faf6fa31d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
index.js
dsp-rambler.ru/tpl/Image/2.12.0/ Frame 3B3F 		78 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-rambler.ru/tpl/Image/2.12.0/index.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/file.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.113 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
dsp-rambler.ru
Software
nginx /
Resource Hash
3a4d8a0b69143cbe239c8f8323bc43e1bdaa1ae683b0a1d52f7aae30c07adac6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:32:51 GMT
server
nginx
etag
W/"61c34523-136e8"
content-type
application/x-javascript; charset=utf8
cache-control
max-age=60
x-passed
1bal2
access-control-allow-headers
DNT
expires
Sun, 02 Jan 2022 13:12:41 GMT
index.js
dsp-rambler.ru/tpl/Image/2.12.0/ 		78 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp-rambler.ru/tpl/Image/2.12.0/index.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/file.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.113 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
dsp-rambler.ru
Software
nginx /
Resource Hash
3a4d8a0b69143cbe239c8f8323bc43e1bdaa1ae683b0a1d52f7aae30c07adac6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 15:32:51 GMT
server
nginx
etag
W/"61c34523-136e8"
content-type
application/x-javascript; charset=utf8
cache-control
max-age=60
x-passed
1bal2
access-control-allow-headers
DNT
expires
Sun, 02 Jan 2022 13:12:41 GMT
championat.com.769474.es6.js
jsc.lentainform.com/c/h/ 		176 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.lentainform.com/c/h/championat.com.769474.es6.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/championat.com.769474.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c2baebf9307a81c5fe9346c79d5f8e01e7544eea68f74c38b9796ae20cdca0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
age
2059
last-modified
Mon, 20 Dec 2021 14:17:55 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
9THGW5P34YE2T8GQ
x-amz-id-2
JogySYpAyVygnaVfttNZOd5991w2lHGYBU20qIcrwe48y7FDlkEuUIUFiPmuNqkv/6eOs8mY70U=
cf-bgj
minify
server
cloudflare
etag
W/"4e5ba24f3a36ad4f4f60875261d00777"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c743c13f9a2695e-FRA
expires
Sun, 02 Jan 2022 16:11:41 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 76C2 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:41 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 058D 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:41 GMT
Data
api.rnet.plus//Block/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.rnet.plus//Block/Data?ids=445&screen=1600x1200&userId=2091793b-9143-c14c-1c29-35cfc03ce407&rp=null&abp=0&xref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&callback=rPlus_onBlocksDataLoadedCallback
Requested by
Host: api.rnet.plus
URL: https://api.rnet.plus//Scripts/embed.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.110.56.134 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
static.rnet.plus
Software
openresty/1.19.9.1 / ASP.NET
Resource Hash
ca3bc02a526e39502f162a42a1d720ba2f593a31b60353de1ce62b5d65abe67f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:40 GMT
x-aspnetmvc-version
5.2
server
openresty/1.19.9.1
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store
content-length
1499
expires
-1
userip
kraken.rambler.ru/ 		13 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://ugt7s7.ru
date
Sun, 02 Jan 2022 13:11:41 GMT
x-srv
1node0043.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
userip
kraken.rambler.ru/ 		13 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://ugt7s7.ru
date
Sun, 02 Jan 2022 13:11:41 GMT
x-srv
1node0043.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
getid
ugt7s7.ru/css/ Frame ACD9 		37 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/getid
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6140c5e5def9ed020641499e57484d7ccfde5616e0aa4ad7af65cfa35a8af3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/sandbox(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"25-5d447df6904c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5zis3xYBoQO7WC4N2IjrHL13pthcxnF6zpNEW4vCFLh6J3COhb%2FvK9MWzKn4ftadwx10qYJDGIyp%2BPaPrdT30ZpjNTe1qMrR7JBGYe5ltXPx6LfCc7SX6HU2%2B8%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c145f71d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
37
index.js
ugt7s7.ru/css/ Frame ACD9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/index.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d57892ed4ad0cc9171a682cbd0b60ff3636da26b294fa7a8159406f20e54f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/sandbox(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaGoYmPCr78ng%2FIgA7gpL9J4HxUUg4J7LLOkmtskbXSLYTMwvxBP52olWpC8%2Fvg4%2FZGbl%2FYJ1tAxeKGTCNRP3PRuNfShc9NtOxUmcq6th4YLh1Sn3hMkmJ9bZvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c145f74d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:35 GMT
capirs_async.js
ugt7s7.ru/css/ Frame ACD9 		578 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/capirs_async.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43e2c60c1c7c0ac47463df85db69c8a8eddf2ef65c884f98eaa327a0aa635a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/sandbox(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
325
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-90893"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F64Q13jXQZoGFR3ZyCShM4p12gvnmtLoW%2Femtcd3Ui3N3oOWjKarn%2BkdX0OYihNNIrTZBh2j3r%2BKjsxmEWq3vqN95y9JPNNfOk1Mw8TPV5k6p4DLvkZCLhFJN7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c145f75d6c9-FRA
expires
Wed, 02 Feb 2022 13:06:16 GMT
/
kraken.rambler.ru/cnt/ 		595 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&pid=648840&rid=1641129101.186-1681459512&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=650565685&bs=1600x1200&ce=1&rf&en=1&pt=Nh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&ch=%5B%22CHAMP_BETS%22%2C%22CHAMP_BETS_STUDY%22%2C%22Nh%5Cu1eefng%20%5Cu0111i%5Cu1ec1u%20b%5Cu1ea1n%20c%5Cu1ea7n%20bi%5Cu1ebft%20v%5Cu1ec1%20c%5Cu00e1%20c%5Cu01b0%5Cu1ee3c%20th%5Cu1ec3%20thao%20cho%20ng%5Cu01b0%5Cu1eddi%20m%5Cu1edbi%20b%5Cu1eaft%20%5Cu0111%5Cu1ea7u%2C%20c%5Cu00e1ch%20%5Cu0111%5Cu1eb7t%20c%5Cu01b0%5Cu1ee3c%20ch%5Cu00ednh%20x%5Cu00e1c%20cho%20ng%5Cu01b0%5Cu1eddi%20m%5Cu1edbi%20b%5Cu1eaft%20%5Cu0111%5Cu1ea7u%2C%20m%5Cu1eb9o%20-%20Gi%5Cu1ea3i%20v%5Cu00f4%20%5Cu0111%5Cu1ecbch%22%5D&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&eid=5070291011947277&stid=295039877_1641129101187&sn=1&sen=1&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
1node0043.top100.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf...
167 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A711354631746%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A365896366%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Ads%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C1100%2C101%2C%2C%2C%2C1721%3Adsn%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C987%2C101%2C%2C%2C%2C1721%3Awv%3A2%3Aco%3A0%3Ast%3A1641129102&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
1f506cee127964acc6cf94344499a14250d611d67afa0c660e59304b67de4909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 02-Jan-2022 13:11:41 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
last-modified
Sun, 02-Jan-2022 13:11:41 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A711354631746%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A365896366%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Ads%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C1100%2C101%2C%2C%2C%2C1721%3Adsn%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C987%2C101%2C%2C%2C%2C1721%3Awv%3A2%3Aco%3A0%3Ast%3A1641129102&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:41 GMT
1
mc.yandex.ru/watch/188282/
Redirect Chain
  • https://mc.yandex.ru/watch/188282?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Au...
  • https://mc.yandex.ru/watch/188282/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3...
331 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/188282/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A915941007%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3ANh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
15278e4626abf5fe5a7a9a19c339b54f5c32aef245c51a7ac4bd7155e2efd5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 02-Jan-2022 13:11:41 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
last-modified
Sun, 02-Jan-2022 13:11:41 GMT
location
/watch/188282/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A915941007%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641129099569%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3ANh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:41 GMT
i-noref.js
cm.lentainform.com/ Frame 0883
Redirect Chain
  • https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196
  • https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196&sct=1
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196&sct=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(2).html
Protocol
H3
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c743c15dee968fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://cm.lentainform.com/i-noref.js?cbuster=1640706669457473104196&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c743c14bbbb695e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
f.txt
ugt7s7.ru/css/ Frame C60B 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f.txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-9421"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiNlWmiK4tAeN%2FXRirXT%2FIK0XXftdyM7v7vu9jfr4ZotdVaS2zePCYieJpnixiTdAj1ToI4U16g5Vy%2FfeyjSgBbnJGg7soJuAAr53CJCF2BuUowCJO1E1UBXyqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c14afe8d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
watch.js
ugt7s7.ru/css/ Frame C60B 		134 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/watch.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5207637a3fb149db62bc71874afc88d2df80af40c12e23676c3d3aa977497955

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-2163d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tjdKBHypdJDL1GTCanE63BaWtjkhxW6BtyufYzdV0N4tOT3d%2BuPxByi5mFka%2B2TXn7i%2Fifb2UjAnc%2FQQQCoWfzd%2BJwDMcFHUrm9VdAwYP6QrILYJsR%2FcAJG6No%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c14afebd6c9-FRA
expires
Wed, 02 Feb 2022 13:06:35 GMT
bundle.js
ugt7s7.ru/css/ Frame C60B 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/bundle.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
306
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-1a4f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGJS%2FvxB6F8AV385WzM2dRzKRtcBzpY71TomLnJwRY%2F%2BbQStz%2B2EAVYRT2C5orKUhDJ6yar0%2B63ROhduh9vELubClvJUrK%2FIpk9w84IxVM4t9YKMvtViri4zUFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
6c743c14afeed6c9-FRA
expires
Wed, 02 Feb 2022 13:06:35 GMT
f(1).txt
ugt7s7.ru/css/ Frame C60B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(1).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82522744a8e4d599774ae242d9acdaddde622f9ae287aceb6dc8f65e5105b236

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-b59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jGzhg37h4FHwBAyK7I7lHKdQV%2BQqFwkt1fIeZqnAChb2pdZgs0Tjw4BZClF1Zhnl9FdArf4ySn8%2Fsf%2FzMvnFvNuVw4DtQWl7uTVy4XthvCPjpuh299eqWq4wLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c14aff0d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
f(2).txt
ugt7s7.ru/css/ Frame C60B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(2).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85185cdaf8a279a0acb9ec47ae98cd047fbf65fce06ce64e10d861cc7ab92f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-b57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mq3BcQVtDhGlk0gZ%2BWd8ipj5U5iigmhePNA448UHAa6HPdeMmc8mSHsrNHD7R3LiczwV%2FJG3KsPC2jhcVTxLeuoAePO0mYdAPS%2B7fGspzL%2F2rP9Xu8sh%2Bk%2Bls1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c14aff1d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
f(3).txt
ugt7s7.ru/css/ Frame C60B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(3).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995020fea613b5c91983b993da4b7b8b92721ff98d86ca84abc13d7fda0ec945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-b31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45iQO3qJdtj%2BsKUb5fPDE6GhDoSJ1r4yeAMFGNyaIvjwY2n0f8oqEQbjLdXNO45VXHH3bYpgVC7f57QmU5R5rOR%2FSYUGuf7t7Xwxq6I9yhe6XtNWG1VH50qGt7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c14aff4d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
f(4).txt
ugt7s7.ru/css/ Frame C60B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/f(4).txt
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
023e848b9553976755e44ad4de54ec109556ed86ba408ed6833187e34b5ebc72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
W/"61cc5107-b31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xMdl7YF9Twrj%2BM%2FjLrIDJ9liKMN1GI6ewuOEtJ6zWtvaJo5DyK14n8gd8aMms8FnEBMWr45QbRxxLHEqANmVRJmtb6Es%2B5JCCbMQlfohMkw6aC3SAXGQjjCLeM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6c743c14aff7d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Wed, 02 Feb 2022 13:11:41 GMT
csp-report
id.rambler.ru/ Frame 84C3 		0
168 B 		Other
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/csp-report
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://id.rambler.ru/rambler-id-helper/1.5.26/storage.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
application/octet-stream
97002.js
smi2.ru/data/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/data/js/97002.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.198.132 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
ads5-3.sselp11.imcmdb.net
Software
nginx /
Resource Hash
b77edec431f49f9befd25654ad0812d86be9bda78090c782cb673c174b0ed453

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 02 Jan 2022 13:11:41 GMT
Content-Encoding
gzip
Last-Modified
Sunday, 02-Jan-2022 13:11:41 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
container(1).html
ugt7s7.ru/css/ Frame C157 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/container(1).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eded56040a88db06b19ec0904a6714a18078943b7febf190dcfb5860f3c089c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7C9rb%2F4KWWROhdHLZT8e%2BcbPDTorJGmP%2FqFyTN0zDqtqIypw5c2eGW5xsY5dIdAc8qG2rUwBneX%2Blbh7g28aPSGCJyQqTa6gjUa37imlic2YJs1T10L89%2Bi9jo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c15189cd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
saved_resource(4).html
ugt7s7.ru/css/ Frame 67FD 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource(4).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cdd56de7680fb9708ac5fb369cc17e91f84cc7cfa71f250d9ecb197ddf0b2d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mo%2FaEZMWnKmNOXSV5FQfY4unVdlxHaxEmXYnPPy48IoYHIX6KK%2B%2BK7tNzjucfUCVwPltIQq9JdkwWvVD%2F1fvzv1Mduo8HdtqE4pDifdZMmXDcwtrIq8v19BXjk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c15189fd6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aframe(1).html
ugt7s7.ru/css/ Frame D15A 		807 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/aframe(1).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78f04572f4a6b78d06725c92ac38e22f3796b1e4e73f728e267e715a1bd40f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource(1).html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukxlRezmtyIhFGrXQRm%2BmTv2mpyHJXxr9tNZdCQ5c%2FQ7poGT0gt%2Bowp2HOk8kKzieY0Qm4gPe5zeqrp7gCbMNmsHkcIqFGg48VZRG9M42OUTv2XiDIB6DaHE1zk%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c1518a1d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
container.html
ugt7s7.ru/css/ Frame 90A7 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/container.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eded56040a88db06b19ec0904a6714a18078943b7febf190dcfb5860f3c089c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVTsxqW7w6OHqw2HAY9YESpUfDTXhBzOlgbP%2FXBPS1bH0Po4JCEckTJZj%2Bvx5rJbzdGPnDQm6B4kcgWSsBQWaqdaWNVF9VVPBUE0SbWq%2FYZJjlRZ9Qm49EKYeY4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c1528c7d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
saved_resource(3).html
ugt7s7.ru/css/ Frame AFA2 		57 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/saved_resource(3).html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e4736fc4c67e7e13212fd832908b0191c4bdb933f873885bfd1ed53ebef23f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzfJzHWnW8vma1pxzTg3OFT%2Bes0fIlS%2BVW5Jymi41li7RFb24vHq5v89KUwYt2vEP9ZOEC6zha0IdbHxwqkNH0t4DvtSkLVCEB00cHsHlH%2B3aF8mZeYPsoqsVUs%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c1528c9d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
aframe.html
ugt7s7.ru/css/ Frame 6189 		807 B
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/aframe.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b78f04572f4a6b78d06725c92ac38e22f3796b1e4e73f728e267e715a1bd40f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/saved_resource.html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0RLykJO2n3jUeRZGwGwqZ2%2BoXX4%2ForPzDBPC3fJYTRKhp5T69F5UyWQpkgSYjRp6%2FpJP7vDvtdygr%2FL%2FakixTneUT48OIwRSwL1k9s%2F8P%2FxmqJBaNBBm0f5V%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c1538ced6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
capirs_async.js
ssp.rambler.ru/ Frame ACD9 		578 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/capirs_async.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
b43e2c60c1c7c0ac47463df85db69c8a8eddf2ef65c884f98eaa327a0aa635a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Thu, 16 Dec 2021 10:19:39 GMT
server
nginx
etag
W/"61bb12bb-90893"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=60
x-passed
0bal1
content-type
application/x-javascript
expires
Sun, 02 Jan 2022 13:12:41 GMT
watch.js
mc.yandex.ru/metrika/ Frame C60B 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
last-modified
Tue, 28 Dec 2021 12:05:22 GMT
etag
"61cad352-bd04"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48388
expires
Sun, 02 Jan 2022 14:11:41 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame C60B 		403 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5c6a848f385ff3230af5ea53f5656082254bdd9a460559c662250dbe080ada5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
getRsidx
id.rambler.ru/api/v3/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ugt7s7.ru
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.21.0
date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
application/json
content-length
199
x-content-type-options
nosniff
access-control-allow-methods
POST
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
access-control-expose-headers
x-server-response-signature
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
getRsidx
id.rambler.ru/api/v3/session/ 		739 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.rambler.ru/api/v3/session/getRsidx
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.78.89 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
id.rambler.ru
Software
nginx/1.21.0 / CAS-FastCGI2-Daemon
Resource Hash
9c48058bc6dd7a2652a38d9e510fc066024983cee0a663226d3ac2869ae67b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
nginx/1.21.0
x-powered-by
CAS-FastCGI2-Daemon
access-control-max-age
300
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-server-response-signature
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, X-Client-Request-Id, X-Request-Id, X-RID-Signature, X-Request-Signature
content-length
739
userip
ssp.rambler.ru/ Frame ACD9 		13 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:41 GMT
x-passed
0bal1
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
getid
ads.adfox.ru/ Frame ACD9 		38 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&lpdid=22561%3A18274&pr=1708041778
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cba06688454c4b504c7c8294249b21e63c52176a237d77dbc2c3a6b2f0a9faf8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
sandbox.html
ugt7s7.ru/css/ Frame 00AE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/sandbox.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a23af7407cce9df7b6e0419ac4e0b2d9802f964ebbb855545f719160c021693

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/css/sandbox(1).html

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImVvnLbLarAtUg%2F8618xo33FkPsA4hwf2gvLvhvtzx7DxCn8lfXQzQ6EKlunAt7NUgHjWI05bkvgRoNrH5D50PG04Ba6O%2F4OPEnTi1kiOwnHF95%2BE6yrzYT5y%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c743c158970d6c9-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
www.google.com/pagead/1p-user-list/947884341/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1640706670903&cv=9&fst=1640703600000&num=1&guid=ON&eid=376635470&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=2496254145&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.by/pagead/1p-user-list/947884341/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.by/pagead/1p-user-list/947884341/?random=1640706670903&cv=9&fst=1640703600000&num=1&guid=ON&eid=376635470&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=2496254145&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
53651%3A9863
an.yandex.ru/mapuid/adfox/ Frame ACD9 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/53651%3A9863?jsredir=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:41 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:41 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame C60B 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1640706670918&cv=9&fst=1640703600000&num=1&guid=ON&eid=376635470&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=358021680&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.by/pagead/1p-user-list/693627671/ Frame C60B 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.by/pagead/1p-user-list/693627671/?random=1640706670918&cv=9&fst=1640703600000&num=1&guid=ON&eid=376635470&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=358021680&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1640706670931&cv=9&fst=1640703600000&num=1&guid=ON&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=2913841898&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.by/pagead/1p-user-list/947884341/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.by/pagead/1p-user-list/947884341/?random=1640706670931&cv=9&fst=1640703600000&num=1&guid=ON&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=2913841898&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1640706670934&cv=9&fst=1640703600000&num=1&guid=ON&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=3816056326&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.by/pagead/1p-user-list/693627671/ Frame C60B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.by/pagead/1p-user-list/693627671/?random=1640706670934&cv=9&fst=1640703600000&num=1&guid=ON&u_h=900&u_w=1440&u_ah=900&u_aw=1440&u_cd=30&u_his=1&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.championat.com%2Fbets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&async=1&fmt=3&is_vtc=1&random=3816056326&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/render.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
share.php
vk.com/ 		29 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=742259435&url=%23bets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&callback=RS_vkontakteCounterCallback_742259435
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.109817
Resource Hash
53b7e7be97addf8dac497e15a81bfdb5af401d4c1246ddbcd9bf2b366b22ba4e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-frontend
front224006
server
kittenx
x-powered-by
KPHP/7.4.109817
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
49
share.php
vk.com/ 		29 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=306229814&url=%3Futm_source%3Dsocial%23bets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&callback=RS_vkontakteCounterCallback_306229814
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.109817
Resource Hash
7fc4b2211750b506a2e3dacad7d241a18dc11c30bdf0c12816290abc04acc99f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
gzip
x-frontend
front224006
server
kittenx
x-powered-by
KPHP/7.4.109817
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
49
likes
developers.rambler.ru/server/facebook/ 		435 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://developers.rambler.ru/server/facebook/likes?url=%3Futm_source%3Dsocial%23bets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html&fields=engagement&callback=RS_facebookCounterCallback_1725807510
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.89.27 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
stage-developers.rambler.ru
Software
nginx /
Resource Hash
69a9e17f60f539af96d72b23bacb57e087baf53caa1328b0a25448a55cd02525

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
application/javascript
61b0d30bb4b32236109537.jpg
ugt7s7.ru/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/61b0d30bb4b32236109537.jpg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FBVjvM9YEo%2BsIzkdC4CYm9jOi%2FWwYfcUSF3giVdelOapHuFtW4xR5wDQurN8kqvx0ZiH%2FwhahzUbdUExRMEfIXgrhruxm5ekuohe7sjID0eHC2%2FpTjNESsq3d0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6c743c169b64d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
dsp-rambler.ru/pixel/630779359/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-rambler.ru/pixel/630779359/?url=51vQXnoJdvUTeqCXRpoT3l7Pi8kjK9mnZ5oq*5F6ZUZPuVWjGrn9lWECW84DbcHMuuHuQZi7TehTusduwGigMVU8p4mtSQfK5-ByARie6KYFXDoOcHjohbW9D43*314nApZcgwF*Gq7REvEDGhU7xDQlsoY47WqeZEvc-e4LGqAa8HNQTcmqAZE1jHOG4n3EnoIE7MTC6-zJZVyWGHtnWHtOQ7UMya1j2KH9elaevf04MHxTt9I-u89d6wwLFEp4Xyx9zkjURxx6PSNuiiwjRnJS*J-BJ4BtbDY20pWWejiSeRwJ-V188CFnMK2cG*vRtFnKYVE26BoaIXXaXmjw0mRdZjrxtyr6LZtXoIMNC*9KCwaVlaxNnZxRBwByKd9SzImv7f2FA1i0vM3JFahZbvO*17vGXc8rcmlgdhpWQIHumC6fJ36OydM9q30tQBBMLssUTVodnBY1uSz3rvIYDvsEDwSdE4A8FgqOPM1b-B3f6Et8tw65GvJCoqWLhE2w9Sl6XI0yjdHNGMjpozAkltEeHpK-77IdDtFuU6mTCxLufnNtm5m9u-r975*cZWIKqIr*JF9xHD3jgnkS5pFbEzwmP-Vb3AYFsZipjDYR4M-069XNBhEkoZVABR5BIt6qgqlpbou-zY2Dm6DpWDgBCMHyZSKvspKed8nHurLb8PgB8Ru3lqHjzlVQHYAmKw9lFNyPdLhUUKxGEhAleG17YHffd2W4ul-CD3V6rHykyaOCfOiL*ZPRcQ-zDDd9TcRq2bO9zBu6OojBqOD-g*yC9MRol2f54kneZ56PKyqI4RgTw7WX3eyYDHw3dzxI968qBOPMVVSxHrBDi5VQD3o25-uGCHMS2Pal83QOkmlkwQAAg4mwICg82PmJjrF6HqJEdl1o164Vb14e5COkZM*zbjF4nuVDN7AOBa19pFYBFtnCWigRmFH6abq2S72mmQ-IbBN9bF670ZN87v*IcHVk7pngYV5J1O8t3CyeQz13f5bNHbe3cFjMXlJmAdDBheGzqK9PB5IDJWSeDygLjH*sU81bu6KgH473A0ckHrXI8jB5p25FhHRFFSBvqPWdRxWXJ5L*6SOl2wYRpg-0n1B9Cy0p3LXz1BRaodYcS*6nmPX6OEm7gdZ9yjuLQnHsku7HKgEasoXWVhbAWqvHKqsykQr4Gr4l7SdkcFMAQi0qQ0Q08WyR4rOO1khUkdLWIHUqkksbBYM00NzoMKZOILOuVZDZEW2-FOJelAueHECgQhIIQxuhptUpC7ctaIMqJjI8xEVq41*dZZC-10kqhRJwWocHkT4cF*W*JA4oHwApIZnfZWMd3nKfwaeyno6OU0xqoXaKFdMjW1o0K48IXdLggwMzs5hk6GF71S8QnFWe5DR2Y071pgunIaWbIKbdYHozwulNbLZRww9fwN53ID1aE2kdP5y8g*HtiOr0V52BAMFoS-aglzFvZtxP5*8uMKelIeYzHsXcfdwXNg2QZahZruwqX1uFOfNCrN5TBdxgbY9l1LH4UwbHuwYo00dgY9yqZ8EKV*rXI3jvxg7KpWjw-B1JqU3fWlM-EPN*g6cJH3lp2dlLSkNktplA6OuxiG6EfVrs0ot3bSZONdsj4VVnwr6maHMRy*aURJZJaANAAXGz-lc9OyqG8YnE0e6-5mb*ylBxeXPv1YBDZXdWhrh1fH2PgBQ9bBGLZJWYvrn7z*cuG8RvoKd*9Brr6x2EWbB63sbl39nTqVAx1-GtG03D*K85-dZUguZeS-3ZiXCqAd2FzaDf8Lvd6NKDsGD5CwzSnJcnHzyLG34cSSoApTiV3jk1h7PPwsth5Hf5P3LNLgLNCv7R6bG5auCkK1wJpkfVmzSo-vbB-tXGJu9XaGgk4TOQIWmPXXWLZxvqda-O4h8Oy4AhWI*vmlz*OnFlFeo*6IZEmwUVh12pM-KWoSAVYlbtP4Vvk9W8XSPIxEf-EWwN-0VLeBkW7KEXp2v7a2uQzJ6yaqBPc7XBAvUwtR7mTjbLi11wFPS3s*O8TR*LBz5pbhW9XEqeUUuKRvlLxyXG8f8IibhOMR62AwpgeIXmp-nf--cEuNcyF680ZYto0v5y-MTYSGkPM9*voliXIiCcAgAAALrcvAoAAAAA&cost=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.113 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
dsp-rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:41 GMT
x-passed
1bal2
server
nginx
content-length
0
/
www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
Redirect Chain
  • https://www.tns-counter.ru/V13a****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
  • https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****rambler_ad/ru/UTF-8/tmsec=rambler_cid541583957-posid541605211/
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
sync2.204
profile.ssp.rambler.ru/ Frame ACD9 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=53651%3A9863&pid=85&ruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
0bal2
server
nginx
date
Sun, 02 Jan 2022 13:11:41 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9506.zHW2aIUNfwmWlzFPCf2rb0lNYE6w4PzTqi51Scy-T2X4x7x4HxnP5CpU6A00peVn.STrPAM7afDaqwAvksemRnUrzZYc%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9506.qHfxZvfmTWLGmvf024KSfzWl3Lwvv3yJbkZUWsqU7mdcnnxw8fbZuVyuwXBcMM0Fh5cvFrnu7g1TJodNmsB0oeBkkGjNgZ1wv9hcD-Q6sRA%2C.SVsVpliEUzQM89RmfvO6btSVvU...
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9506.qHfxZvfmTWLGmvf024KSfzWl3Lwvv3yJbkZUWsqU7mdcnnxw8fbZuVyuwXBcMM0Fh5cvFrnu7g1TJodNmsB0oeBkkGjNgZ1wv9hcD-Q6sRA%2C.SVsVpliEUzQM89RmfvO6btSVvUs%2C
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
80.239.201.45 , Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE),
Reverse DNS
80-239-201-45.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9506.qHfxZvfmTWLGmvf024KSfzWl3Lwvv3yJbkZUWsqU7mdcnnxw8fbZuVyuwXBcMM0Fh5cvFrnu7g1TJodNmsB0oeBkkGjNgZ1wv9hcD-Q6sRA%2C.SVsVpliEUzQM89RmfvO6btSVvUs%2C
date
Sun, 02 Jan 2022 13:11:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/188282/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/188282/1?page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A1251%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A1066375262%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129099569%3Ads%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C1100%2C101%2C%2C%2C%2C1721%3Adsn%3A10%2C59%2C141%2C116%2C407%2C0%2C%2C987%2C101%2C%2C%2C%2C1721%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102&t=gdpr(14)aw(1)lt(27500)ti(2)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:41 GMT
last-modified
Sun, 02-Jan-2022 13:11:41 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:41 GMT
context.jsp
ssp.rambler.ru/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&first=1&block_id=439295894&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=0&rq_sess=98D5FD060A056D8E48F4ED60DEABF5E8&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22begbi%22%2C%22p2%22%3A%22emiu%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=75&left=0&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
30194c9fdb9a73bc0d39b8b0c5d6eba7e84c7439ebf4008890b96f50e8fb8cf9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:41 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
4929
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432328362&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=1&rq_sess=710F7C57CE1CA01E3A120B981A3D1C4A&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22brync%22%2C%22p2%22%3A%22y%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=85&left=260&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed2&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
6e9e056ff03fe853eb95b2d34bcc5db0d7160c4febdd1d61afd3a5bda08cacb5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
3
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:41 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
17796
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		806 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=436488324&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=2&rq_sess=22B03F0BEB1B15DF9BB199FEBD89E014&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22boadl%22%2C%22p2%22%3A%22eypl%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=325&left=1115&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed3&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
01e1b24ddea92b249640501a65233c7a7fb9756ea8efb566ccf3cc1a5694f9b8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:41 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
806
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432815782&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=3&rq_sess=09CA2E3A108E65D115D1B94DAC110CD9&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22brzrr%22%2C%22p2%22%3A%22emhn%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=1116&left=275&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed4&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
782558849b4b5a573795bec4204fc8eeef0cfaefdd33f7e18bfe0601c5d93558
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
2
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:41 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
11965
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=442295678&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=4&rq_sess=07BC28B3C25CF4FB7988B81F7CA3A2A5&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22bwrhm%22%2C%22p2%22%3A%22fomx%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=1880&left=333&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed5&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://ugt7s7.ru
date
Sun, 02 Jan 2022 13:11:41 GMT
access-control-allow-credentials
true
x-passed
0bal1
server
nginx
context.jsp
ssp.rambler.ru/ 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432328364&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=5&rq_sess=A88E7772612B442C17885A74988E9018&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22beeow%22%2C%22p2%22%3A%22emit%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=3607&left=1025&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed6&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
d6121206e7302e80b6fabd18339efbd05f73f021ee4e98865f80a581e2bc26b8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
3
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:41 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
19083
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		785 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=455335668&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=6&rq_sess=DDB959DF1B9BC3A93404E8725680926F&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22beepe%22%2C%22p2%22%3A%22emhs%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=4227&left=1175&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed7&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
4bc7a949ce87c9ec6992be8eb0420fea5632afd2101bd5c80b298cb6d9f771d0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
785
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		785 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=455336986&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=7&rq_sess=772A3DAC2387C378AB5B34E90DD2419D&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22bntmn%22%2C%22p2%22%3A%22eyji%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=4249&left=1025&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed8&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
3e63fad9b35b28601962eea9b7c74fc6b90d0b742c1de531672bcc1ff25d2d74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
785
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432328376&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=8&rq_sess=8DF218CA59141036DD5E0B979F7B9D08&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22brygt%22%2C%22p2%22%3A%22fcuz%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=5996&left=275&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed9&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
34ba1c15cbee07be1ae5b516fa52bbef5cb00bad234efc422c279b431e07be4e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
2
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
12854
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432194634&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=9&rq_sess=E823B8B86A0E3D804BDF43A68E803CE3&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22buqcp%22%2C%22p2%22%3A%22ewzc%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid44%22%3A%22context_item1%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=7195&left=275&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed10&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
eda2886530b8b6b3a2bf786ee7ace9c2920e7db8492a18b06e25dbb5641acdfd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
2
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
12146
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		879 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=442295878&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=10&rq_sess=A90F154EC56BB9239C2BF2E0DD55E715&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22bwrhj%22%2C%22p2%22%3A%22fhzt%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=6106&left=275&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed11&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
95f06e55ada30c6ee51aae7fc65374690d996c0ce9a2c583a4997677b01eecab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
879
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=432328366&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=11&rq_sess=BF9E857395B0099F11F54A7D50B7581E&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22bnlpg%22%2C%22p2%22%3A%22exwd%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=6483&left=1025&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed12&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
3201d9712ff684086f00807e5850178e095cf1b6ce9393f8069aed03f7dfd9d1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
2
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
12090
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		798 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=579336253&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=12&rq_sess=F60BE54F9FF69B18F317BAE753C24855&secure=1&vcapirs=32_1_0&jparams=%7B%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=6483&left=1175&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed13&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
a50f0915215e311e8c7dfaa3f78c4faebd24fbe56f29e25b99f0e41fbf919d37
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
798
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
context.jsp
ssp.rambler.ru/ 		786 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=432190802&block_id=456108580&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=13&rq_sess=DE8CB71FDD1CF00997BDEF47C6786A6F&secure=1&vcapirs=32_1_0&jparams=%7B%22p1%22%3A%22bnizs%22%2C%22p2%22%3A%22exqv%22%2C%22pct%22%3A%22a%22%2C%22puid6%22%3A%22CHAMP_BETS%22%2C%22puid15%22%3A%22article%22%2C%22puid17%22%3A%224056685%22%2C%22puid18%22%3A%22CHAMP_BETS_STUDY%22%2C%22puid59%22%3A%22bc%22%2C%22puid60%22%3A%22%D0%A4%D0%9E%D0%9D%D0%91%D0%95%D0%A2%22%2C%22puid48%22%3A%221%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2222561%3A18274%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nKWTu2obQRSGez_F_wBOhF2GZSHeQqvCq0YOaaWx2B2yOwubkbG6OC5SBENc5gayRWww2Aoh5DJDkmKM3uO8Sc6MFDvkggs3B2bO_N_-57JRoasyXomKYX87jrTU5TDOCrIzlePyUJLdG2FA5khBkDlVGEgyPzR2OAHhjiDm78lOBTRr9jn2a4iihsr9_VuJiuxr6QkzzTxGjFa9ThTh9FlfAUThzlWBXc7dTKjIfK1xB212M5XYcR99yj4XRdRa1BC1QkUr0aDeHvv61uIsJXuRtXH5okP2yRY2yEwyJGROMmx0yHzv4QEnkLg9JPMZ2eMEPdY85Xi_iyTtImv7-zcdbJJ91fGEix7zGLG16nVJGk6feleAJHUHWYqHnLuZsEnmS5edry0MdxuZS9UvoYe7-tf1epyE9glu-IGCKtzEN1T-Pg1-u_6Pt7ohc65CE9-NQsP2_5jCtfB2O3CPo_fkv_EyxEPp3_MgBQ810P5yGUYfxsh7oHJ3rMDFsQfduA9cw3wJ_L_p5JaLdU1K3XSMkkt_pvHInYWVZeVo7M64jywReEzmG0o3qZD7LazQkD2VaOq7S0xruXqtxS_2E9aPnBk%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=7210&left=0&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed14&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
69dff2ae7f98e7a5dd1b1f8bf31c8fa5ee3757b54408cc949b5c6debc66792d8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
786
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
kraken.rambler.ru/cnt/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&pid=7040998&rid=1641129101.353-11154169&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cb&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=89693079&bs=1600x1200&ce=1&rf&en=1&pt=Nh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&eid=3605291013542118&stid=480538276_1641129101353&sn=1&sen=1&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
22561%3A18274
an.yandex.ru/mapuid/adfox/ Frame ACD9 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/22561%3A18274?jsredir=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:42 GMT
sync2.204
profile.ssp.rambler.ru/ Frame ACD9 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=22561%3A18274&pid=85&ruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
0bal2
server
nginx
date
Sun, 02 Jan 2022 13:11:42 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
17031371915826848871
ugt7s7.ru/css/ Frame 67FD 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/17031371915826848871
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(4).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:58 GMT
server
cloudflare
etag
"cdb6-5d447df602b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTgDVyP%2FRIr4xfP8o41zPqzvfeg2K2yBzeI6SopNDDjmjmFeNEJ0ab2AUNdQVYQNivlR%2BVH7s5M4i5%2Ff2NeC%2BNoTf4pukdTJKElUvdMdVN3dtKX1LVJTcUDGd14%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c177cdad6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
52662
ru.png
ugt7s7.ru/css/ Frame 67FD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/ru.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(4).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3041
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-be1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRqOK4t0%2FxjSOJ8pNqdULE0nhaC6lOktWazINupM34VStDR%2BDEDAESLCHgtY8mVjnDMsqrPIUO5FNd6gdNt7XI3PsN%2FhQXqIENfgcRg26AKbALtNlxcyQ0KhOec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c177cdbd6c9-FRA
expires
Wed, 02 Feb 2022 13:07:34 GMT
icon.png
ugt7s7.ru/css/ Frame 67FD 		344 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/icon.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(4).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
344
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-158"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcQZ2I5syLTlJ3b7pXbWlq0ddHiGbiq7pIBzdiyvXDDKrrtFfxJBL%2F%2BXPkf0i5xx3Y4G%2FexJmtoXHiUEETTGctkeLQ%2F4vEhoVG%2FMaTW8BI6SLYLwXseaH%2Fb%2FJbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c177cdcd6c9-FRA
expires
Wed, 02 Feb 2022 13:07:34 GMT
l(1)
ugt7s7.ru/css/ Frame 67FD 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/l(1)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(4).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"0-5d447df6af8c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iloIDY3D7ax2LbLSMOX17q4coD0YYlJneHt19Tn81tMXXf7kAVsj5G8VkGBxaeme0vufpRrqk9ZrB%2B2nDxxa3G4DcCYpnR2JVIYMm4V%2BgWI0LOPNflLjqzd3bdM%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c177cddd6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
amp4ads-v0.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
amp4ads-v0.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
amp-ad-exit-0.1.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
amp-analytics-0.1.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
amp-fit-text-0.1.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
amp-form-0.1.mjs
ugt7s7.ru/css/ Frame 67FD 		0
0
truncated
/ Frame 67FD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b22cff16acfdd670cfef6d4a8ecb84673e06407e32a4bd12e584ee7cffef74ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
css
ugt7s7.ru/css/ Frame AFA2 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ugt7s7.ru/css/css
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(3).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
891eb5206ff1a66393b256b47e17c5bcfb9d60918cb388b0158dbeac6ac07f83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"fe8-5d447df678dc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYLSGppyRu4tmWJMRLqNApeS0wVKzPUgiTnJeoJQ5iz%2B2BMHkYd404n%2B0TFNOO6aN9Y1fsulV90iWFVLHDC5txNE5fXzRIMiHEFcPYwejHm8eZaRESRtqwpe2Lk%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c178cdfd6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4072
ru.png
ugt7s7.ru/css/ Frame AFA2 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/ru.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(3).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3041
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-be1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToRe9koPfwb7T3PGtsTvxbZl66l32NYpY%2FBgEgngiJbFssqebl2xPDc9dmnvyTSOyE9K7x%2FfnvMzlAJSN%2Ffq59YIOLZwK3LYylFAZTLvmsCbH9d6yn%2By9cXbbFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c178ce4d6c9-FRA
expires
Wed, 02 Feb 2022 13:07:34 GMT
icon.png
ugt7s7.ru/css/ Frame AFA2 		344 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/icon.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(3).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
248
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
344
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"61cc5107-158"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxIDmsFEgzV6%2FBZSxZhQY5Nfz8yCSPY9i6N%2Bg6JOdc9SnowSu6d6SQLpRJ%2BxGo0%2FapxXDPLFsoO%2BP282TNkwKhLjPloGMz9yHW0pI5aK%2F51Cag4g4vK9bimxWaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c743c178ce7d6c9-FRA
expires
Wed, 02 Feb 2022 13:07:34 GMT
l
ugt7s7.ru/css/ Frame AFA2 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/l
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(3).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"0-5d447df6ae928"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ftr1jvDP3M2KC86DR9AI4foxsmCZ6bfof4uyJBVKaaBEiNZiVkTBxy4VWMKkjacMHpuX3tXogH5aPTO7XPWKCVoxZthy2W07nTXQqLAeZJ9wSCEj92lIII7Vb2A%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c178ce8d6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
adview
ugt7s7.ru/css/ Frame AFA2 		0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ugt7s7.ru/css/adview
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/saved_resource(3).html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.211 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Dec 2021 12:13:59 GMT
server
cloudflare
etag
"0-5d447df6441fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyMM32tBIsMvMNjD1ZYWSxB9x6VP8mkdlAA4VhqtM8NfuGC4fXTlCr7SUTrGhw9VZqe9O1y5ib%2BXcw6qR0fZQnDnGG%2FsctNyAg36NIBLr8zfGn94d7L1jZWApFM%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6c743c178cead6c9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
amp4ads-v0.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
amp4ads-v0.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
amp-ad-exit-0.1.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
amp-analytics-0.1.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
amp-fit-text-0.1.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
amp-form-0.1.mjs
ugt7s7.ru/css/ Frame AFA2 		0
0
jsapi.v5.6.0.ru_RU.js
static.smi2.net/static/jsapi/ 		251 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smi2.net/static/jsapi/jsapi.v5.6.0.ru_RU.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.248 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-2.sfa65.imcmdb.net
Software
nginx /
Resource Hash
133c092800fbff394f44f3a69baa0cfe34e0ce20feec5cf7198fc371543595da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 08:58:08 GMT
Server
nginx
ETag
W/"61a73920-3eaee"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
sm.js
stat.media/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/sm.js
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Dec 2021 13:53:02 GMT
Server
nginx
ETag
W/"61a8cfbe-13481"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
smi2.svg
static.smi2.net/static/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.smi2.net/static/logo/smi2.svg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.248 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-2.sfa65.imcmdb.net
Software
nginx /
Resource Hash
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Last-Modified
Wed, 14 Nov 2018 15:52:47 GMT
Server
nginx
ETag
"5bec44cf-a66"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2662
/
target.smi2.ru/init/ 		95 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://target.smi2.ru/init/?blockid=97002&siteid=46746&bw=1600&bh=1200&rnd=4324365400419
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.225.229 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
target2-1.ssel21.imcmdb.net
Software
nginx / HHVM/3.9.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Target-Version
2
Date
Sun, 02 Jan 2022 13:11:42 GMT
X-Target-Final
20220102161142-0
Server
nginx
X-Target-Host
target2-1.ssel21
X-Powered-By
HHVM/3.9.1
X-Time-Request
0.00024
Content-Type
image/png
Cache-Control
no-cache, private
Connection
keep-alive
Content-Length
95
Expires
Sun, 02 Jan 2022 13:11:41 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame C60B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jqTRYYS8ApKX-gb8_aH4BA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192&ipr=y
42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=241247210&crd=&is_vtc=1&random=1689175192&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame C60B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jqTRYZW8AtrogAeGl6HIDA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=361638...
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=3616380...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=3616380350&ipr=y
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1480352542&crd=CNPgGw&is_vtc=1&random=3616380350&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/37412095/ Frame C60B
Redirect Chain
  • https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%...
  • https://mc.yandex.com/watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%2...
350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A727917361910%3Ahid%3A1013331319%3Az%3A0%3Ai%3A20220102131142%3Aet%3A1641129102%3Ac%3A1%3Arn%3A534595712%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129101289%3Ads%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C277%2C0%2C702%2C702%2C0%2C416%3Adsn%3A0%2C0%2C103%2C1%2C1%2C0%2C%2C311%2C0%2C703%2C703%2C0%2C417%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
49ec5c90e77f3df474712f2a2dc78ab6535152a317283e96ac54ef91e615f07f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 02-Jan-2022 13:11:42 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:42 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Sun, 02-Jan-2022 13:11:42 GMT
location
/watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Frender.html&page-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A727917361910%3Ahid%3A1013331319%3Az%3A0%3Ai%3A20220102131142%3Aet%3A1641129102%3Ac%3A1%3Arn%3A534595712%3Arqn%3A1%3Au%3A164112910210726334%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129101289%3Ads%3A0%2C0%2C104%2C0%2C0%2C0%2C%2C277%2C0%2C702%2C702%2C0%2C416%3Adsn%3A0%2C0%2C103%2C1%2C1%2C0%2C%2C311%2C0%2C703%2C703%2C0%2C417%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:42 GMT
advert.gif
mc.yandex.com/metrika/ Frame C60B 		43 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 02 Jan 2022 14:11:42 GMT
static.gif
stats.mos.ru/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1430471658
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Server
212.11.155.166 Moscow, Russian Federation, ASN8901 (Moscow Mayors Office, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
ExtensionReferer, x-requested-with, x-requested-by, x-caller-id, Content-Type
content-length
43

Redirect headers

location
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
A-6zwXWSS4Omzzk3GcI8wA
an.yandex.ru/setud/tinkoff/ Frame 00AE
Redirect Chain
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420&dmp.ctest=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly91Z3Q3czcucnUvIl19fQ
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1
  • https://sync.datamind.ru/cookie/emitter?source=yandex&nolog=true
  • https://an.yandex.ru/setud/tinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=1204374944
43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/tinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=1204374944
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:42 GMT

Redirect headers

location
https://an.yandex.ru/setud/tinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=1204374944
date
Sun, 02 Jan 2022 13:11:42 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
i
dmg.digitaltarget.ru/1/7009/i/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND1147893466
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
  • https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
  • https://sync.rambler.ru/set?partner_id=vi&id=z-lwk6lYPbVFtLi7QfjS
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
3
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

location
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
p
rmb.ops.beeline.ru/ Frame 00AE 		35 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rmb.ops.beeline.ru/p?ssp=rmb&id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.35
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
rambler
exchange.buzzoola.com/cookiesync/ssp/ Frame 00AE
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=00001069-46ef-f99f-17d0-390406878420
  • https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=00001069-46ef-f99f-17d0-390406878420
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=00001069-46ef-f99f-17d0-390406878420
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
etag
W/"b513115e14fc198f1f711b51cc979b92519c9f16350458f67529aa53f6730101"
content-length
126
serverid
TODO
content-type
text/html; charset=utf-8
counter2
top-fwz1.mail.ru/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00001069-46ef-f99f-17d0-390406878420
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
  • https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
pixel.gif
sync.1dmp.io/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00001069-46ef-f99f-17d0-390406878420
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4&cs=1
  • https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
  • https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
35 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-213-228.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ads.betweendigital.com/ Frame 00AE
Redirect Chain
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420&crf=1
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D43215f87-299b-41d9-97ad-22a7e9cf93a...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1a4261d1-a48e-4000-8a9c-c4ce7bc6612f&expires=30&ssp=between&bsw_param=43215f87-299b-41d9-97ad-22a7e9cf93aa&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=43215f87-299b-41d9-97ad-22a7e9cf93aa
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=43215f87-299b-41d9-97ad-22a7e9cf93aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=43215f87-299b-41d9-97ad-22a7e9cf93aa
Date
Sun, 02 Jan 2022 13:11:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
begun-sync.rutarget.ru/ Frame 00AE
Redirect Chain
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
35 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
80.64.106.149 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr4.rutarget.ru
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

Location
https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
cm
creativecdn.com/rambler/ Frame 00AE
Redirect Chain
  • https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420
  • https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420&tc=1
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420&tc=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT, Sun, 02 Jan 2022 13:11:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420&tc=1
date
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
rambler
px.adhigh.net/p/cm/ Frame 00AE
Redirect Chain
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
193.232.150.70 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp14.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
statsb.nativeroll.tv/nr/ Frame 00AE
Redirect Chain
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00001069-46ef-f99f-17d0-390406878420
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D825
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=825
0
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=825
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
95.163.53.109 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
statsd.nativeroll.tv
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.12.0
location
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=825
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
rambler
sync.dmp.otm-r.com/match/ Frame 00AE 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/rambler?id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.17.6
/
tms.dmp.wi-fi.ru/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00001069-46ef-f99f-17d0-390406878420
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
35 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.220.120.21 Moscow, Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length
35
expires
0

Redirect headers

location
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
0.gif
x01.aidata.io/ Frame 00AE
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00001069-46ef-f99f-17d0-390406878420
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4&bounce=1
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=aNr8Sb1AahXDY9Sr%2F1Yl0g
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g
  • https://tech.rtb.mts.ru/?dsp_uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
  • https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g%26id%3D%7BUSER_ID%7D
  • https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g&id=
  • https://x01.aidata.io/0.gif?pid=9503528&uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&exu=aNr8Sb1AahXDY9Sr%!F(string=%20%20)1Yl0g
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=9503528&uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&exu=aNr8Sb1AahXDY9Sr%!F(string=%20%20)1Yl0g
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sun, 02 Jan 2022 13:11:42 GMT

Redirect headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Access-Control-Allow-Origin
*
Vary
Origin
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
Location
https://x01.aidata.io/0.gif?pid=9503528&uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&exu=aNr8Sb1AahXDY9Sr%!F(string= )1Yl0g
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
set
sync.rambler.ru/ Frame 00AE
Redirect Chain
  • https://rambler-sync.rutarget.ru/sync?00001069-46ef-f99f-17d0-390406878420
  • https://sync.rambler.ru/set?partner_id=segmento&id=oSebgDA6DDtl
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=segmento&id=oSebgDA6DDtl
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Location
https://sync.rambler.ru/set?partner_id=segmento&id=oSebgDA6DDtl
Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 00AE 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=5&external_id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
set
sync.rambler.ru/ Frame 00AE
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.12.0
location
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
/
an.yandex.ru/mapuid/ramblerssp/ Frame 00AE 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/?00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:42 GMT
/
kraken.rambler.ru/cnt/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pvm&pid=7040998&rid=1641129101.353-11154169&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cb&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=1942450800&mp=%7B%22sch%22%3A%22ld%22%2C%22type%22%3A%22Article%22%2C%22title%22%3A%22%D0%A7%D1%82%D0%BE%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D0%B7%D0%BD%D0%B0%D1%82%D1%8C%20%D0%BE%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%B8%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D0%B8%D1%87%D0%BA%D0%BE%D0%B2%22%2C%22des%22%3A%22%D0%9E%D0%B1%D1%8A%D1%8F%D1%81%D0%BD%D1%8F%D0%B5%D0%BC%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D0%B0%2C%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B8%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D1%80%D0%B8%D0%BD%D1%86%D0%B8%D0%BF%D1%8B%20%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D1%81%D1%82%D0%B0%D0%B2%D0%BE%D0%BA.%22%2C%22dpub%22%3A%222020-06-10T21%3A45%3A08%2B03%3A00%22%2C%22dmod%22%3A%222021-02-11T15%3A20%3A00%2B03%3A00%22%2C%22thm%22%3A%22%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%22%2C%22arth%22%3A6020%2C%22artst%22%3A1160%2C%22arts%22%3A8093%2C%22artw%22%3A1765%2C%22img%22%3A3%2C%22anm%22%3A%22%D0%92%D0%B8%D1%82%D0%B0%D0%BB%D0%B8%D0%B9%20%D0%93%D0%B0%D0%BB%D1%83%D1%89%D0%B0%D0%BA%22%2C%22aurl%22%3A%22%23authors%2F4171%2F1.html%22%2C%22url%22%3A%22%23bets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html%22%7D&rf&eid=5830291014626252&stid=480538276_1641129101353&sn=1&sen=2&en=2&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/17151699583860951539/ Frame AFA2 		0
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/17378830689005347748/ Frame AFA2 		0
0
truncated
/ Frame AFA2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b40afb826577054ff8872ffbe5aefd4b52eac1764a1e5420fc954db871690d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AFA2 		0
0
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AFA2 		0
0
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AFA2 		0
0
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AFA2 		0
0
file.jsp
img02.ssp.rambler.ru/ 		527 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=PoCPUltuUAV5SCOZzAjtJXfzyE1H-O8E5ncoZWlBAaTZu4guhkdyA56mZ9NGu1V2Nl9QizwW6yDvHN1lg0vUREqKbDNukQoecH3Qf8kJWtFm3wTF6JHtcP*Oi8XNGKbte6FKmFV-zhJB5XqOu0zggHui43klcd4Y4UQl16ICGcrW47l4YzoF2pYx5RWHf4EaMnWvmKCkMm9Sya5WwpbwYLz6SFlj463c644iuphUmM*WF7G9VxtheZuvErAysII1SU6n0aS2Zu6HvUXWVa6vAWFqW3jqYzlqYNKkT7toqGp8GhvC1Bk3fANYvbfDbn5nesaDuO5NYS8ThUumUov2d8Q6Tg5yhNuwb3CU2zpSdglGFDG-9qR5CuPqRapNLqeAr4y*U*cwaehkJkkVFvEZxdW39v9nGFBysWFFOMw6uFhAPxYRrG5MMZX84*W1pyV3BYBg6jxMDTDl3x4Fsvtgw-nmTObwzOm7Tn7NIa98rF5mlehoLUKeLUtanyY5Ahi0RXZFQKa-fgkgZN7sEvrIzc5*XzCA22rf82wRx-If1jZx3HIfVuKDMHak-wIATYhQS6N3bpfBcH5xa9G2U-PiNBj1kwVez4Z-ifwUZoMYghWH7VsRQPhSz-mvpPEwqT-aXaXjG9NA-vCsq59vFs9UoNvkP6WFq4uA2G8PRmTGjWtQrS45GY0l0gf06N6BKrMBo2goGsRL51nOxtYl-*QdP8MXZ8LXKhibe-RcRW5LjVRaZqgZhq0kh2uPNNWmQaEdaoB20sF0C6jwOx-kz6EuLV5xAXWDDQmprpuOmeq*VA24SlcnS6xSI5VGY8OGLJX3IcbEkTVy2vGY44YOLI2B3hcWl992LIdbVhd1a3brEGfnXYnNV8Osctynq2AG60r*cyjYas2xGyK0J8cNJFRlHkd9VfHYoC5U2bzmRQy58nK*Y4QJa4C0TVt*dEkA8XCNVwbD0ZaveVLEwajJQBZXRkqnG3fxBQj4rOfEAi65wB0bwsBioWmNkuZ6Cev-fVM5Huxd4lnmKTjEzEJ-zGPtpMLYAT8TdBQp0lVTD72Uonf32r0E6Y3ll0I9nM*bBgerWUA*OX81x2czWE4-U8gdGGuN9*48j3*3jACMlNq-GHzG5Z67SrMMxpx9j05Drw-b25r4sSFwHtQ-G9m-UrFRlVOV64E5SXOu9K-t2crHarsPqjr1oeSfqdX7yNHY*0-NsKV-DWSpeyvriOxjQO8AYiH5zjigX6E050iycTWP9BEFWXb5a2ERGvJY45h*LdR4vqUcBIIl0pMbKcGOWGfZolwZHuGQH3IFu14jlnqYwoEFjyv4lW4HaPvB74Fey7JmalcL90w7FsLdPQ-beMSKX9xISjE9Bxkwr1ZCZ0z*WmQYd3VP1DUwziW0H2pMDyGX0Ed13P36JRvu5jtw7ecnGNi1Oqxufn0X7*NagGqBQxwG7Dio9VExC7hxehWvpIJQwj*cOIiOkRe*Qu9PARbVNlUAiXJTQJupxzBc2oTzyfw8D5W0oQl0QwhhXwllHvuvc4*f0bCohC5DPSdDgqgeaaRtnLeS3QH7L69SyM29HWWVYQeaRcLAZI9vjg2Y7Xu9ZaR1aV3MxcGqeaUeQv9xH-6151KxdlstOI2bhZiucOIGTTpHv4dZ7aftn1mriI2CzXBabpE14P8djkqbN18W0f35yUqhtFZyrlqdSB4AdgwCAAAAuty8CgAAAAA&eurl%5B%5D=98Er-max2MLlvruvWMuDZOWgzc6dLaTxE1-D5B8eRJNM44UAjk0W-maZPIS*GWGRX834QNPGKkFi5OoOPs0J6XnIj1nao84S0pxA9zGUA0cCAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
4782079b25a2b347c99a41c613e8e65534d01cddb19a718afde3ca3271ebd7ac
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d1f-a48df-b8e7f
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
527
file.jsp
img01.ssp.rambler.ru/ 		517 B
847 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img01.ssp.rambler.ru/file.jsp?url=oQxwQeOngD7GZGAmgC7*Sni1gJW6ts008hoMqh-DRq-DhwW9NAbJcKDtc-yBE9ZGp5lz6XHyqvHOCcwiUQ2Wn-uEqb9rbz2geCutPbxK0dIhlNSDT7jBRglyed4V*VxuojxqkZJYBrrlfPkAjRis4wCmrcUeh2xB-fK-XSe5FOj7CQcsbhXWZ4UQYc6IxCqou0m-t3aXOWaMo3s*tDiWl7BQmogp*DqL4q4PjVZKY6eYaY20ZRaDq*V537vXiJJk-KQo3CwCqybs5Uwe4ciiCfkHQmPAqXZUhV6p37-8uhHM1t5VzgnOwyb0kts5wsEQR6-aUt57rTv379Q4otui5MpGDncCCEyLvzs71JBHLyqiUlpmp-tJ8gLNJ4ik76AlEEk-ISRyaQ2RCcbPDpfZjBbPWThirOfoGLWaHk1CT*SK6vAXmzG8xxKv6W*cJCnmmXVBn7PduhnA63XWW6k9j6quKTa6LeHZ1m*dxiU2sEw9OE6QnVJc4gsykRynsqv0UJ5LlX-XXEbtT*54Y7VdQQLiOoVIBYQw*ihZsFKOP998EOY--SrjvYL3TJZi*oCXD-JRo7zRcAFBrW*ZALY0wBTI5T0A7NcYmz*RY14KY-KO7CDMvDGDCs0ZFZmH6jJSo1J-susHrWTVvOGJulk1f0nWrJ6Yw5KPH5Ova8T9v1vU9P-TgjqpW7STo05K5OZtF7aJRCSHgQLpiB*tbH*RUHIap7LNvvC8zXAXdBB3Oux4G2YVc1WZDOqziDyFABaFoPYpHJKsELAjSQ5UbvDNq7EQ9czZPBpVpq1kV8DAMOlZgr*2kbR3FYbV1tuC64GMd77Md-pjcY80TkoxbJZGnCNclj0qMm293VCuVS3iHHgkDNEnls1kM3cJi4lByiwfU93WLe-v9stiDQQjfVHPr7yQs9nUMR9Z4VAPPM177xo-mgBfqIJ46LCZ3teWHLwDh8h3ZRQlVRiz7mY7qCpDEthWNr1bTYvwzZXEKOyckCNL3VCq2ukd1DW-inIT7vptkVyzIP7NZ*avbvvco17Lqe5fqmiKSz8ho5i6t*jFsvqWA2R44kLgGGY8YUGGZY-aHfCrQDBrLO4Ow33VBFSRyVmtW6MArFtAcymabPlrJF0ZdQi4Vi9GbRbh2-JBJSG-XAczIXpAnItp4F0QBtJnVSV*XdIS87qeu-TG5s6eixQV10UobyOyGJluGNypb1Xh5tw912JSIMm*A4wk3p5rAU6k4L1vaR2slZjPmtOKEpqh-2bwMmAU9Gq4S6pXFXIE11vQSDu8mMz3ltGb6Wbq9HQpLZv4wEPAlQhwRNnzEwSMB52UjTbeKc8FNVK5sQAScLm*WNAaGe-ZrBOhCOk8xuOTUOrKpxQslxD-sZ8cnMieeysvQj3b94*5fO6GtDnxOzDwaIp*MFEWfhCmBr3MJz6Ke4LViKIlQ5LizVxjEPbKOqGfjMIbCSZGIYYl0xKvy6*fB7dZHJJg-bchStBAaYwsvZU5zw5CCtwqqBPGjF4lG7olaRqKPri5LLnKW0Uvn8vIbobjh8Hn16slIJD75O*F6tX0ourHrgMR5EwhwRLzWB3KxfIJW7bf7MvK3BAzR-DLdID7OK7hoSx2IbwBV25l*nAkmU4Wm10jk2XSJZehxfUV*0vLBtUzKp2Hqx4vB-6dtNxkH30YaemJhmNAozX2Xcy7-UucCWUL54HO8m-bny25VFinE7KCtzgO-OY7m5Srp63fEVTwK7Rh2tvTZAIAAAC63LwKAAAAAA&eurl%5B%5D=AN8VeBTUeNPo1iThpJhuIDxxL7SgqvudMLbI-usMEkLyQqT5m0xvkGgYk1tJnivnASDuqU6MwgpjjXQcs23Dgh5z60sHcsHalzthGG*LAOYCAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
8180f387279e265b8e9ed3a60e4596bea1a5df4904098d012a53f937208712c7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d1f-a48ea-ff825
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
1bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
517
file.jsp
img01.ssp.rambler.ru/ 		503 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img01.ssp.rambler.ru/file.jsp?url=BudlIu*S2-INAmtw5DPWdjwiFVcvvgt-Zov7pBoUX0LOu*qxPOu2Zpc0jVAze*PqfmmyP9evaOc0bfHwlk4MfjFptpAzaU-7AToi*aazX9C0orw5MJkANYNKvtJ4ykeIPoba5ZUeh4OeG0eaKGlfQ8jgTn*5J5XWNZ7gNjbY1TNnmfdzreHfOBWulVpMshESMAopFUrJSRMm3hk1JIfnf3*63dXnQqmFnUARFiMfbNhBODafQaB0yvsHzMupHK5DYK3yh6Sk30WlhpyktX*EEpvkK-WiAdvA4uRocfTBDR*730li21ElcOl3mhL7tD57ZO*Jz1F14kC*Kw92I3O2GJqdzcQbj5kK*0nz3VNm2V7xQ4KBbynh6xpKopG5fQaEBMNOuWb3UGIU3-SLgvBUkxFFczD7ScHkL4n18aZIRzTqV-ILoyQCRTCTeQ4C0*5Uf86YTol1-lmK5wfIbDyUwJ9Lop3SuAjykX7M5YBkdhf*1G9kIuMfiohD7WNU87oCbWPER3DwckcPNK3EgPJhCNfcP3lNTv3yKoUxtrhb6phrcvtZHbC*47vct3TU2GC0s7jVTjfnH8UqIMaT*tn*sFTa0ihLxfeZtNsiINUTDinQs864DB2kHpFwvlMrDPbNj9CT7zziiSpfAwYwUW6LwDyfc1DJpXNyLQygC0bjvWvXPrH-pmUORc8Yl50aUVrkXXZhlSSFV1b87r9NH5DCacooapIvguT9G0XVea01QypUDQMw6bArOLNL-iJRQjkZ54DkWFiRJf1-ek0bfXWhij3JsShKmxWjlxBKg8Q-7VUxWG7qHb*dub-RYmOC7XZ9Z3wQTQwMbIbVjgJPoSHs28e**BdmNfPMaIdjbunbSboH0gltPSCyBbrC3Qe9GoNYwkqhDxRhaqjxocAbtMFTRoBcZnzBZ3CYDuv1gJEVFoNEkjNQ0BPy*SFXXxsYRmGeKiorqFGzcJ*KAdAT*fUEwFPO6nn9skL9bzqBgFtvHR7G*2cHqA-sZkyEYMxEbUdntW3qGVGoh5f1GSs6ECrP3H97VNgmJNUuxRRKhIpMZapt6Xp39-0w*t9-BJhLfOW-HIFzDk4qV7RkIs2Q88yD2otiTnDzxU*zdvaIAKYZv0gRx57sDvAtLoM7QjUWZODQJSE9t6XPGXORLmsVWp3fTFNK5SZk2pLx2deWSRQbJ4LJgdFDhHu-X5VQPsL6lthnRdJIS*2b01tA-AsDgJHPqA8dBDMpqB18*JXyGALVMkxyCOh4IzC73V7IkGI5N3CCVfpNHKTI9cG42arNYwd00vE5qSRBRAOR4F6HF*5ntlhg0mdXcwm6jd6vcLhPJ-iH7Gmo-UupANDyUsPjdjyvtc6Li-XF6ULMu6BzYs1IAO-fOJks6W1ladzS15vL6d1TPK8xjAvzhRH2VO10CpbVw7Gcq1-shX1lOmQ7xh*mbavhDvaSiv6ZUvd*UxTKZZq5a4BgqxB8xvyyO7CK-PskeQByv8pu-zpNYZjn4iik1htGz0oV2g9iV8qq1aCieIXsc7UkqD0gCkhPy0oiM3l7LyFa8sab2YEOMhxxR5d3NgwipWhdt3Ue8g1ycOOdZOtcb0w9JDeedmhet1R75oLEj4g5b511i*dTvFdlIaW4WBClFw3NsriwZwu-WFIT7QTKRvpkXDXqffQN4OZZMeUUqS0uEJJ5Vt70*DmyDtN3dsNN9Z8oXfHdsGxune5lJ-UMRQ8wPm8vVylo*nZSOBOI88meNf*7A2KXUBdm3cbz5wacnZhwSNMhhPdQWaCtrgBz1VexeWMhUTYaq7rFqN2TyQIAAAC63LwKAAAAAA&eurl%5B%5D=DcEwlgMcaL47DMXcixHfL7o6b2y7CoLVqnlfkLHd3klDOANqJTvmdQwfMVxkzWd9UgmepMHymToxW3-spgx4LeP0aCY2FMviHr0slMtJgaMCAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
a3106567b25111408e8bcc098bb846480c90862e1fcef624727b2f6fe86ab986
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d18-a48e7-76a09
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
1bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
503
file.jsp
img02.ssp.rambler.ru/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=voCLdIfoo5FlrNPmwzh7oda-*NexaBOG6K6kkB1EgUHxzsgMnckRkxE1V9fLfmPwf1oO21SQuLFIJ7AO03BEfaoayTKvwMkvM3lc6nDE7CR4Bk-fvrZgPp-J87lBp-x-V*NKElGE7wAE3pDPo6BUHDsqIG-ejY0J5vtmeGbD*O36SeNTfXN3A0waXOA85hkZOKN4DoSQY7YSHHih6LvQm5xTbdV*ei2*PIkr-g6p4jpOooTv-uUHnLlYDnnawHaCNP-NDLkb-eNF5418atXfwhpr--PnwT1Bgo25k*i4crXdryMOHQGg8i0uAtUmcXdgDEMZ90YTD0wGGYQRMuQ-3KYsSQ8K7-lGAUkSVqFjzURZ64gBVW1kiSmg5FCvvAmINMnniuaQH67ajeBGkXJjc*lcphDrMJQT6KZiGdWgv70xrYXUO18U2kzqvtkRXSeukyt5gGHjZKcZvlaSUCbpSP9Za9R*igXjw8-fnTozJYU4LoIBV8F0KSnZXO2MmB6wN41n4agUFJ35JEh8fi1A-5*UlEFjXjjzUFvH0VVO7mvSWGM4fWphfGH1zgukrClCoZGaeZmfK9LDQgkpccey2BoAK*SOqSzqjA8yWUxjk3aspvgT4zPnYJAVxBOb3HaWxVG974p0M25Pc2z*PHF2Nr0aQR-9qXbRpJlunwPeY7k6A3rrIhb3gub3mwWqgloJi6r6yuZYuN5o*XO4cQPgV*T-7sMofm8M0Izscxv47RlEhfwrzRA0m-4wips-26L-7eidcvuTc*GdVqsvPqcwR0tmH3CVc4opHUteD2bslLzVdvysfY8IRueaKVBcT6DSgAks0wzLNkf8RpJ91h4-LxArjzKG2LKWDjWBMpCHglGwrgSTuODXftTuK54twAAx0yPGzizEzcbtDZOXbjYsZuxVg9FG03xf2TRMBmIYHhbsZf0TMdE6G8gq1NYBIer2eSZzx7pxmMJZKdOvdTw1YMSu5rjyQaq0sIe9ve3TmbNw8NAhGwmIeNI0irC*QzXRgXlQgZVLGSpVrJI*ijDjbtylms1iNAsFueYpaSOMsiIK4DtFsPx2U71AUYCPlCfHroAF6JGmUNnI*5mEZ2wvAKwhApHaQd6cJBP0cfrYnao35fNKEgCogARNMATZJYXt2sFCv0dKAB-1m7P-jbvbi1Wc-uB1*q1ggOn-KHcG*ZqGn0*Fy3IApWPTJSij2aogg0LgFu4M6Qj61XEHa7bcdYoQDiANAFfnXtubSwYWaxXOoXxvzNsHdAq4NMvP*SU6GWvQKfMov6SkMa7D4C8RkOz2Qo7sTWjxQ1uvYJH9kGIGipSSMe-EPCyP9v7sNBJL0Mc*94w5X9H2dbnZ7N7yM8YdpF3NhV9a5cqx5RAZu8EMf2bQlGDzzLu*KjgjZngyh2xC3sJd7Br1oZpUZsBRCIBYgAKXQ9jDsliy7RKKTnbCla08rVrMImK1KAPFb-24BPysM4u20iIgk83tcNXPB9wxr7lmOM5L-gj4gD15TmHmNzaXeVMlE2mUmdAatoUDt0onuF4D9IHMMbLUULZLkoNU8LCt592tAntDOzNPLJBisVjLH3IWY0T5cxwXrJcQe4slR4RqLimf9YV-QiwfHHDew0IBGJc0n-pQVSvfDEMykRl-Nnl0UzO3dcIlb9QQJtnTUSXiwrWFmEWy1J1a-iuz-ySrVFWs4saNrF3EHx96ENESvKc4KAqs5L*klXiyhbxM8bLSm2yBzeRRnqOhOuQH4G3pOdN5V0hiQtgrsv4CAAAAuty8CgAAAAA&eurl%5B%5D=todjB5xaropqiHO1JqtQ4P3nfnLJlen*c0QN9huYdHPqqpxBBBZB7vtiS3sUfowofOZq2lL-S5jicjeePqFWxrfcNmp-mEiwsjQyz8e*eWYCAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
49f295275f707ac20c97560058a73d05bc4981cca0edc21e344fe5c66b012680
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d1f-a48da-e3bc2
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-html; charset=Windows-1251
content-length
1394
file.jsp
img02.ssp.rambler.ru/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=KvZoaymtal5HgxMsYVlFkgHtBbOPVrHSVRL*oDSV6T9H10gkKbK4RV*6ovnuC7JDYuA48lE6XvSZdXDsCbnHCoT*S-E7WAJT12dPo-Mktu9sJSdt7yKE9y-n1ua5cRjl1V2QPGvgcVKCVoJQufhV1Sl5Pfiu5TGVwLmrGA6WxOaL*YrsavSTwk2TfkqWvexzWN3capj1DvJ-CAa30K6ozu-q2fWTFXPhUGi3N0WR4Sh1PMn*7AC9tEOzNEx4s1ZSykMWJLsRynbGqUChm0L-L5gQT-7fLJ1Hi2ROptkGNOsOftHLPQczRANVHIlVuru2uvG4aGyxWYtvIwQLTYTWLtXj-rbhTUoq1strpzBV*pjdH42-*3XLnfeQm64umtuNGrLlCw9KhlJ13KHP9HS2C0rH*rlmsuGbUgPVAtqF3hpzApAfJglcNMe6BSHA7WnOBmTrjeeV2VR2rHvOz7f1-HZI1EgjiKX3fIffd3yfM6OxjehmmE1b9fegC5TZ0BklY4StyLewf9kgl7TNAUGPOQed4r*U7850x-XQ-3fri5XjZjXGtZxy484DdVny9KNvuZXoefzf4F6nqUfYbicR6-eFHCpoZ3XEhG-W7tzxIM6sO6gM*X-nlztG5aHbIM*hP7pG3-aZYZVA5GRxciI8xVkqfu8LrnwjGYBXYI6abAOl4FPLls8DXZWKU0fQZgaPrZ3QKeN5e*Rbh8x2Xo0-T04V8kqJPgONyBNuofg1GPDyLSS70modmGj0lOUMeXIgMj1FCo3sTNmnFGw1npF4CxxIdQhqzROZQIA4BDGlkO4btD-7f1*Ov4tbmu184OYayh2iUjZXASLGAmDanfa90I5Y9mC3xbHHt7dhBBT3vr1mnZfkzGc4LMqVT6hfYKPCIswRStf5ogtkOzY2R9Y*cC4ztWiNx-aN4CCebOmtNRgKebFqB6WW0YGjBGiGKsFZiQBf4V8MC5F1zFKzsRmwIhW7zvakwYhg6OKKo7GwjxDY-qlnbyJk87dZzxB8EqCs2zFKtFVUGqAEhLBeh8YBBboUFFqyyGnlDj3KgZR4cB6*qUFYpfjhfIVC77IK9EL46i5cUMqdUdIDDqcyUUXb6xoIoFbGKbcfPOeag3xm6z6I1dOTT1ggVrRHjhSEWk7x4PaB7XH-6dBiZdVGz8kLODYsjLj6jY-EiQOPuKG1vUvVuLOmNNKdxUnmcNAdpLahHpEgVyC0mPPsAIhvI9V4vOFhfwQ5NXOlCxe5Udz44AhjgZU9CeT*KSKV033xY0Xvo3bQCb3z1guLhgcUThvCNFwtCjceI2fSmioLz8n3*PzazaQddjeNuE8hBECGKTAh6yK5mDh9IDhZEJoGiysLsmQliBVi5nqxp7SsCwDXdlHDEl*-go1Az-FC-GRyPkC3PQIdSyUVgqKyJCC3QXmiQMXPcM2L*Zn2-EYHfK5SfTalpOpCSGRjgZvj6yd05WgFWaTb-g-KfCveU-g86GHPXCsWNrCOKngxmayohNgQqXidX9jKJVj*QguD2rOK5V1sYdoEV57fmPmo*SvKtVbRdANkntv0hhUAiGirFH01UdE*Nnw62VOHlwUn52sz4m1fSh4NqcTg7nSllpIRewLTUcpz2G5GbvEnlATupM8sZWowBeYv8Lx8s1Vv78o8ppBWKHJxCZqPTiyOXe*bmW5dRFgCkd6To6TL7dkx4DxmGFVYFxm8Yg5Gq8yodvzx-NNVvHBHWudbuwYEL3eh0rYImX*NGPbNRdOx-DAXg*8GKZyrW0uLQ4tM9nH9eZjZQoMDOQPphWvlgP-*ZicrJvAc6MLleyvXf*CoeRQj3Uzv5lIZeaODPC425AJrBtJQRDA-t9yZlN1sPlN4YUGWjfKpgCsF0xfS72d54KY9CS7MvdcD7b2V01-gKaaJ0ysNEhrzAgAAALrcvAoAAAAA&eurl%5B%5D=GxVOOGEgOArQxJRbRFxq8l7TLjeBY90qnVbFmBW4DjnVqNZb7GsvH1VMlT6PvCnwVtlVpPgsAtPNQxG9dFtiaP-PsrT5lwyAlgsCvHSM4VICAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
057e5db02edf1604d1ff859fd55991aaa74f3adfb41dca332343d517e138ba49
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d1f-a48dc-371ea
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-html; charset=Windows-1251
content-length
1392
gen_204
pagead2.googlesyndication.com/pagead/ Frame 76C2 		0
0
file.jsp
img01.ssp.rambler.ru/ 		633 B
963 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img01.ssp.rambler.ru/file.jsp?url=E9p7hDZUrM5Se*edMuje21235ak3TWgSETXNanlraIyu*kkYthcSbfO75PVKBPrV3dotqMSYPXoHQNqqRCubeSB2kLc*YbSK06SopiynlhybRHUENRMw-zvux-Yuwi96cMXYqED0s4o5NFX4LjUPh5-rKtIL34FMV5a3*sd-lv-VUkiirDt3itQs720WsWpL-RCwdd4zZKgm0PEnyffP5d7K8MS7pq-cdIpKPEk0rx2O-mgQXMMy8j0Q17Tx7QTHSleCXW0Mcf1Np-pPlglw849aXvra2BHSdJ6f0hOisWKkPwM0QlxCVHaCig8hXBsvf*7I2bVIASftv0HZ1QTPAntEYacg8Ia4irbsvHkutKpPamFpF32l4cl6hdhtRQyZLMh2olHZ8Cy2xvDranahOxfxal-kIFYrBkkcCDhaq60bQJQgMEAWm1EUrQuXGZ1RVLG91WJW8QnVbWomyynRhDUrXBZgwtxqzpgCLk-nDJn-KAq3dxB-kttb0oe*Jpf-qM3yABd4ey8yAX3VAjQTehD4FqsPIVoeXSfvysmHRHBIy6BtjmhDEFJI3-nMsfPzZ5Hcw*CloTKWIudowrGAjjAFAl0OOQLm43wVXaFPicBcjQ4J*jHdGspM6-tBfxKxbPy5cfN637PXtJUeO0RHS8n6FHAJi1grZJE02crreu1vePEhwZv6sz7kHk7cDmmKN7SFe-lGXj9EFu*FkMxy67nBCzg3PNaoqsODH1BIcxTXp0y3X57vLghbop5GRyUasr*IBIC1VPp3sJy50M8zR-mSN1fGfNAOfnL1Zuqox0gpFOyGLheCCUFWnyj7*oYcUbSjRGTWqwaDaZYl643OMhORzYTGUOXFavSjgNJArmb**nF9r6v7vJEUQkfymzT7KhQ85XHo*3joCdV9-qHDmQ59rG1bQX0ElmoOX2DjRpeZPjmU4zJzIzRT5oHFm-vB0rwPBmAwhNaXLE-4TnI2FyFWDFnCKkwoaWfUiKITOsq1FZ58Pak8mtv-qkpVSO9mhut4BRpF5h13ScOmtcQC9PDmELxlHvMeRA8mwacxkrLmdzo9V9CUdVThXaH8BxgwmyAj1JtukZ0UOJN22BbAJXM-fFwIkS3Sf7VNqmI-vAJi4KjDnMiIA3F*xcjQjnJzpBXucOh*xLv6ZEWeCBOFYRhOTHfJFdo2NbrD8EOaG74TAPZe00ga2XvTjJaTcvObTYVR395EHdK2OzK0hU9Fo1JbImOUxvhm1OtMUaDJR4gGaDykhBW2R6ED74pzaQthdl7GLReTaUcOS901o5LOkDca7hNfM9ks93-AC9K-kD4EysdHr*89ZjahKmaxPRACxA5N44fcndd-ok2t*qQHKMNPYGbB9qruiToqUKzJbAAmDvO8JAZsquaTF73*dcnJ9wsel1UFwH1jEBIEE2L6ZCuoQhryefQPnATesXMLFm7Obfr-R1dBhz-XFe4a3pQohrTrJjcMRMphZ1CygXJvKHah05jERtOk9aeb*pa5xYTUeO8Z7qZXlPB692lLwYDUmUHAO1nOPnjgR7Lx10ZzEdGY77qoQNAs6EzZnvZuWehB0iIqpIpDair9TeyQE4jnsqVSm9lg3ZbfQaiuiZT0enJg5udcjDbFYySzwPPRH1pAhuhfwkQM2M4x7qzvTSR6KtRxosHw5ERl5ECerQq8aY0NpGpjUh3h7vsIlC37368CAAAAuty8CgAAAAA&eurl%5B%5D=OOI6-EoYrmmYhCFCj2ScviTmSCwHqhu4riAu0bnURzen8DNZRefhkMbytjjzF184LvIRuultlIITxWOtheHfHpy12SCmIp99xglTTfLfR4UCAAAAuty8CgAAAAA&seq=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
68228b78d59388c22ab9aeaccedef93b63e80157fbda930ab39ca7d64b3704cb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-begun-impressionid
61d1f-a48eb-fff79
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
1bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
633
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
userip
ssp.rambler.ru/ Frame ACD9 		13 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
/
kraken.rambler.ru/cnt/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=cv&pid=648840&rid=1641129101.186-1681459512&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=247252996&cv=rec%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Ablockinit%253A%253A204bf2309def4decbf57d5c88bf9af5c%253A%253Anull%253A%253Anull%253A%253Anull%253A%253ARCM-E4FF%253A%253ARCM-E4FF%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Ahttps%253A%252F%252Fugt7s7.ru%252Fwhome.html%253A%253Anull%253A%253Anull%253A%253Anull%253A%253A1641129101656-67c27a19e08cf-2132959221%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Afalse%253A%253Anull%253A%253Anull%3Dpub4056685&eid=7667291016577557&stid=295039877_1641129101187&sn=1&sen=4&en=4&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
counter2
top-fwz1.mail.ru/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00001069-46ef-f99f-17d0-390406878420
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
  • https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=3082612;pid=4303D065A92100D21002618BF744484C
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
/
an.yandex.ru/mapuid/ramblerssp/ Frame ACD9 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/?00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:42 GMT
match
ads.betweendigital.com/ Frame ACD9
Redirect Chain
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00001069-46ef-f99f-17d0-390406878420
  • https://px.adhigh.net/p/cm/btw
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usPwgLEKAG0x.AikABlF-GurMLg
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usPwgLEKAG0x.AikABlF-GurMLg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=usPwgLEKAG0x.AikABlF-GurMLg
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
set
sync.rambler.ru/ Frame ACD9
Redirect Chain
  • https://rambler-sync.rutarget.ru/sync?00001069-46ef-f99f-17d0-390406878420
  • https://sync.rambler.ru/set?partner_id=segmento&id=BWYBdhQcYeFI
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=segmento&id=BWYBdhQcYeFI
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Location
https://sync.rambler.ru/set?partner_id=segmento&id=BWYBdhQcYeFI
Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
set
sync.rambler.ru/ Frame ACD9
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00001069-46ef-f99f-17d0-390406878420&b...
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.12.0
location
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
sync
statsb.nativeroll.tv/nr/ Frame ACD9
Redirect Chain
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00001069-46ef-f99f-17d0-390406878420
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D888
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=888
0
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=888
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
95.163.53.109 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
statsd.nativeroll.tv
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.12.0
location
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=888
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
pixel.gif
sync.1dmp.io/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00001069-46ef-f99f-17d0-390406878420
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4
  • https://cm.g.doubleclick.net/pixel?google_nid=cleverdata_dmp&google_cm
  • https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
35 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-213-228.clients.your-server.de
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-type
image/gif
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.1dmp.io/pixel.gif?cid=ea2e91f7-8a00-4c54-b3fa-ab0f3dcf1585&pid=w&uid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_gid=CAESEOXYH7lx82IjGvK4ZTXoF98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
begun-sync.rutarget.ru/ Frame ACD9
Redirect Chain
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420
  • https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
35 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
80.64.106.149 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr4.rutarget.ru
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

Location
https://begun-sync.rutarget.ru/sync?ssp_user_id=00001069-46ef-f99f-17d0-390406878420&check-cookie=true
Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
cm
creativecdn.com/rambler/ Frame ACD9 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/rambler/cm?pi=rambler&userId=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT, Sun, 02 Jan 2022 13:11:42 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
tms.dmp.wi-fi.ru/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00001069-46ef-f99f-17d0-390406878420
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
35 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.220.120.21 Moscow, Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length
35
expires
0

Redirect headers

location
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
rambler
exchange.buzzoola.com/cookiesync/ssp/ Frame ACD9 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif
p
rmb.ops.beeline.ru/ Frame ACD9 		35 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rmb.ops.beeline.ru/p?ssp=rmb&id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.35
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
rambler
sync.dmp.otm-r.com/match/ Frame ACD9 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/rambler?id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx/1.17.6
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame ACD9 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=5&external_id=00001069-46ef-f99f-17d0-390406878420
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
A-6zwXWSS4Omzzk3GcI8wA
an.yandex.ru/mapuid/dmptinkoff/ Frame ACD9
Redirect Chain
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00001069-46ef-f99f-17d0-390406878420
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1
  • https://sync.datamind.ru/cookie/emitter?source=yandex_dmp&nolog=true
  • https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3433113589
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3433113589
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:42 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3433113589
date
Sun, 02 Jan 2022 13:11:42 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
rambler
px.adhigh.net/p/cm/ Frame ACD9
Redirect Chain
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420
  • https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
193.232.150.70 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp14.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/rambler?u=00001069-46ef-f99f-17d0-390406878420&bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
PObOIpbVSpOx_zG9Tqg4ag
an.yandex.ru/setud/mts_banner/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00001069-46ef-f99f-17d0-390406878420
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4&bounce=1
  • https://sm.rtb.mts.ru/p?ssp=aidata&id=aNr8Sb1AahXDY9Sr%2F1Yl0g
  • https://sm.rtb.mts.ru/match/second?ssp=51&exu=aNr8Sb1AahXDY9Sr%2F1Yl0g
  • https://tech.rtb.mts.ru/?dsp_uid=3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FPObOIpbVSpOx_zG9Tqg4ag%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/PObOIpbVSpOx_zG9Tqg4ag?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g&sign=3556300022
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/PObOIpbVSpOx_zG9Tqg4ag?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g&sign=3556300022
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:43 GMT

Redirect headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/PObOIpbVSpOx_zG9Tqg4ag?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g&sign=3556300022
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
index.js
sandbox.ssp.rambler.ru/pixels/ Frame ACD9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=1718755599
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/sandbox(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.150.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
92d57892ed4ad0cc9171a682cbd0b60ff3636da26b294fa7a8159406f20e54f4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 15:10:11 GMT
server
nginx
etag
W/"61c9d753-78c"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-passed
0bal1
content-type
application/x-javascript
i
dmg.digitaltarget.ru/1/7009/i/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND2080694681
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
  • https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
  • https://sync.rambler.ru/set?partner_id=vi&id=m11rWhSYPAx8HqH7Qer0
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

location
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
static.gif
stats.mos.ru/ Frame ACD9
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1353788000
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
212.11.155.166 Moscow, Russian Federation, ASN8901 (Moscow Mayors Office, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
ExtensionReferer, x-requested-with, x-requested-by, x-caller-id, Content-Type
content-length
43

Redirect headers

location
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
jsapi
smi2.ru/newdata/ 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://smi2.ru/newdata/jsapi?action=news
Requested by
Host: static.smi2.net
URL: https://static.smi2.net/static/jsapi/jsapi.v5.6.0.ru_RU.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.198.132 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
ads5-3.sselp11.imcmdb.net
Software
nginx /
Resource Hash
c0a1362e7667fffd5674baa98fed00df12be3df5252276d0e19852520adf2e88

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
multipart/form-data

Response headers

Pragma
no-cache
Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Last-Modified
Sunday, 02-Jan-2022 13:11:42 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://ugt7s7.ru
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
X-Node
ads5-3sselp11
settings
stat.media/counter/ 		672 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/settings?payload=CJrtAhIkOGUzMmE5YjYtNjY0Zi00YTQ0LWI1YTMtMWRiNDc1MDIzMzBkGN2Tq9fhLyIkODllNTY1M2ItZjcyYi00MjE2LTg0NTQtOGIyZGRmMDU3MjM4&cb=_callbacks____0kxx9w7qd
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
7ddd4adb7a58a31725eced4db67d1d83c98df30224444d21c3cb542fa04dc3b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ Frame 2884 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 203 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 5AE6 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 878 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 707 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 985D 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 664 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame D938 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 949 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
188282
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/188282?page-url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A663309628519%3Ahid%3A684129221%3Az%3A0%3Ai%3A20220102131141%3Aet%3A1641129102%3Ac%3A1%3Arn%3A797295083%3Arqn%3A2%3Au%3A164112910210726334%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1641129099569%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641129102%3At%3ANh%E1%BB%AFng%20%C4%91i%E1%BB%81u%20b%E1%BA%A1n%20c%E1%BA%A7n%20bi%E1%BA%BFt%20v%E1%BB%81%20c%C3%A1%20c%C6%B0%E1%BB%A3c%20th%E1%BB%83%20thao%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20c%C3%A1ch%20%C4%91%E1%BA%B7t%20c%C6%B0%E1%BB%A3c%20ch%C3%ADnh%20x%C3%A1c%20cho%20ng%C6%B0%E1%BB%9Di%20m%E1%BB%9Bi%20b%E1%BA%AFt%20%C4%91%E1%BA%A7u%2C%20m%E1%BA%B9o%20-%20Gi%E1%BA%A3i%20v%C3%B4%20%C4%91%E1%BB%8Bch&t=gdpr(14)aw(1)lt(27500)ti(2)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Sun, 02-Jan-2022 13:11:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ugt7s7.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 02-Jan-2022 13:11:42 GMT
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 99 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
/
kraken.rambler.ru/cnt/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=cv&pid=648840&rid=1641129101.186-1681459512&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=904600172&cv=rec%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Apageview%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Anull%253A%253ARCM-E4FF%253A%253ARCM-E4FF%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Ahttps%253A%252F%252Fugt7s7.ru%252Fwhome.html%253A%253Anull%253A%253Anull%253A%253Anull%253A%253A1641129101656-67c27a19e08cf-2132959221%253A%253Anull%253A%253Anull%253A%253Anull%253A%253Afalse%253A%253Anull%253A%253Anull%3Dpub4056685&eid=7887291016577646&stid=295039877_1641129101187&sn=1&sen=3&en=3&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
smi2.ru/cookiematching/ 		43 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDhlMzJhOWI2LTY2NGYtNGE0NC1iNWEzLTFkYjQ3NTAyMzMwZBoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjQxMTI5MTAxNzg5Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDg5ZTU2NTNiLWY3MmItNDIxNi04NDU0LThiMmRkZjA1NzIzOBoILnNtaTIucnUiAS8oiA4%3D&rnd=1641129102463
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.198.132 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
ads5-3.sselp11.imcmdb.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Date
Sun, 02 Jan 2022 13:11:42 GMT
Last-Modified
Sunday, 02-Jan-2022 13:11:42 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection
close
Content-Length
43
Expires
Sun, 02 Jan 2022 13:11:42 GMT
/
smi2.net/cookiematching/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDhlMzJhOWI2LTY2NGYtNGE0NC1iNWEzLTFkYjQ3NTAyMzMwZBoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY0MTEyOTEwMTc4ORoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkODllNTY1M2ItZjcyYi00MjE2LTg0NTQtOGIyZGRmMDU3MjM4Ggkuc21pMi5uZXQiAS8oiA4%3D&rnd=1641129102463
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
smi2adm2-1.ssel27.imcmdb.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
Connection
keep-alive
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 2884 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 5AE6 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 985D 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame D938 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:42 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		28 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ugt7s7.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
041ded233f2298062bd23064158751a7c6e88f21fc0b02b7df620da3484a3094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:42 GMT
9754748.jpeg
static3.smi2.net/img/192x192/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9754748.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
5a374c857cedf9cfd88a7958eca6b6751cddd3c19130ab9fbc7364c8e2cbc4df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cd8dfc-8d0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19541
Expires
Sat, 30 Dec 2023 10:47:08 GMT
9743959.jpeg
static1.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9743959.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
f03cc6e6183c14fc1938c5a87c9366c3d06364cb4ed7678bc8fb3030c82e995c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c981dd-980c6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13004
Expires
Wed, 27 Dec 2023 09:07:22 GMT
9384906.jpeg
static6.smi2.net/img/192x192/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9384906.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
94b572bf0146e7b387b8a488ec1924a969bd7f1349b9c519b292672029ebcf7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"613f196d-13e24"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20723
Expires
Tue, 26 Dec 2023 09:09:42 GMT
9589091.jpeg
static2.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/192x192/9589091.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.28 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-2.sser2.imcmdb.net
Software
nginx /
Resource Hash
6a163c4c6ec0cd3748096cce22097324784485b142278d683019e2fd99157714

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"618e9acb-4d6f7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16256
Expires
Thu, 14 Dec 2023 12:15:23 GMT
9742849.jpeg
static7.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9742849.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
ecf3d38aee83ae02119fc5c586dfc23331ba49198a3332e80a3c3abfcb389058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c9152b-116aa"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16429
Expires
Wed, 27 Dec 2023 01:22:34 GMT
9715272.jpeg
static6.smi2.net/img/192x192/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9715272.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
b1beea78a7c215a41f6db6a8a8c52d20bfb9f5897a19f25749d223f3ea8e1546

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61bd998e-2cb04"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20151
Expires
Mon, 18 Dec 2023 08:21:09 GMT
9754958.jpeg
static2.smi2.net/img/192x192/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/192x192/9754958.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.28 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-2.sser2.imcmdb.net
Software
nginx /
Resource Hash
33401584374b1498e38b98fdf8e23a0397dbcf3afe993a587b31f79cbbb2684a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cd988b-216b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27547
Expires
Sat, 30 Dec 2023 11:33:54 GMT
9752070.jpeg
static8.smi2.net/img/192x192/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/9752070.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
82a39779b117d411dbcf0c8cb4e327ee28cfb4a579cbf0295c043d45cbc3a842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cc63bf-6d72"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12564
Expires
Fri, 29 Dec 2023 13:34:58 GMT
9218556.jpeg
static3.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9218556.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
6cdc824227f1260a106038627a52010d2c31ff5415822ef9b9e247bfcdef9f26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"60f82b9f-3e360"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13160
Expires
Tue, 08 Aug 2023 13:39:45 GMT
9761605.jpeg
static7.smi2.net/img/192x192/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9761605.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
61958968b3142d572f23147214b00cf6c7b3a7eea430e34e7a8f72bf52c7d585

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61d1516d-9f14"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14615
Expires
Tue, 02 Jan 2024 07:17:27 GMT
9761745.jpeg
static1.smi2.net/img/192x192/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9761745.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
fe768d39b56b1b4d18729812fc52dfb044da0734df5bd6c3944a39c078cc287b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61d15bbe-dcc6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15401
Expires
Tue, 02 Jan 2024 08:01:37 GMT
9738880.jpeg
static6.smi2.net/img/192x192/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9738880.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
bdf71a61d110f7920e0f09d7807adcb7695e0e70ecd5b40443ce75e9f3c24986

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c6fa8c-35fd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11273
Expires
Mon, 25 Dec 2023 11:05:04 GMT
9762554.jpeg
static5.smi2.net/img/192x192/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.smi2.net/img/192x192/9762554.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
3b9fee0274708a6bb0a1dc8d0ee0917f76b7d3ee2aee7a3ec7816e196be7440a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61d1a430-a7b78"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14847
Expires
Tue, 02 Jan 2024 13:10:34 GMT
9741686.jpeg
static7.smi2.net/img/192x192/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9741686.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
dd8ba1ea05ba97834f9e032e431c4435bade0e277e48ed46b5704528271b1dec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c883b6-1d096"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14411
Expires
Tue, 26 Dec 2023 15:01:53 GMT
9758750.jpeg
static3.smi2.net/img/192x192/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9758750.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
6430c8ab9f83be322f9491e515f6360d62dfb480a7eac1682e61b128318db9ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cf5be0-736e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17123
Expires
Mon, 01 Jan 2024 07:23:44 GMT
9760521.jpeg
static3.smi2.net/img/192x192/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9760521.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
d49499747d8bb7e66d3d8aa7c28e62ed8e676543997ef842cb2c0799354bdee2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61d069b9-8a71"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17283
Expires
Mon, 01 Jan 2024 14:49:30 GMT
9750960.jpeg
static1.smi2.net/img/192x192/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9750960.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
3bf889f44b8cecc3dbaed3fe1aea659186f39222e1b8d8b2bbb0743ce1ac696b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cc25b4-827a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19367
Expires
Fri, 29 Dec 2023 09:10:58 GMT
8994091.jpeg
static8.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/8994091.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
3c343f634912be8aef1c6319335ef52db52112a754ba1337464b1966e6009cb6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"60a12723-3a854"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16541
Expires
Wed, 20 Dec 2023 18:52:23 GMT
9722990.jpeg
static6.smi2.net/img/192x192/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9722990.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
a6a577e93ea5adf741c96f6299d6681df07c9f6876e83680dea178fdc0638992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c0d1c5-2ab5f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16767
Expires
Wed, 20 Dec 2023 18:56:36 GMT
9633229.jpeg
static8.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/9633229.jpeg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
dac617021f15d67da4f7d7b41ff795051b39b4bcf0098b491ebb8efc15e19f64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"619f5d45-3119e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12844
Expires
Wed, 27 Dec 2023 13:18:13 GMT
9754748.jpeg
static3.smi2.net/img/192x192/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9754748.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
5a374c857cedf9cfd88a7958eca6b6751cddd3c19130ab9fbc7364c8e2cbc4df

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cd8dfc-8d0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19541
Expires
Sat, 30 Dec 2023 10:47:08 GMT
9743959.jpeg
static1.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9743959.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
f03cc6e6183c14fc1938c5a87c9366c3d06364cb4ed7678bc8fb3030c82e995c

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c981dd-980c6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13004
Expires
Wed, 27 Dec 2023 09:07:22 GMT
9384906.jpeg
static6.smi2.net/img/192x192/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9384906.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
94b572bf0146e7b387b8a488ec1924a969bd7f1349b9c519b292672029ebcf7d

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"613f196d-13e24"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20723
Expires
Tue, 26 Dec 2023 09:09:42 GMT
9589091.jpeg
static2.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/192x192/9589091.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.28 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-2.sser2.imcmdb.net
Software
nginx /
Resource Hash
6a163c4c6ec0cd3748096cce22097324784485b142278d683019e2fd99157714

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"618e9acb-4d6f7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16256
Expires
Thu, 14 Dec 2023 12:15:23 GMT
9742849.jpeg
static7.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9742849.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
ecf3d38aee83ae02119fc5c586dfc23331ba49198a3332e80a3c3abfcb389058

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61c9152b-116aa"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16429
Expires
Wed, 27 Dec 2023 01:22:34 GMT
9715272.jpeg
static6.smi2.net/img/192x192/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9715272.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
b1beea78a7c215a41f6db6a8a8c52d20bfb9f5897a19f25749d223f3ea8e1546

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61bd998e-2cb04"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20151
Expires
Mon, 18 Dec 2023 08:21:09 GMT
9754958.jpeg
static2.smi2.net/img/192x192/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static2.smi2.net/img/192x192/9754958.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.28 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-2.sser2.imcmdb.net
Software
nginx /
Resource Hash
33401584374b1498e38b98fdf8e23a0397dbcf3afe993a587b31f79cbbb2684a

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61cd988b-216b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27547
Expires
Sat, 30 Dec 2023 11:33:54 GMT
9752070.jpeg
static8.smi2.net/img/192x192/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/9752070.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
82a39779b117d411dbcf0c8cb4e327ee28cfb4a579cbf0295c043d45cbc3a842

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61cc63bf-6d72"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12564
Expires
Fri, 29 Dec 2023 13:34:58 GMT
9218556.jpeg
static3.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9218556.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
6cdc824227f1260a106038627a52010d2c31ff5415822ef9b9e247bfcdef9f26

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"60f82b9f-3e360"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13160
Expires
Tue, 08 Aug 2023 13:39:45 GMT
9761605.jpeg
static7.smi2.net/img/192x192/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9761605.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
61958968b3142d572f23147214b00cf6c7b3a7eea430e34e7a8f72bf52c7d585

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61d1516d-9f14"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14615
Expires
Tue, 02 Jan 2024 07:17:27 GMT
9761745.jpeg
static1.smi2.net/img/192x192/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9761745.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
fe768d39b56b1b4d18729812fc52dfb044da0734df5bd6c3944a39c078cc287b

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:42 GMT
Server
nginx
ETag
W/"61d15bbe-dcc6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15401
Expires
Tue, 02 Jan 2024 08:01:37 GMT
9738880.jpeg
static6.smi2.net/img/192x192/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9738880.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
bdf71a61d110f7920e0f09d7807adcb7695e0e70ecd5b40443ce75e9f3c24986

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61c6fa8c-35fd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11273
Expires
Mon, 25 Dec 2023 11:05:04 GMT
9762554.jpeg
static5.smi2.net/img/192x192/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static5.smi2.net/img/192x192/9762554.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
3b9fee0274708a6bb0a1dc8d0ee0917f76b7d3ee2aee7a3ec7816e196be7440a

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61d1a430-a7b78"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14847
Expires
Tue, 02 Jan 2024 13:10:34 GMT
9741686.jpeg
static7.smi2.net/img/192x192/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static7.smi2.net/img/192x192/9741686.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.234.27 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-1.sser2.imcmdb.net
Software
nginx /
Resource Hash
dd8ba1ea05ba97834f9e032e431c4435bade0e277e48ed46b5704528271b1dec

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61c883b6-1d096"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14411
Expires
Tue, 26 Dec 2023 15:01:53 GMT
9758750.jpeg
static3.smi2.net/img/192x192/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9758750.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
6430c8ab9f83be322f9491e515f6360d62dfb480a7eac1682e61b128318db9ba

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61cf5be0-736e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17123
Expires
Mon, 01 Jan 2024 07:23:44 GMT
9760521.jpeg
static3.smi2.net/img/192x192/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static3.smi2.net/img/192x192/9760521.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.245 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa66.imcmdb.net
Software
nginx /
Resource Hash
d49499747d8bb7e66d3d8aa7c28e62ed8e676543997ef842cb2c0799354bdee2

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61d069b9-8a71"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17283
Expires
Mon, 01 Jan 2024 14:49:30 GMT
9750960.jpeg
static1.smi2.net/img/192x192/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.smi2.net/img/192x192/9750960.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.201.55.243 Reichartshausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-1.sfa65.imcmdb.net
Software
nginx /
Resource Hash
3bf889f44b8cecc3dbaed3fe1aea659186f39222e1b8d8b2bbb0743ce1ac696b

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61cc25b4-827a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19367
Expires
Fri, 29 Dec 2023 09:10:58 GMT
8994091.jpeg
static8.smi2.net/img/192x192/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/8994091.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
3c343f634912be8aef1c6319335ef52db52112a754ba1337464b1966e6009cb6

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"60a12723-3a854"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16541
Expires
Wed, 20 Dec 2023 18:52:23 GMT
9722990.jpeg
static6.smi2.net/img/192x192/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static6.smi2.net/img/192x192/9722990.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.212.252.75 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
cdn4-3.sser5.imcmdb.net
Software
nginx /
Resource Hash
a6a577e93ea5adf741c96f6299d6681df07c9f6876e83680dea178fdc0638992

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"61c0d1c5-2ab5f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16767
Expires
Wed, 20 Dec 2023 18:56:36 GMT
9633229.jpeg
static8.smi2.net/img/192x192/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static8.smi2.net/img/192x192/9633229.jpeg
Requested by
Host: smi2.ru
URL: https://smi2.ru/data/js/97002.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn4-4.sfa66.imcmdb.net
Software
nginx /
Resource Hash
dac617021f15d67da4f7d7b41ff795051b39b4bcf0098b491ebb8efc15e19f64

Request headers

Referer
https://ugt7s7.ru/whome.html
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
ETag
W/"619f5d45-3119e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12844
Expires
Wed, 27 Dec 2023 13:18:13 GMT
/
kraken.rambler.ru/cnt/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=cv&pid=7040998&rid=1641129101.353-11154169&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cb&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=545277569&cv=prime_enabled%3Dfalse&eid=4972291016537967&stid=480538276_1641129101353&sn=1&sen=3&en=3&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
capirs_async.js
ssp.rambler.ru/ Frame ACD9 		578 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/capirs_async.js
Requested by
Host: sandbox.ssp.rambler.ru
URL: https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=1718755599
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
b43e2c60c1c7c0ac47463df85db69c8a8eddf2ef65c884f98eaa327a0aa635a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
last-modified
Thu, 16 Dec 2021 10:19:39 GMT
server
nginx
etag
W/"61bb12bb-90893"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=60
x-passed
0bal1
content-type
application/x-javascript
expires
Sun, 02 Jan 2022 13:12:42 GMT
/
kraken.rambler.ru/cnt/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pvm&pid=648840&rid=1641129101.186-1681459512&tid=t1.648840.2133838648.1641129101187&v=1.25.11&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cd&aduid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&aduidsc=ugt7s7.ru&rn=1078544&mp=%7B%22sch%22%3A%22ld%22%2C%22type%22%3A%22Article%22%2C%22title%22%3A%22%D0%A7%D1%82%D0%BE%20%D0%BD%D1%83%D0%B6%D0%BD%D0%BE%20%D0%B7%D0%BD%D0%B0%D1%82%D1%8C%20%D0%BE%20%D1%81%D1%82%D0%B0%D0%B2%D0%BA%D0%B0%D1%85%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%3A%20%D0%B8%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%B8%20%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D0%B8%D1%87%D0%BA%D0%BE%D0%B2%22%2C%22des%22%3A%22%D0%9E%D0%B1%D1%8A%D1%8F%D1%81%D0%BD%D1%8F%D0%B5%D0%BC%2C%20%D0%BA%D0%B0%D0%BA%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D0%B0%2C%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B8%20%D0%B8%D0%B3%D1%80%D0%BE%D0%BA%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D1%80%D0%B8%D0%BD%D1%86%D0%B8%D0%BF%D1%8B%20%D0%B2%D0%B5%D0%B4%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%B0%20%D0%B4%D0%BB%D1%8F%20%D1%81%D1%82%D0%B0%D0%B2%D0%BE%D0%BA.%22%2C%22dpub%22%3A%222020-06-10T21%3A45%3A08%2B03%3A00%22%2C%22dmod%22%3A%222021-02-11T15%3A20%3A00%2B03%3A00%22%2C%22thm%22%3A%22%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%22%2C%22arth%22%3A6020%2C%22artst%22%3A1160%2C%22arts%22%3A8093%2C%22artw%22%3A1765%2C%22img%22%3A3%2C%22anm%22%3A%22%D0%92%D0%B8%D1%82%D0%B0%D0%BB%D0%B8%D0%B9%20%D0%93%D0%B0%D0%BB%D1%83%D1%89%D0%B0%D0%BA%22%2C%22aurl%22%3A%22%23authors%2F4171%2F1.html%22%2C%22url%22%3A%22%23bets%2Farticle-4056685-chto-nuzhno-znat-o-stavkah-na-sport-novichku-kak-pravilno-delat-stavki-nachinajuschim-sovety.html%22%7D&rf&eid=3933291014611114&stid=295039877_1641129101187&sn=1&sen=2&en=2&fp_scope=1&fid=pA8AAENKs1cs64goAZD%2F2QA%3D&fip=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
integrator.js
adservice.google.de/adsid/ Frame 2884 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2884 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2884 		89 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3804482334251860&correlator=1538300668268822&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C100x70_nomain&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=970x250&prev_scp=sspimpressionid%3D61d1f-a48ea-ff825%26sspnext%3D1&eri=2&cookie_enabled=1&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129102&dt=1641129102707&dlt=1641129102347&idt=343&frm=23&biw=1600&bih=1200&isw=1050&ish=250&oid=2&adxs=275&adys=7228&adks=488263064&ucis=nbfb8lymjrz6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1050x250&msz=1050x0&ga_vid=1209249001.1641129103&ga_sid=1641129103&ga_hid=1242207437&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6091257875be8caffc291e2b5476a2136ca81de5420a640598e5331c496f33c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26048
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12B8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
userip
ssp.rambler.ru/ Frame ACD9 		13 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
x-passed
0bal1
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
gen_204
pagead2.googlesyndication.com/pagead/ Frame D938 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=2139386656920698&vrg=2021120601&nw_id=21758191093&nslots=1&eid=31063377%2C31063899%2C31063915&pub_url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame D938 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D938 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D938 		51 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2139386656920698&correlator=3365631760258655&output=ldjh&impl=fif&eid=31063377%2C31063899%2C31063915%2C31061167&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C240x400_2&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x300%7C250x250%7C300x600%7C240x400%7C160x600&prev_scp=sspimpressionid%3D61d1f-a48eb-fff79%26sspnext%3D1&eri=2&cookie_enabled=1&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129102&dt=1641129102771&dlt=1641129102409&idt=354&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1025&adys=5973&adks=2816043986&ucis=dtg7h3lbduei&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=1677615637.1641129103&ga_sid=1641129103&ga_hid=1628546987&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
025768f1e2e2b05ac6211f57180812df5fbba6398de0eda4acca13f4532ab6fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11520
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 5AE6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5AE6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5AE6 		18 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=780548868867571&correlator=3279439085457300&output=ldjh&impl=fif&eid=31063915&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90%7C970x90&prev_scp=sspimpressionid%3D61d1f-a48df-b8e7f%26sspnext%3D1&eri=2&cookie_enabled=1&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129102&dt=1641129102784&dlt=1641129102365&idt=413&frm=23&biw=1600&bih=1200&isw=1050&ish=90&oid=2&adxs=275&adys=1116&adks=719550019&ucis=r42wv3rj5m8n&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1050x90&msz=1050x0&ga_vid=348061956.1641129103&ga_sid=1641129103&ga_hid=1576405092&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8271
x-xss-protection
0
google-lineitem-id
5433168605
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138327599466
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2343 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 985D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 985D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 985D 		100 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=391207100571439&correlator=1372639767842837&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C100x240&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90&prev_scp=sspimpressionid%3D61d18-a48e7-76a09%26sspnext%3D1&eri=2&cookie_enabled=1&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129102&dt=1641129102798&dlt=1641129102403&idt=387&ea=0&frm=23&biw=1600&bih=1200&isw=735&ish=90&oid=2&adxs=275&adys=6086&adks=2751744399&ucis=6i62d3k3c4ly&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=735x90&msz=735x0&ga_vid=1088879383.1641129103&ga_sid=1641129103&ga_hid=388031247&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ff880ca3d57b793716c15f500d7df3dc6d56172dead2eb16e2bb683e00dc3508
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26457
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
context.jsp
ssp.rambler.ru/ Frame ACD9 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=441920592&first=1&frm_level=1&frm_top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&block_id=441920596&screenw=1600&screenh=1200&winw=0&winh=0&rq=0&rq_sess=4AE8CC4E08C2ACB6E83729F0E6780034&secure=1&vcapirs=32_1_0&jparams=%7B%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nLPJKMnNseOyyUhNTLGzKcksyUm1s9GH0WBRLpuk_JRKIKUPoyF6AEs7Eu0%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=8&left=8&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAI2k0WGTmqOIAUcF2gA%3D&adtech_uid=bc30a6f5-8838-4c72-ba14-4712d1bf0986&adtech_uid_scope=ugt7s7.ru&callback=Begun_Autocontext_saveFeed1&ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&url=https%3A%2F%2Fugt7s7.ru%2Fcss%2Fsandbox(1).html
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
1375eb50abd04888ab5d23bf9209c10b689551a405e530c054cec7c110b6ab54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:42 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
4419
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_not_reserved&pvsid=4409916342505293&vrg=2021120601&nw_id=21758191093&nslots=2&eid=31063378%2C21064365&pub_url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&inViewport=true&depth=0
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4409916342505293&correlator=2181561747543301&output=ldjh&impl=fifs&eid=31063378%2C21064365&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C300x600%2CPMP&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=300x600%7C2x1&prev_scp=sspimpressionid%3D61d1f-a48dc-371ea%26sspnext%3D1%26segments%3D%252C%252C%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1640780039&dt=1641129102891&dlt=1641129100189&idt=2681&frm=20&biw=1600&bih=1200&oid=2&adxs=1025&adys=3697&adks=1158245606&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=2118477742.1641129103&ga_sid=1641129103&ga_hid=1390137062&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e42e168b64cb8a3867ee39f7c7455a953787f0137b239fac00a47b1186e0c6b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8278
x-xss-protection
0
google-lineitem-id
4949220436
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138259250529
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4409916342505293&correlator=2181561747543301&output=ldjh&impl=fifs&eid=31063378%2C21064365&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2CBillboard%2CPMP&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=970x250%7C1x1&prev_scp=sspimpressionid%3D61d1f-a48da-e3bc2%26sspnext%3D1%26segments%3D%252C%252C%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1640780039&dt=1641129102895&dlt=1641129100189&idt=2681&frm=20&biw=1600&bih=1200&oid=2&adxs=260&adys=85&adks=705290732&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1080x0&msz=1080x0&ga_vid=2118477742.1641129103&ga_sid=1641129103&ga_hid=1390137062&ga_fc=false&fws=4&ohw=1080&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
40a47acbcda4fe9d7aa358e39b8e851f59a58fd40f227f3b67e7465f13871565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8298
x-xss-protection
0
google-lineitem-id
4949863091
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138324056191
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
blockstat_post
ssp.rambler.ru/ Frame ACD9 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2884 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
867fc76ca79f54a7e22dff7512e52893b333fd5487dd20035ff2187f4518de1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8434
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D938 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d2c6650eb20b5fac28d5ae63f3bdb04a70a3b093d0cf20c614d74952c239c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8577
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5AE6 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 985D 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d074583ff8f44c8d69ac5715c8ffad5554b2b52da3f06639ce857329f31e23a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8412
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2E67 		0
0
file.jsp
img02.ssp.rambler.ru/ 		547 B
876 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=schCveQWMLPJIlxbIvm6KCGOmGwXDJ3jRCQyDVbNXmVU7iuR3rz-WA7j5fUs452t8HsGXZIFkM9jXaZvZ75hENpfnS4G94UTefNnLY8Ps0tDxC2QTMqIKA9Lu6yAd-OO*WQzxshpjg8pDLkY1gzL7TMPEpdaM-H-DQ-*65FKCXTT-WHurAd8GQHdyPN88lqlLZ5ghl01gDisNcofSqCbvRYzEztBZGQNmVS-LPXz9muyCyysBY1*cRi7BHFj*hmktW3Y4HyI00R2gY78wKEz4fNdIqoVFfWiHWb8hWgDmNfjU88LgAxPU*rOAXDKriZ01eleTO3ibxYffzuWF9r4nidfsk9DWQDb3tWh1h34PHriHDtnPiKuQWoMIf5UsIqL5GyW3r87aPp5I*NCAIWgapW5AwhuFzahinhfrrfHDNM4Fc8LSQpAfwtMZSnKSe*obbxnsoEAIp0uwmeZQYhz4W1JqTHg1Pm*8mV4aqQo4kzZU7LM7gL3FemlMTk6GW78xX1cPLum5TJNf*nWfnSuD-KsX9ZOk5sngj2yyPacONrCLmzfP4hazm1aW8G80o1n1czwtySNUmIF9kC*kGGTJvTp-PSo2BHBuOapGVRA9MTNc8B3B7VoI794VgaW4P1HEPW80YzLTWYa9XjS3fSQhLlMViK618M-YmcYZhkdXQq-*OQNdIcuMb8rygd02lpzUpS*hS7eSkZjfP8RRog6Hvo8J8pbajvjh4fcMUJ1hZCOVf7ztd7wrFQOhAyUJATZQZtxaJHe*-cTmhsJUNL-QEmwLwLhXz5m2GfiVbkVxR2uM0IFDuAAEa69wsXl3g1KRzgREqKe5ZtBB-dLoUDCeLttWIgPOhjvbpktYW0o0vj0Yb1sQvKg*c5tZFC4IGnx8XdkUmnoMzfqFyCK*h5JYQtnu58*4lnXYNlaxIjgI0y1M0rQgN5LOA9IYkKSKG8vcYC3G-KfkRHadwslckHN2aPrMuMyTQJzLySQAi1gy*Y6AgEmkE2mKuZEx4NRCK33OLUZlFwiIm2Glx57vSKraijBHzu9gi7Z2FwZHBTIxAXaqmjNeP9d2e21rDHud0T0hJPv9xjvLqLfBh*Y59Fo*lKQto9mM8iFHNa2WjEWNgr-i5*G553NTGmSQX5loVe0SUk4FeSE*rA4tfNr0pxrpwQItI1OFhj5YlBuXCT*5Bx09AdAy-Vn7Durnj1c-TN8RWsfos0caQr-XAVd6FXGxoP2KOO2Jb3r3gNr7adfXzosJ-0m9glJDo7WVyj-F6dCLOEE3Ytoi24HPRw006zRAnm0XjjIAyQATYmES-RWqy*-wCsr1hgRhGjlbTfK7L54yLzXj1ApZLYTy8m-xfv5lMGJ*NGX-D9CRcRzjq-VGhk3ouvX-Px2QF0tr9MIuF4LD5wDZ-tMIrZAyPPFyNNuJI8hnMWgN1d6jJTJ3LhLxuCiHcrYBtMrkw-e48ZQHY1OHj3M1ph3yvylHEg9h*sG8rJvFhUtosE4*w-Xr7yHWuiqU739JHt6ntbCtYBH5j2y1SGjqPjZ3C1s-UyU*aV8DZmRYk8ZtDwjy2JZ8v3aaYeDu7LuW7EPJzmnb0ic8ITkwFGKEc0TOFiLQ6VbYyBONgUFWgvhedDmoc-cXB6hxMnImyYjLZl3*SZzGpFHPn0QFo9zVWalXc9bcCDUEHBHhwIAAAC63LwKAAAAAA&eurl%5B%5D=xai*n6QSUck*RL-F8T0lvIxUw4Ycu4yuZOAyFRFs-ANuA7F68mQSRX9lJ4txgekypOROWJNCyzcooKDtzq8dazULegXfgOrI0AWDjdJjfnECAAAAuty8CgAAAAA&seq=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
6fd987d10fe4256736dc603435f5aba78ef968d3361054582d6c085b7c6f610c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
x-begun-impressionid
61d1f-a48da-e3bc2
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
547
view
securepubads.g.doubleclick.net/pcs/ Frame 7B3A 		0
0
file.jsp
img02.ssp.rambler.ru/ 		629 B
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=uiOL0eemiIW7b11y6q12uo*kLW014U7**GuHOrUYEk7eZO2c5wxZnV1hztx9XpGYgopaci-JTekDVyJvWzOalfNvtALCZ7A-koDVHqm7iIaFIb7Jc0QGFd0MdEILv4D0kqwAsiHtALFL9KoBJ4GFttJyBK9*tIml2GZeKkAQjFnUfOdyhjsnUkrl6ZD624Z6QTF2uON-iile-US8-4t08AiahF8QpULr-0bKfPX6M3XFvwtwlXYzxfeZEKwIFRNCtCdfKj4lCHQwixqp9jEF*G2P1WLxa*VV2-PbHRDXUN3jwPf5EE2ohyHch5ll*czef676YI6NlbDyRr0vfVw0TvihWDJ2DM95XnSyZE1BmwtqYmyvJrnvLHbxb2N2ulYW*KXTTDMAzv7r2ISZ6u**3ycVwX*x7M*9DWarUGlkiE9stTE1dyQeuovrVVftEeezhPQ6GBirrL2gNZytMRM-oFg-q71mr6KlWnyvUeawf0pZoK*QN4-RffGcyrZxRVONK55-EO-Rb4SmZEYa62d07N4hnzZo6KfCFnTV51R4DmGHNWRt2-srJJ4nQYhNASbNOmLXq9Gj9DKE6AgodftvpNfunJyCHYvYMCxVhiTf7pVNTWKpM20tQxKCwDk5J-uMzRFXdT0XwZx2Iu97m-be4CkJSzskDV6-I5bQSWCtnZv3t9UtXDNW5C7-LCpijfvmakIomrbW4eTbuKftar3j8YOGFA3N9ovF0hmV1AW25UyKSgC4rjFss85sX0fZza3JYKXGVWpFr4irSG17E4SvPsRuY4Bxxiy25lPsaLhXDyBd2gGCopMR26NUzc90oFtYREcL-ycr832-v3hSpd86x2xdbu6OjRlgKTmPRQqQ-7TGc6qf9iFwAeQSUIQ8Meu68u-nXTTCgzUT*R5wdkcKk2XcEnrJhQuWULpKUTn8gaKZ12Ob9xSiAFB0Z97o4KFDsz-T1jvHbcpV-KVZM*3eT5Dn8PwIrSxGO9xDRY5TLPv3c*49jtuJW37vvNJCHpfCIbnSBV9gvHfi2RjdAfr9eiBcpYpBSeTl8hcANEJCVyXq9etZJ0A7aza50wC8DuZ6W4ZS5WA8jSGfgMxvO3FWt0Lnhf8bguwu1KAtREiwatjeBwRwHoG671h8nn5ayrtb*1cUcKPBuZo3NcA9lPzsmzrr89OY*hIjHv4GzewnsR3lm0cBLURwN1wZH8dYHyQsYOjYBattXxEmYX7ZywSdDGweO-d*Acfw5RMbeUCV-NPso3ru7UyE0LN*KYmK4S4nIZbyCJMJrFgSX-a0Xhzbq2VCtW-6XzZEe41HJBppQ6YxlMT*6F8pb2NYlxKuyWFZSALJcsYR4weJC4-Q5kB2MoErO3VPQN1zDw9hRVh6R8UstMP0STJ3AAtd8mTv3xVSFAhbmUxMq83uothN97Qpc92rizmYmLG0sxHJDB8OEko5MygDHR3vsnpaE*incqjYQvqf-Nidku4afQn3XXHuYAwMYwBWI88zPV5qe1idx3539kp*0hFAU6CiSEBryvNMi-DAD2f7wjuEUekFAP2VakWNuKxSHouIOfbvNviAg4ccpvJ9Hrtlim6d0caVyKCjk06vJeG8HjZnQ12Jj8kTfR2TxQsRAWVeOIVx90EogS0K4Y49jbiCgwNR4WtnZfl3ptOx5DDnT48ttZ6sQWtCOH4uny43ST1LEr4fkzFmHr055x3pw4x7utzzckc2vACz2cAyucyvyDMChi0ORCA6UvrTGiMVLCe6AIyivKGQhFS7W7CuDV-CixXwXVQgX3kFOlVuuWfrjiwbaznUFIZcLiuWCNg3HiM3-XFiJE7xQLkCAAAAuty8CgAAAAA&eurl%5B%5D=ICag4JRqcWiJha3GSq*Id*YYO1UY6zsCgfZ2ENXK0vBdx-XemWBoYwyPMSgZWb2-a9a7Z1PmUe463RGxwfgdGEGvTRWJLGNUttm-h8we-uUCAAAAuty8CgAAAAA&seq=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
d989fc2b6ac051eb809d3cb5b49b113eee9854aa01a449a2e36692c80232ac0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
x-begun-impressionid
61d1f-a48dc-371ea
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-iframe-html; charset=Windows-1251
content-length
629
container.html
29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0648 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 38FC 		0
0
file.jsp
img02.ssp.rambler.ru/ 		561 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=W7ED05ne5NwPDDaSLiS8DO7x*3*tJqriSFzZssYlI7f2BuqiHkoKiZOvUK6Hrj1uftV9Y*60aW1Kn6-FFr-3IpOw1F5TeEOTXF6E*TOZPJRuD9xVc0q0yK-HCM7xu6pz7HNC4KIyJ58ZYoXNvs-bsOWJyL099Axsn4kdWYRU5tIM9pbpVc7E4lA70G0u4fS1rWD5LA6uJJ47OKigY9daUJKs7VJ*XbxkTsdtdweGfKzz65cIc9ZqS64o2ffZHNKHFSSW4J4*X6XoUiAbhkqp5KOg2P*w3rtf42P6qmzBw3ZZU6zH*k4qXp8ng4Z2IzK20sbd5nAPjruZkBRF4Lwn3EbQtTfxs-PyS0evWEItAZ8yf9fb3Np*ETWispsyekYkRiIE*VfKSZDE06vg2S7VIURgvBj-jnGMnLzoy0VEfRPjPoK8u2bT4elyGfsxHS3NKN7aUar3b1rPpxCASaOUyEw0YxuNUeh*t*fpsVvso4Ty*3UhiBObh-N9MHxo-FdKxE9u8HWf0cnDnqTQJ6ZQX9bu8DqZF86Mavi81bqrzQOKbFX7HnbPQXukjpLkOCibVqVPiSYqEfQ6zZadOOiBkZY*E6bHfVioI2dKtGchXaETwoSiWeILPiR4n*06gUKktYkrySImXw9pmDWFlHlgtu5Oo14NLtUt6M32QPTrM86JaEN-eiezzwHvZjfCZz5t9p-8LJ62aqUL2Hj*uYbuEUojm99-ClN0yqq6*Qseb0zLHWNhLkasH*39jd1-szfymP6AM-s6cPrXexUwphVutMuIYpPqla5hDv4GTA-CMeN8FGembum3e4omdBabq0qhyr3hbbTsNcH-1T1B47NEPWQ1N0YPU-bpre6nNwVFkawvCd5niGq*Q5VsfCwevGpVe26tgKZ-5ZdT7n4hE3Uoms7GzHSlvHiwWIUh1GSYRejfGNXBPHkZNHbWRjmuSJYo3m3iuZJX2sTLlPOFIgOvQ75jAJtTxuRnb5NsePWeHjJ7PrFpMV0l9Ejwvn3AdrFOfZJzXW3ulOs7DngAihBE5Cb-V*96bYn6mY6TkqP251bHXrBg*7RIRVGlzg9xQWcHZ*2rotzNIzMPu7K5FvhpL3EmjXE00ALtuT7-YgWqS75EWdsblkqZAVhn5ITVC9wTTNdtaSmXzsm1IJ75cI6EytR5*BDGzXNNNmDemX4EEAM6KFD0oAKel6sKyRbbMc9r2AlcGKKsoEzccgs9Gbek3P6LapYITsG1V-s9thuaJGqgSlUuGMTM5pkd*QWqvT6q3mffmDdbJQLP7flSdUSuAe3Y53YjhKu7OIIV7wjprobbGBtDOsCvA5CTd3inF-g41NyDaeA9Oqgq4DivDgAKoN9qDR2syHWQxqLyzCbbpKEjG0mXPLGgfnHe9vspjHGjj0umJcbEYpvNOa-arGo0drwkPxpK2R-mvuJk7MVWX6toUdEDMzpzkGMzfg2jVZLC2s-y8yP-ptaYT0Zab49hpZzMr6hUW811bFGmXL-BOJF7UIluegPrvDnM-zG3HxnDFqmTEjQrEvLOTKNQdj22RKiL6HwuwYLwcSeHYrDCPY9ckL*N8QGUjYblaFQMOxhG*uvuJy77ys8IFACB4OS9hEmfmecMg2QE8Um6F1jhhH4e-H7arkvWfhqEhc7CAuonEkRcrIxLCuqz99x0JPXmuzoajxz2v9iEE6hlk3fiOjn5Lwm7IyhEAEYhD-R-wvbDAgAAALrcvAoAAAAA&eurl%5B%5D=D8dvJdv7R*2SyNaxU63YRCIUXG0acFbdYIxNIst*RgxOZU7aRg2L9YA7t3HrQL-Lh8k9gkiLHXySKeBzM1wUngGv5GiZ1WzO7eXv7Rg29SUCAAAAuty8CgAAAAA&seq=1
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
5c0a87083d278151c970b702b9ae010ce4e3ac9cc8a0483ac30bc55320f2b270
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
x-begun-impressionid
61d1f-a48df-b8e7f
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin
https://ugt7s7.ru
access-control-allow-credentials
true
x-passed
2bal1
content-type
application/x-shared-scripts; charset=Windows-1251
content-length
561
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2884 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D938 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 985D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
sandbox
profile.ssp.rambler.ru/ Frame 9E15 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://profile.ssp.rambler.ru/sandbox?img=dOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA&script=sfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA&img=krCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA&img=YLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA&img=FUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA&img=ZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA&img=Ru3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA&img=fvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA&img=aji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA&img=QV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA&img=zMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA&img=3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA&img=Bb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA&img=jb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA&img=mk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA&img=FbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA&img=PwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA&img=JYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA&img=lRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA&img=xlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
cc7ab88ea375af880a0c70c42c7e0afad39595c96752f34f802c871077e149e9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

server
nginx
date
Sun, 02 Jan 2022 13:11:43 GMT
content-type
text/html; charset=Windows-1251
x-passed
0bal2
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-encoding
gzip
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame DF03 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DF03 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DF03 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DF03 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame DF03 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
css
fonts.googleapis.com/ Frame DF03 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:12:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
css
fonts.googleapis.com/ Frame DF03 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:16:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14570025847804080645/ Frame DF03 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14570025847804080645/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qkChDrohUZ8uFbuvZ7Z2m7sCSV9PA
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
650a667255250a7528a330a3096ea286bf15d8ac3d552e9508d15e96a2a42c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 07:26:49 GMT
x-content-type-options
nosniff
age
107094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10745
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 08:48:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Jan 2023 07:26:49 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17009980130917044718/ Frame DF03 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17009980130917044718/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4ql3BLGdl_WrRPv4rGzLP5Yb6IsMiw
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b158de0533a63f2d9084656a17356d5808fe6b570aab1fddf44ea786641baed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 12:54:08 GMT
x-content-type-options
nosniff
age
433055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24529
x-xss-protection
0
last-modified
Thu, 06 Sep 2018 07:23:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 12:54:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DF03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl4BxjqTRYdKBMoWGlQeH_ofoBrKnpelm3ZT1voYPloLNhYgWEAEg0bOzbWCV-vCBjAegAYTmgPUDyAEGqQJI4RKzhxSzPuACAKgDAcgDCqoE4AFP0KM0C5qVg86wPyMZWCduY0ouETgREzBJoqQ0FJJD9dZb7SoomLHDCotYx0MYcPIRlGgPFQ0DxJtwMIeHv7Rn6llUObWAiKB91oOcBBnM-cw4TwQQbyWCysiGkuXlpaHJgLdhOvGgGVqKruDV_v6dB3HG7YF4ljrc6a0LojU2xu5fKfzZD2dOWPSbuRRbMpqCxBaO-mFr0C2jFbUWTrScx5JBfEkvtMrMRAWqOz69EX4SkhwGa_GpNZh73eoP2VmllTiPJIE6fDYKKYK7U9lvy2FYtn-FGSWyQwfPOQaTRMAEk8fUhd4B4AQBkgUECAQYAZIFBAgFGASgBjeAB73rlA6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDY-QXSCAkIgOGAEBABGB2ACgPICwHYEw2IFAHQFQGAFwGyFx4KHAgAEhRwdWItNDU3MDc2NTIyODIwMTkzMxiC024&sigh=pwc3sNjH9Ys&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF03 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
25926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF03 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
23129
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 03 Jan 2022 06:46:14 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame E53A 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 177 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:43 GMT
blockstat_post
ssp.rambler.ru/ 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 1FA2 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1089 / 838 of 1000 / last-modified: 1639397097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26912
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:43 GMT
container.html
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E34A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:42 GMT
expires
Mon, 02 Jan 2023 13:11:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 0648 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:12:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0648 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0648 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CibuZjqTRYYePLsTF7_UPka2ooAnvu6LpZqGU4dHvDfSSjqD_ChABINGzs21glfrwgYwHoAHSn_DbA8gBCakCSOESs4cUsz7gAgCoAwHIA5sEqgTgAU_QZSufrY7n6xAQpO5CWny89ZtR-uqzps5cKxTg519CvRagfv6_Bfjn7Rm23YaspqyC5NJ7ZfhG6nU2BGJtphZekTuEi2rRMk2do8elJyjaSVSpY492oicwWZlULk7LqmQFGJVX7wy_VyBPPun7W2MS8ozByC_59WbOQEzI6PRUXyKbYEYWRvj-vYHfjvLQtjc0Q-H1EfmnNFuzvVOyFy8wLzuTqkhCqaaTvkd9zd6OR2kaSUSXaSGfF9IAARV9jPgD5ptKntPfHXj0IFfxflfwDbhhefNgR5kRU7nGNLzvwASL9Y_ziwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCRjQvSCAkIgOGAEBABGB2ACgPICwHYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDU3MDc2NTIyODIwMTkzMxiC024&sigh=zFfja_6Y7x4&uach_m=[UACH]&template_id=494
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0648 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0648 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0648 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Jan 2022 13:11:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0648 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:42 GMT
l
www.google.com/ads/measurement/ Frame 0648 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1zUxHfSRQ4O_haysiw1RdFgQ-fVPz6IWBH-UaPndWhFRuWyZKr5clJoPG0nc_K5IfJHMqHv-0Phm3WXDJ0q02dNU4Iw
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 0648 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Mar 2022 22:16:39 GMT
context.js
yandex.ru/ads/system/ 		306 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2c200bef3f01f52f589092abeaf1fae8c9281f55fb630925958c5b1966a00ec7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1641129103268485-8798999030637315411-man1-2508-man-l7-balancer-8080-BAL-204
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 02 Jan 2022 14:11:43 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 0648 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQuCGgToU88Wky0ENwReBBzV1vtNTCWwd8SXudZMmh19XtdnC4zn7c75Tdzvw&usqp=CAI
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79d89f3e5af59f18e9e7154f9439e7c175bf597457dfa3fd845c39d333d5ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:04:26 GMT
x-content-type-options
nosniff
age
432437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34164
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 14:53:53 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 28 Dec 2022 13:04:26 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 0648 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRRFWyIXZg53eul7atG111Tm-pinnUIrcbDcXEpS7T-uEGuUv__6X3gx7lBNV0&usqp=CAI
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcdd57b8203fc69a287e348dab2620faef5a6c5b5b9f1d20817b5d3df5b800d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:22:23 GMT
x-content-type-options
nosniff
age
265760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39295
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 10:30:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Dec 2022 11:22:23 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0648 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQduFOYyWO8La0lc5iiXzP7yFH3ZvtKPe3af3_DXrZiiXqFLQ16EXQuB0LRo4&usqp=CAI
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 11:21:45 GMT
x-content-type-options
nosniff
age
352198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35815
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 11:18:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 29 Dec 2022 11:21:45 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0648 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTxZ9vHxfvig6u1vHdj3ppq08DagvUB60EW4XqXyHkFJqJIid_jRJaZ9Bi7dw&usqp=CAI
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 20:41:44 GMT
x-content-type-options
nosniff
age
59399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31612
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 08:57:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 01 Jan 2023 20:41:44 GMT
16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 0648
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16954104317476786032
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 00:58:44 GMT
x-content-type-options
nosniff
age
303179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34759
x-xss-protection
0
last-modified
Wed, 13 Mar 2019 08:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 00:58:44 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 01 Jan 2022 13:21:28 GMT
x-content-type-options
nosniff
server
cafe
age
85815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 31 Jan 2022 13:21:28 GMT
truncated
/ Frame DF03 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
794904cbadec91868002069ddff438310cc60c88f349a723b24e3fd0dfb223ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF03 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
88166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 01 Jan 2023 12:42:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF03 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
373105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame DF03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
386257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCC2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7CE2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c669e3cf8ddf1b4fb568561f60c115245fc7d440fde24fb47c0a38b2e1935410
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-42r4srAMhmctRr5kPkKSuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:43 GMT
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-42r4srAMhmctRr5kPkKSuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C66E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 84DC 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
18e3db3b393f7206f3807cae77c202999bc83a1ed32a8a613f8ed080254545e2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3m9lUIz0D5XlZXpqW2LX4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:43 GMT
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-3m9lUIz0D5XlZXpqW2LX4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7455 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7F2C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8cc6e6df7c5de34a0c6812c703b297bbb61e454d3b58ca7d9df1a7a372471e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XkKhwM+4Ve+RODTxgpqpJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:43 GMT
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XkKhwM+4Ve+RODTxgpqpJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame E53A 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:43 GMT
pubads_impl_2021120601.js
securepubads.g.doubleclick.net/gpt/ Frame 1FA2 		348 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119476
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 09:34:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 02 Jan 2022 13:11:43 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DF03
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.js
sandbox.ssp.rambler.ru/pixels/ Frame 9E15 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=866009422
Requested by
Host: profile.ssp.rambler.ru
URL: https://profile.ssp.rambler.ru/sandbox?img=dOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA&script=sfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA&img=krCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA&img=YLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA&img=FUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA&img=ZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA&img=Ru3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA&img=fvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA&img=aji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA&img=QV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA&img=zMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA&img=3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA&img=Bb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA&img=jb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA&img=mk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA&img=FbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA&img=PwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA&img=JYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA&img=lRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA&img=xlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.150.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
92d57892ed4ad0cc9171a682cbd0b60ff3636da26b294fa7a8159406f20e54f4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 15:10:11 GMT
server
nginx
etag
W/"61c9d753-78c"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-passed
0bal1
content-type
application/x-javascript
counter
top-fwz1.mail.ru/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=cldata&rnd=00000000-61d1-a48d-1876-8c11019109aa
  • https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=6A9E304E79CEC97F528EF55FE4AB3CA4
  • https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b&ru=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3201865%3Bpid%3D874693e2-6b...
  • https://top-fwz1.mail.ru/counter?id=3201865;pid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b
43 B
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3201865;pid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

location
https://top-fwz1.mail.ru/counter?id=3201865;pid=874693e2-6bcd-11ec-ae6b-901b0ea4a41b
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
match
ads.betweendigital.com/ Frame 9E15
Redirect Chain
  • https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=00000000-61d1-a48d-1876-8c11019109aa
  • https://sync.bumlam.com/?src=bw1&uid=d647ef3d-d9ae-5102-8a85-f2bbeb545635
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiPycaOBlIFvp7KygpiJGQ2NDdlZjNkLWQ5YWUtNTEwMi04YTg1LWYyYmJlYjU0NTYzNQ**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiPycaOBlIFvp7KygpiJGQ2NDdlZjNkLWQ5YWUtNTEwMi04YTg1LWYyYmJlYjU0NTYzNaIBEIgGsKhrzRHspukAJZDIJDc*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiPycaOBmIkZDY0N2VmM2QtZDlhZS01MTAyLThhODUtZjJiYmViNTQ1NjM1ogEQiAawqGvNEeym6QAlkMgkNw**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiPycaOBmIkZDY0N2VmM2QtZDlhZS01MTAyLThhODUtZjJiYmViNTQ1NjM1ogEQiAawqGvNEeym6QAlkMgkNw**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=8806b0a8-6bcd-11ec-a6e9-002590c82437
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=8806b0a8-6bcd-11ec-a6e9-002590c82437
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=8806b0a8-6bcd-11ec-a6e9-002590c82437
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
cm
creativecdn.com/rambler/ Frame 9E15 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/rambler/cm?pi=rambler&userId=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT, Sun, 02 Jan 2022 13:11:43 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
rambler
sync.dmp.otm-r.com/match/ Frame 9E15 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/rambler?id=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx/1.17.6
p
rmb.ops.beeline.ru/ Frame 9E15 		35 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rmb.ops.beeline.ru/p?ssp=rmb&id=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-route
http://upstream_cookiesync
server
nginx
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true, true
x-host
192.168.152.35
access-control-allow-headers
authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT
set
sync.rambler.ru/ Frame 9E15
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=00000000-61d1-a48d-1876-8c11019109aa
  • https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx/1.12.0
location
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=sevnjzoRBN6bx1oIQsXyj.
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
sync
statsb.nativeroll.tv/nr/ Frame 9E15
Redirect Chain
  • https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=00000000-61d1-a48d-1876-8c11019109aa
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D%26rand%3D927
  • https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=927
0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=927
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
95.163.53.109 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
statsd.nativeroll.tv
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
via
1.1 google
last-modified
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx/1.12.0
location
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=sevnjzoRBN6bx1oIQsXyj.&gt=&rand=927
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
/
tms.dmp.wi-fi.ru/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=maximatelecom&id=00000000-61d1-a48d-1876-8c11019109aa
  • https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
35 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.220.120.21 Moscow, Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length
35
expires
0

Redirect headers

location
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=67AA23207355E9C13B0025DA4575BFFD
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 9E15 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=5&external_id=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad14.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
A-6zwXWSS4Omzzk3GcI8wA
an.yandex.ru/mapuid/dmptinkoff/ Frame 9E15
Redirect Chain
  • https://sync.datamind.ru/cookie/accepter?source=rambler&id=00000000-61d1-a48d-1876-8c11019109aa
  • https://sync.datamind.ru/cookie/emitter?source=google&nolog=true
  • https://cm.g.doubleclick.net/pixel?google_nid=tinkoff_bank_wdatamind&google_cm&google_hm=A-6zwXWSS4Omzzk3GcI8wA
  • https://sync.datamind.ru/cookie/accepter?source=google&google_gid=CAESECkkf7gHngZG_Yhv-fIXebE&google_cver=1
  • https://sync.datamind.ru/cookie/emitter?source=yandex_dmp&nolog=true
  • https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3701956541
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3701956541
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:43 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/dmptinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=3701956541
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
content-length
0
strict-transport-security
max-age=63072000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
static.gif
stats.mos.ru/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=1036298988
  • https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
212.11.155.166 Moscow, Russian Federation, ASN8901 (Moscow Mayors Office, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
ExtensionReferer, x-requested-with, x-requested-by, x-caller-id, Content-Type
content-length
43

Redirect headers

location
https://stats.mos.ru/static.gif?ramblerid=DC19BC3433F3C7B86EEC760E30198A49
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
i
dmg.digitaltarget.ru/1/7009/i/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND967473115
  • https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Server
185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
9
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

location
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=9CD1965270ED4718D54BAD426D6FA9B6
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
/
an.yandex.ru/mapuid/ramblerssp/ Frame 9E15 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/?00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:43 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:43 GMT
set
sync.rambler.ru/ Frame 9E15
Redirect Chain
  • https://rambler-sync.rutarget.ru/sync?00000000-61d1-a48d-1876-8c11019109aa
  • https://sync.rambler.ru/set?partner_id=segmento&id=5kPLR4fgHjx2
43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.rambler.ru/set?partner_id=segmento&id=5kPLR4fgHjx2
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
91.192.150.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
sync.rambler.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
43
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Location
https://sync.rambler.ru/set?partner_id=segmento&id=5kPLR4fgHjx2
Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
sync
begun-sync.rutarget.ru/ Frame 9E15 		35 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://begun-sync.rutarget.ru/sync?ssp_user_id=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.149 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr4.rutarget.ru
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
0.gif
x01.aidata.io/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=aidata&rnd=00000000-61d1-a48d-1876-8c11019109aa
  • https://x01.aidata.io/0.gif?pid=RAMBLER&id=770F922FB865313AE9FE12CB4113E5E4
  • https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
  • https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol
H2
Server
89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51802.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
last-modified
Sun, 02 Jan 2022 13:11:42 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Sun, 02 Jan 2022 13:11:42 GMT

Redirect headers

Location
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date
Sun, 02 Jan 2022 13:11:56 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
242
Strict-Transport-Security
max-age=86400
Content-Type
text/html; charset=iso-8859-1
rambler
exchange.buzzoola.com/cookiesync/ssp/ Frame 9E15 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.236.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.236.202.116.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif
rambler
px.adhigh.net/p/cm/ Frame 9E15 		49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/rambler?u=00000000-61d1-a48d-1876-8c11019109aa
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.232.150.70 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp14.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
nginx
x-backend-id
f14-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
counter
top-fwz1.mail.ru/ Frame 9E15
Redirect Chain
  • https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=00000000-61d1-a48d-1876-8c11019109aa
  • https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
43 B
875 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H2
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

location
https://top-fwz1.mail.ru/counter?id=3082612;pid=4303D065A92100D21002618BF744484C
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
0
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
css
fonts.googleapis.com/ Frame E34A 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 11:16:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E34A 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E34A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRJOkjqTRYeqgM4ygrASZvbHgBO-7oulm5dbv1p8M9JKOoP8KEAEg0bOzbWCV-vCBjAegAdKf8NsDyAEJqQJI4RKzhxSzPuACAKgDAcgDmwSqBN8BT9CyAYozFYpV4qsSdshl_YTw0QXfO21zG2fq3cqz9my8eEUIb1qpVC28YpA9EDoI6a3BeSE3LoC7zqKy6y1uqwHD5l7C5pmk-dBCLLMEPG3vDm3R5C8heIqOOyRrxX1YC7Y1SmREvPPhlJxVGaWk35apVZPoUaa2mEkGReS2cNxGVHZQyFO9XVcbfiumzL27ROUKvqkaKkXTBgHk4319PQo-uWa4G_4-t1G6ovh4F7dG_WpPNS2A9ft2wOPt89CPIFaMDG4Q4nAMU4PpmVnwvuYeGA_tpdK0pJXagOkO_cAEi_WP84sC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5bgjySoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQxYYD0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQC0BUBmBYBgBcBshceChwIABIUcHViLTQ1NzA3NjUyMjgyMDE5MzMYgtNu&sigh=FwLd7odSRmA&uach_m=[UACH]&template_id=494
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E34A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E34A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E34A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Jan 2022 13:11:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E34A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:42 GMT
l
www.google.com/ads/measurement/ Frame E34A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmEDsMyZK0kBn6zo_JnCIVB1wtO8QMWBg6Qm_S1ZKDqWwJNZzB9V_2uYZ41Gi--j8zGCF-PEWR6TSjz0ZJYJ_yzt82mg
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame E34A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Mar 2022 22:16:39 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14570025847804080645/ Frame DF03 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14570025847804080645/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qkChDrohUZ8uFbuvZ7Z2m7sCSV9PA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
650a667255250a7528a330a3096ea286bf15d8ac3d552e9508d15e96a2a42c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 07:26:49 GMT
x-content-type-options
nosniff
age
107094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10745
x-xss-protection
0
last-modified
Tue, 07 Sep 2021 08:48:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Jan 2023 07:26:49 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17009980130917044718/ Frame DF03 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17009980130917044718/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4ql3BLGdl_WrRPv4rGzLP5Yb6IsMiw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b158de0533a63f2d9084656a17356d5808fe6b570aab1fddf44ea786641baed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 12:54:08 GMT
x-content-type-options
nosniff
age
433055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24529
x-xss-protection
0
last-modified
Thu, 06 Sep 2018 07:23:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 12:54:08 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF03 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
25926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DF03 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
23129
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 03 Jan 2022 06:46:14 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame E34A 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRRFWyIXZg53eul7atG111Tm-pinnUIrcbDcXEpS7T-uEGuUv__6X3gx7lBNV0&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcdd57b8203fc69a287e348dab2620faef5a6c5b5b9f1d20817b5d3df5b800d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:22:23 GMT
x-content-type-options
nosniff
age
265760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39295
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 10:30:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Dec 2022 11:22:23 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E34A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQuCGgToU88Wky0ENwReBBzV1vtNTCWwd8SXudZMmh19XtdnC4zn7c75Tdzvw&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79d89f3e5af59f18e9e7154f9439e7c175bf597457dfa3fd845c39d333d5ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:04:26 GMT
x-content-type-options
nosniff
age
432437
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34164
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 14:53:53 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 28 Dec 2022 13:04:26 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E34A 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQduFOYyWO8La0lc5iiXzP7yFH3ZvtKPe3af3_DXrZiiXqFLQ16EXQuB0LRo4&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 11:21:45 GMT
x-content-type-options
nosniff
age
352198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35815
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 11:18:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 29 Dec 2022 11:21:45 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E34A 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTxZ9vHxfvig6u1vHdj3ppq08DagvUB60EW4XqXyHkFJqJIid_jRJaZ9Bi7dw&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 20:41:44 GMT
x-content-type-options
nosniff
age
59399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31612
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 08:57:45 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 01 Jan 2023 20:41:44 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E34A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRv9vxVP4HjWRyB5HU6aZgTGRPI5qTWckl4ZbxXdhmFvY_-Pk-hPhUjwFHwA90&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73a75f77daef3dd6f9447f21061136b51950f1e81fc61bb3058eae844727b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 06:33:27 GMT
x-content-type-options
nosniff
age
110296
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25800
x-xss-protection
0
last-modified
Sat, 01 Jan 2022 04:27:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 01 Jan 2023 06:33:27 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E34A 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR9mKI-jzIme4XiKQiCSiHd_xtNeZRiGzYzUT80bQRT1vtYI8ZfMXRCC-l6EQ&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
427d2685841a31254fdccb66cebe9238bafda8df5389752124d878aedcdb8c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 14:33:30 GMT
x-content-type-options
nosniff
age
254293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36652
x-xss-protection
0
last-modified
Fri, 19 Nov 2021 00:42:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Dec 2022 14:33:30 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E34A 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRM442HFpyYDu4p91Ecx7trqGb0DcqzrXaXy6vclVXS9k6VcJTu4vFVW3MvrA&usqp=CAI
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ad2d097970b4db22e21d9cd61db5d0de1a257b213c72029bbd248d950538f0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 13:00:05 GMT
x-content-type-options
nosniff
age
259898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27655
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 10:53:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Dec 2022 13:00:05 GMT
16954104317476786032
tpc.googlesyndication.com/simgad/ Frame E34A
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16954104317476786032
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 00:58:44 GMT
x-content-type-options
nosniff
age
303179
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34759
x-xss-protection
0
last-modified
Wed, 13 Mar 2019 08:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 00:58:44 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 01 Jan 2022 13:21:28 GMT
x-content-type-options
nosniff
server
cafe
age
85815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 31 Jan 2022 13:21:28 GMT
integrator.js
adservice.google.de/adsid/ Frame E53A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E53A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E53A 		88 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=503423074378876&correlator=2408247560601065&output=ldjh&impl=fif&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2CBillboard&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=sspimpressionid%3D61d1f-a48da-e3bc2%26sspnext%3D2&eri=2&cookie=ID%3D6055141899fb1754%3AT%3D1641129102%3AS%3DALNI_MbghWpxlhm5FU_c5nCLn8BDqV9ABg&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129103&dt=1641129103440&dlt=1641129103140&idt=292&frm=23&biw=1600&bih=1200&isw=1080&ish=250&oid=2&adxs=260&adys=85&adks=4036918566&ucis=uaftdmi17wv5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1080x250&msz=1080x0&ga_vid=282114902.1641129103&ga_sid=1641129103&ga_hid=670406860&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
827632d11c1182e950b085e8f64e03879a6911d569b8eecc33cc5a93bf8e4054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25385
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A4F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:43 GMT
expires
Mon, 02 Jan 2023 13:11:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 1FA2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1FA2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ugt7s7.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1FA2 		51 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2135613159901095&correlator=1944725322259603&output=ldjh&impl=fif&eid=31063257&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=21758191093%2Cchampionat.com%2C240x400&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250%7C300x300%7C250x250%7C300x600%7C240x400%7C160x600&prev_scp=sspimpressionid%3D61d1f-a48dc-371ea%26sspnext%3D2&eri=2&cookie=ID%3D6055141899fb1754%3AT%3D1641129102%3AS%3DALNI_MbghWpxlhm5FU_c5nCLn8BDqV9ABg&cdm=ugt7s7.ru&bc=31&abxe=1&lmt=1641129103&dt=1641129103470&dlt=1641129103194&idt=268&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1025&adys=3857&adks=4162173491&ucis=1oezgm1mmu1y&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&top=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=138821691.1641129103&ga_sid=1641129103&ga_hid=1451477906&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
50a141a1e273cd9a7d07db6b878124cd3779f86b7f141fbbc69131ec26b36c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11369
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ugt7s7.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7F95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:43 GMT
expires
Mon, 02 Jan 2023 13:11:43 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8445 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 02 Jan 2022 05:53:44 GMT
expires
Mon, 03 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26279
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0648 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef727f710c848eb92abfa47f6a5e214b5ee5d337719a79a027f24a06a4aae5ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 0648 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:19:29 GMT
x-content-type-options
nosniff
age
395534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 23:19:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CE2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3804482334251860&rc=
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 84DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2139386656920698&rc=
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7F2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=391207100571439&rc=
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
capirs_async.js
ssp.rambler.ru/ Frame 9E15 		578 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/capirs_async.js
Requested by
Host: sandbox.ssp.rambler.ru
URL: https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=866009422
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
3450da15e9d4afff41f661b26bcb5cc0564720506667f5b4ab1ff7a108bf282c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
last-modified
Thu, 16 Dec 2021 10:19:39 GMT
server
nginx
etag
W/"61bb12bb-90893"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=60
x-passed
0bal1
content-type
application/x-javascript
expires
Sun, 02 Jan 2022 13:12:43 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame FCC2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame C66E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 7455 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1ADB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 02 Jan 2022 05:53:44 GMT
expires
Mon, 03 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26279
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E34A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
522842190d8772d9b5d27852591dd456e6b80f09e7f52aa5f85258eeb9669295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame E34A 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:19:29 GMT
x-content-type-options
nosniff
age
395534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 23:19:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E53A 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef4ea0fe56ed7f7e648864769252966858b0e3a7040365d9642c5397a2c57f4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8448
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8445
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1&google_push=AYg5qPIpUGfdvoEjolcsL9OK4ZWy0eCpbZLTQtGACy5JjFykUz2bEOb1svu1HEKdUBTqUNrp_A5igyy3pVziTRItC5cjoyj1P3jA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDM2MDg4MDgxMDYzNDI5NTQzNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1
Protocol
H2
Server
2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSEvMUDKZSXwddf3ZUd-ac&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 8445
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_...
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c743c23783559d1-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c743c220c6d59d1-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZZMlU7-0lbOGbT5CgyXw0&google_cver=1&google_push=AYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJl07zT_ub8fP9rf2Cht2MO4aNbCKBJvnvAOE2E2eEwahP_x79Z3WtF8r0q6F1ZhnJtnpC23rE_tr1s94CZzWBgbdOXRQ_Z%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8445
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOfW1I-XlCkL-6O7n5_8gxI&google_cver=1&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE_wVPgl1Y82I-Iwfs&google_hm=hTMjVrRrS4SrtKB4PZQloRQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE_wVPgl1Y82I-Iwfs&google_hm=hTMjVrRrS4SrtKB4PZQloRQ
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLZ2MORXkriqluQ2Ec29h7E0T27Yx6yw8hzRGsxiYUXR3HjFK8i-BhK7xKuvqXacCxC67mrxQiuHgE_wVPgl1Y82I-Iwfs&google_hm=hTMjVrRrS4SrtKB4PZQloRQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8445
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEmmA336dVLGWilIuIUG05w&google_cver=1&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_T...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_Tjo7T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_Tjo7Ts4URH-WagR
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPLo_5HQrg7ED6936OOxrkMV2PKK5A49lUgcQaUQMzYBCqx7O1xAaE9r0dseVXlpuP9lnjUm6BdC6pmL_Tjo7Ts4URH-WagR
Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 8445
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPKfvF1KiMUjalmYtlU9hVxnuMxIHTBiq7ccnIzF1NRzyS1_shGUS6JSEmqnVcJLKMrmjv36WUQQVd8skCoC8gM_...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=097262cf-752f-44c6-a9b2-c84a32fd735d&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Date
Sun, 02 Jan 2022 13:11:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8445
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEKPc-t6d7RUPDlIjbHwam0&google_cver=1&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZk...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEKPc-t6d7RUPDlIjbHwam0&google_cver=1&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_h...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_...
0
0
pixel
cm.g.doubleclick.net/ Frame 8445
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIq...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESELaAw-LG4wSfFuxdFnfE0ug&google_cver=1&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIq...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ODBjYTNjNy02YmNkLTExZWMtYjAzMS0wNmM2MTQ1MWYzMDI%3D&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ODBjYTNjNy02YmNkLTExZWMtYjAzMS0wNmM2MTQ1MWYzMDI%3D&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4ODBjYTNjNy02YmNkLTExZWMtYjAzMS0wNmM2MTQ1MWYzMDI%3D&google_push=AYg5qPIWTX6gG7NQtTV5z8KdojkuwRcC396_sdCsmg9X30A9j-CQIqBy5kPFeh0aZqCNZXwUcxQAvTDnz5O6W-FsCcVLYwroM7fufQ
date
Sun, 02 Jan 2022 13:11:43 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 8445 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JngjpDdAS3azaTd6LNioVVcSF6baG7O9uZHOJo26EvZPKddhyPtsfC45KB6otBunUI0cM7uA
Requested by
Host: 29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
URL: https://29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1FA2 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f98532d2383eb05f3f44a12e690b47c83239f028f0fb8f144e7e56329327f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8511
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E53A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1FA2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
/
google2waycm.netmng.com/cm/ Frame 1ADB 		0
0
dpixel
cms.quantserve.com/ Frame 1ADB 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELN9vkdaFiN95xPRbZt78Fk&google_cver=1&google_push=AYg5qPIq_M8wvfdwXyRexKTZe-9ZszXxEVt8J2_25JoaLFZaJ2lJwqumrFJEiJMpxEMiJVLej45Psn8blnQrJwKrrtHxPZLS-p5K
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 1ADB 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN2piAwgpGaA3jYJoX1cSjQ&google_cver=1&google_push=AYg5qPIcacyeZMGz1W7tABVpzQeQeLhr_dKssrgigUGZm8WUF47kJfNP3kg5_N8CM_aejf8Kh2zqWzYb6j7KmxQ9k-VJzKWbvN1f
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641129104.830596,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-cdg20748-CDG
pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mc...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIcK9CbHMPll6M7KrPqZf8ZfdhdloKDinEnWDwGSSVJfPy2MYIfs0KC2paKUYagRjNoBvFPvszYdslFlTVHd1mcEsxw8my9&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Date
Sun, 02 Jan 2022 13:11:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENgtWDcPCyzlPgLhVRwXr0s&google_cver=1&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hYOVc4VTItSC03MklI&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyWxU82beqLCQZgkzNsLFQH8c2o0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hYOVc4VTItSC03MklI&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyWxU82beqLCQZgkzNsLFQH8c2o0
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hYOVc4VTItSC03MklI&google_push=AYg5qPJnk6ceO4rzn5ZH5tay66AyyLqKeKNSL9uoiEOYIT1hnfiL4dglqTOBfxjFKj8zA5tAZyWxU82beqLCQZgkzNsLFQH8c2o0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4a...
0
0
pixel
cm.g.doubleclick.net/ Frame 1ADB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa-_9PLg0t81MQJq_suFbc&google_cver=1&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJ7-yr8LqUNJLi4o9npoxGeRtTUKMdC8tXK-GhyZMLyuJ8X-zcO5UYBVJu7Dz9vpE4aBXt7TpRtL2t1DPptnfnk7aknc2PY
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 1ADB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGhKuuWHKZwW5_6U4Eh2tM0QAjittQnT7VFYR93t2SOnl8nUwVoYDCkuacjcWJlu4C1f0L
Requested by
Host: a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
URL: https://a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
stat.media/counter/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stat.media/counter/view
Requested by
Host: stat.media
URL: https://stat.media/sm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.202.225.227 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
sm-server1-1.ssel21.imcmdb.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
Date
Sun, 02 Jan 2022 13:11:43 GMT
Server
nginx
Connection
keep-alive
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40c83ed5448502bd44af245366c8211b869fcfaab05170853ad81b16092f6bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8578
x-xss-protection
0
userip
ssp.rambler.ru/ Frame 9E15 		13 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:43 GMT
x-passed
0bal1
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
getid
ads.adfox.ru/ Frame 9E15 		38 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=396887543
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
cba06688454c4b504c7c8294249b21e63c52176a237d77dbc2c3a6b2f0a9faf8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E27A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C622 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51b700dbacbef87068acf249ba8267d6854aa6958b765a3185b29cee30052832
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bTDjbqnWDT+3QA83DWRmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:43 GMT
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-bTDjbqnWDT+3QA83DWRmZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111011823000/ Frame 0FEE 		189 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55592
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11dee2040f5fc1d7"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0FEE 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4992
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"858600ba27ef7413"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0FEE 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a64e482645fd262b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0FEE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1731
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cb4f0e89d7d37d9b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 0FEE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
425711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12826
x-xss-protection
0
server
sffe
date
Tue, 28 Dec 2021 14:56:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f02165e023e70703"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Dec 2022 14:56:32 GMT
css
fonts.googleapis.com/ Frame 0FEE 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:14:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
css
fonts.googleapis.com/ Frame 0FEE 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 11:15:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:43 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17009980130917044718/ Frame 0FEE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17009980130917044718/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4ql3BLGdl_WrRPv4rGzLP5Yb6IsMiw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b158de0533a63f2d9084656a17356d5808fe6b570aab1fddf44ea786641baed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 12:54:08 GMT
x-content-type-options
nosniff
age
433055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24529
x-xss-protection
0
last-modified
Thu, 06 Sep 2018 07:23:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 12:54:08 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FEE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
25926
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FEE 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
23129
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 03 Jan 2022 06:46:14 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/949799863400668537/ Frame 0FEE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/949799863400668537/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qmfPQiBajavJ2jY0CfVyf-Wa5z3mg
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f4640dd5df7de31af540174612950a74366cae539910580965e8728afbe2c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:10:47 GMT
x-content-type-options
nosniff
age
266456
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30685
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 10:22:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 11:10:47 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0FEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtOkHj6TRYaOHH_XP7_UPmaKfuAqyp6XpZt2U9b6GD5aCzYWIFhABINGzs21glfrwgYwHoAGE5oD1A8gBBqkCSOESs4cUsz7gAgCoAwHIAwqqBOABT9DrAdl2uAmBI6fsoFm-rPiRjnduI0kYNIyFnF7eme8C1___tD-L9F40L_WofRvMUFsi04ekgJ67eNM5kttzhzAmNc1Y1N_iEiKzqZkesYtuLifhLhky6tLslCuHPS21twN-JvRlPajoym8zrP0EV9oyFud_SSkd8AEJhE4-oOmbmr40TmBEA71Elvn3ij3EeU9K7kAucC4HAoZoGL4Wv0EyMPz3SEKLjQPRYuykctXLHRVVWhYDxagEFdE4zceky0HTMy6YNIjkMsYbvOPvaebpOnj5iCrDRzBfJ4TonL7ABJPH1IXeAeAEAZIFBAgEGAGSBQQIBRgEoAY3gAe965QOqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4YsZ0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQB0BUBgBcBshceChwIABIUcHViLTQ1NzA3NjUyMjgyMDE5MzMYgtNu&sigh=7ofwxK3Tj5Q&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
container.html
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C7C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 02 Jan 2022 13:11:43 GMT
expires
Mon, 02 Jan 2023 13:11:43 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Sun, 02 Jan 2022 13:11:43 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E86 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1174
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8884 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97031eed6944946930650d15f3ba7dc8cd5114357870513a940392cb424a250a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-btpmGZL1B4YpfrkF37SByg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:43 GMT
date
Sun, 02 Jan 2022 13:11:43 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-btpmGZL1B4YpfrkF37SByg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0FEE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a80dd5788cb63db238d4056d1510f08ec49b22e5f7ccc9f6cabf72f9d63c962f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0FEE 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:42:17 GMT
x-content-type-options
nosniff
age
88166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 01 Jan 2023 12:42:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0FEE 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
373105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 0FEE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ugt7s7.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
386257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Dec 2022 01:54:06 GMT
phtimes
prime.rambler.ru/ 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prime.rambler.ru/phtimes?view_id=kxx9w6hq1j3knrxp6&serial=1&data=start-1782_id-298_overall-301!start-1782_wait-301_overall-301!start-1782_wait-301_overall-301!start-1782_wait-301_overall-301!start-1782_wait-301_overall-301!start-1783_wait-300_overall-300!start-1783_wait-300_overall-300!start-1783_wait-300_overall-300!start-1783_wait-300_overall-300!start-1783_wait-300_overall-300!start-1783_wait-300_overall-300!start-1784_wait-299_overall-299!start-1784_wait-299_overall-299!start-1784_wait-299_overall-299!start-1787_wait-296_overall-296!start-2085_id-266_overall-266!start-2085_wait-266_overall-266!start-2085_wait-266_overall-266!start-2085_wait-266_overall-266!start-2085_wait-266_overall-266!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265!start-2086_wait-265_overall-265
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.89.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
prime.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:44 GMT
server
nginx
content-type
application/octet-stream
content-length
0
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
22561%3A18274
an.yandex.ru/mapuid/adfox/ Frame 9E15 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/22561%3A18274?jsredir=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
content-encoding
gzip
last-modified
Sun, 02 Jan 2022 13:11:44 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 02 Jan 2022 13:11:44 GMT
sync2.204
profile.ssp.rambler.ru/ Frame 9E15 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=22561%3A18274&pid=85&ruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/sandbox?img=dOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA&script=sfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA&img=krCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA&img=YLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA&img=FUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA&img=ZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA&img=Ru3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA&img=fvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA&img=aji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA&img=QV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA&img=zMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA&img=3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA&img=Bb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA&img=jb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA&img=mk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA&img=FbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA&img=PwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA&img=JYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA&img=lRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA&img=xlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
0bal2
server
nginx
date
Sun, 02 Jan 2022 13:11:44 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
context.jsp
ssp.rambler.ru/ Frame 9E15 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=441920592&first=1&frm_level=1&frm_top=top_not_accessible&block_id=441920596&screenw=1600&screenh=1200&winw=0&winh=0&rq=0&rq_sess=1DF77C58EE85F5DCC2DD728E73654734&secure=1&vcapirs=32_1_0&jparams=%7B%22puid42%22%3A%229.8%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nLPJKMnNseOyyUhNTLGzKcksyUm1s9GH0WBRLpuk_JRKIKUPoyF6AEs7Eu0%3D&browser_family=Chrome&browser_version=96.0.4664.93&os_family=Windows&os_version=10&device_type=1&top=8&left=8&fpruid=pA8AAENKs1ekm%2Bk3AWKbugA%3D&lruid=pQ8AAJCk0WEX1muHAQJONgA%3D&callback=Begun_Autocontext_saveFeed1&ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&url=https%3A%2F%2Fprofile.ssp.rambler.ru%2Fsandbox%3Fimg%3DdOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA%26script%3DsfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA%26img%3DkrCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA%26img%3DYLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA%26img%3DFUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA%26img%3DZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA%26img%3DRu3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA%26img%3DfvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA%26img%3Daji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA%26img%3DQV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA%26img%3DzMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA%26img%3D3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA%26img%3DBb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA%26img%3Djb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA%26img%3Dmk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA%26img%3DFbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA%26img%3DPwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA%26img%3DJYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA%26img%3DlRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA%26img%3Dxlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
f8feb323d2ad7d1c4e02ebb24edcf21e9c1634bd36cefe1cb02f36d9640421d3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:44 GMT
x-user-regionid
0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount
0
pragma
no-cache
last-modified
Sun, 2 Jan 2022 13:11:44 GMT
server
nginx
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://profile.ssp.rambler.ru
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
x-passed
0bal1
content-length
4420
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT
sandbox
profile.ssp.rambler.ru/ Frame 06AE 		129 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://profile.ssp.rambler.ru/sandbox?img=jCu93EjOg*mSFO-4FJJK1*-SzN3JcieGqQ1j2qa*mVsokbzntWS0cjcN70DVGOF38fUDoLiEYUHsNiu4QYK-5K5zLmaE5fMXLxkmeUIybmzMpwl5B3izMhzwkAUE69lml68kHFBnTytp0JitjqB8XgIAAAC63LwKAAAAAA&img=NrdG5xioTqk0hyxJE8LoTyerEmxU8DiIMzptYOGXcC9uluodKlHudG4mkhcBnkLePjgJCjKSAXGDRg8fP1kk45OSmAPNItsRFvFIeIb-6o5sTxx0TrbUpkNPRkd3Ts*m0JI6pa*QLg-gvdef7WmyIgIAAAC63LwKAAAAAA&img=asB*me49LyfN3MOT7T8lYrpMWT0WIHEfq2XrziBRl1JbnW9NU0kv8c3TKnlsxe2L*Hx5LzzJnIr5BQNiWzujtjIA1CwQTQ0Gd7HhvZ*Uzp8e-FHpRzSo53vGpVUtLcJgaTbDf1SkNGQcsvnI5umYytYgR9pl2bB0zArD7IFwUbhY6HQe9WieeInOSH0WX0Xqvcam3SeHDyFkHbDXSP6CWCYsltF7K7Q4MFU7V9gIRUcCAAAAuty8CgAAAAA&img=4kccE5WGWC40XzZx6v3WDgPb4somkBXQQ6YQ*VSLPzXYtPIaFGjWGOS5ZZh1szIAgY8manFx880l4Y4ZVJrGH7XWRqUNaBxW8maZrh0EbTr87LPgimTBCHt6*VlO0XzH3IkKA7kvBlZlSHESupHvu7EB*P*FiTi1EFyoEy*gxJCoGvV0yxhSrfdUNqdMkYcEAgAAALrcvAoAAAAA&img=e8Tjj2*TZSCWjKdsOOVQAbegcRh8IzRdiNeI6gJPLXUIHhVggJiooWFqFNCMtC1UMF-x1IOWVh-BSLzG8XYa64y7BwwL7Mt95Y8eY215HjRDjvdY8o0IX7LFL6ChJImnAgAAALrcvAoAAAAA&img=BF4pSaJao7vQH5iZxNm7IHrxjQP9Meyq6udhIVB4LY5GY3mAjAzpQrmVvCdZsZ7BavoQRMUJcP-eHDy3Sjqid8KlrwHy-K6Zbg9KWLJRZarYh5PdJNiYweDRYBFygEFzDtG1j4ZVO1S78Fcvw7sN8gUsxlgir7Depw4o8ngh5sMCAAAAuty8CgAAAAA&img=P7u9Ir8PjyG84WrXb8rkO5re1F*Je31fe4hvDCKqnl2uJsFkS9PCBpliCbdXYyrTRm4*7*9z7bUm5r2J9Unslt-E9OYHEplDW040PIw*1Xv3U5mdHV1Ra-BedUg3owB7AgAAALrcvAoAAAAA&img=Ej*7xzqhHS-P59FnBvYyElgqck49gXXWGfaH7iy8O-I4LaPEPokcVzQ6JCELY9Qm-eHvBhmFkG1TmSqdjuRSnlsykntI42dbmoSa06*K0oV5gkYstMvOx6Hsp2H3CiQ5AgAAALrcvAoAAAAA&img=gZX0EleuRFvWxSTtFAZ*4CnKIFyFE5WymeSf6riJKK-ySQ8DBbUWnJbABEuXN9ZijBgfWjcHrdi95XMrJTRxOXcMHxIERkmM3Das41anFThnw1wmLu2PbW88nLpNKTY1OLpLRTkCWgrETHd3zerY7wIAAAC63LwKAAAAAA&img=8D8X5orDE0wLnx7uGieHNHo1mP*vrTdDMr7mSGkNb4PXyudJHU8JEknAdLFErLW-*l-2ZSRw2f7owqNlB0XKBqxshzTW0ljsw6LQwoLSfVYoOX-cBVp5QQUFK1y8RG1s*btDrDZYJNLGJ8JQ7PMxg8h0JM4epSAXhlXh8jDpVCwCAAAAuty8CgAAAAA&img=KMZG1*1Z2cfYN6Oyv5YyhbhzQR3q3aZlkoacA5xsO*iGd0Ib*L5zKtfxexG-xmUrOHDIDku6pqadwuk87tZXmrvXr5pu1UVKrgjP3AqxPuLwWUT0qA*4889UarWFqOw5VopR5heHQgmopNjr3DjqNDXVmvPsCrjiYMgUyyarOaDAtlwCwZ1oe9Nob0f6LVUAhhG5H0R0br*-ewo7IgQxxyiAoXdhaMFv0EaaoyEn8jcmBIbXW2JhXxp4efHXKM2SOGfgGPNlvXdnVKS7LyGEU-Nebdd51vu2T14PtljOJqcCAAAAuty8CgAAAAA&img=gYnNmhDnn8NVDGvmpssPPM*duWGXg3IY8JKZDxy*oqdqOqlRggFcyN-KSXx4eETfMNo3nALnJDlIshEmzOieqOHP0qdcv1BelQ8Uppg3tUl11awKb7FB1TPH4YNR9Em9AgAAALrcvAoAAAAA&img=aatHNKd6qGvtEIvk8jPhpq8162heT4ckaZnJRlVViZSG6v6w9JXYzXYgQHPQezT668pnFckV1MzsaELtP6U7CsUkXyryA-GWPwLipz*07*CFqgN8AaCRmbaa1q6xEmNO8l0uj6au30Yq9TXtKGejhwIAAAC63LwKAAAAAA&img=s2Je7i78hkGnfB4lc6rQLZc9ZZrTlazs-iKrPsqKDCY9J*utRKuK3ZQ7VIwEURM-zm-jT0oPl725P9CLwH*uf8w4kEjEphtSm14r6Q1mYWDBRle1l3Qu1UodWCVqR6HxpC9c70ktiZ244XR35h9fYLIGkiXHoH8XitHRejaPCW8CAAAAuty8CgAAAAA&img=QkMjnvf0kZe6y4e0lARuAO*WBLPO2-HmNVquiJhJxaTjWoXhqWIZj1f7MuAx69qPn6fsyOTamA4O1Pni-AUONqxwkslFumeaFR8X*xWTuX0EGzOP396-ITCnJiS5mCl77lltENk-5J-kRwvAQQwCS4owtygioFnPe6ZOvuCsfRsCAAAAuty8CgAAAAA&img=A3WedC8-KrqgXObAAjPa*FRv9o-Ao3eUuA9tMoovnJJNfY1dROxPclCevN74rVyD1gk6QcCD-pTY1tGnE1qX3xJZ8XqeDxdRtOe7r8waC-71BXB2VFlm22i2eBmKBOWpDYkf699ePbx30V3J7mIhZwIAAAC63LwKAAAAAA&img=fgGiKRMR3q8mbO7EfPWxlyvf2NNwETZDIW8zyOQcW8NNifflrUe51ataDQMEw43*K5ex3XCtZah0ZzyHTE7ASv*gsr6evCLSJUJfC19acOBaykuZM5oZR-glQeWcPFEmadrFRsv4QRK4AlwQJd7O5QIAAAC63LwKAAAAAA&img=eQHADa8IdKB0j6oqeyeOwE4O-pOw2PRYDFhphwYnSqLBF74JZxDsa7gpZgdyPcaBIi81Rl5P40AZkG3w-PEuLCUpcZCZZ1*gfBg8ps1WCUCEs8QFm5L5yaIi0s-pO-s0QhlJ3KBSOXEvmRfyj88rd9KEa0rukQl7tzwA*Pujz5zm1JUQvwD3Dx4lcJWyU8JvlDLwKwRpuzw4D0WB1FM1gwIAAAC63LwKAAAAAA&img=ODFFmszgozzJu9AtzsHsjvHtwaN5msP*5Vf7xyMiBdEgzS8lAK9Kzs4mw8qjI*CrKukjZK-3Didmc**L6Bcn4cg0zSuwHz9hh40eC6qyjOWyrEQVI63ZIvnIxYCZaCPur-q1Y-kBzzYOthnz15tOjwIAAAC63LwKAAAAAA
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/

Response headers

server
nginx
date
Sun, 02 Jan 2022 13:11:44 GMT
content-type
text/html; charset=Windows-1251
x-passed
0bal2
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-encoding
gzip
css
fonts.googleapis.com/ Frame 0C7C 		2 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 02 Jan 2022 12:16:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 02 Jan 2022 13:11:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 02 Jan 2022 13:11:44 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0C7C 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpyDnj6TRYbTIHcWU9u8P3q6i4Abvu6LpZo3X79afDK7U_uCYFhABINGzs21glfrwgYwHoAHSn_DbA8gBCakCSOESs4cUsz7gAgCoAwHIA5sEqgTgAU_QCnw1RlpgEwlYkgTYMLM08GwZzGxt7lRRYoedvziGUP5KdIrHf_GAvXS7VIMc_8WDkWaKj7ZZ52GyMQUvCdrHwDE3i4SFvnKy1FsnT-vpAngVXtJIb7_2IFlQd_4-au0CCTgoDf3dOiKQMQ6LOIjAi6AC5rP61VmjBfQqEwwpeDdFdWlrSmVNsceweCO0EsMktZmti0w-ei0vuyLntCZAxKPvcQb4jaBeKgtt6ucV7SQ6SZ5E8dsSPurryIpcF_6k8M4TtI_scpexIeIggzINsBs8h9_07ghfp-vlpcxOwASz9Y_ziwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCp5yLSCAkIgOGAEBABGB2ACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDU3MDc2NTIyODIwMTkzMxiC024&sigh=K09Clm7w5E8&uach_m=[UACH]&template_id=494
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/whome.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0C7C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0C7C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C7C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 02 Jan 2022 13:11:44 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0C7C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:10:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jan 2022 13:10:42 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 0C7C 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 27 Dec 2021 22:16:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 27 Mar 2022 22:16:39 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0FEE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H3
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEE8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sun, 02 Jan 2022 12:52:09 GMT
expires
Mon, 02 Jan 2023 12:52:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 652C 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bed1192f2bebd28b184abc40076411dcf7a7e2c80b12b2e03f5eb788863ea31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3eZeyImRVKHtu/evlI/pWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 02 Jan 2022 13:11:44 GMT
date
Sun, 02 Jan 2022 13:11:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-3eZeyImRVKHtu/evlI/pWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
downsize_200k_v1
tpc.googlesyndication.com/simgad/949799863400668537/ Frame 0FEE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/949799863400668537/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQqgIYASABLQAAAD8wqgI4qgJFAACAPw&rs=AOga4qmfPQiBajavJ2jY0CfVyf-Wa5z3mg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f4640dd5df7de31af540174612950a74366cae539910580965e8728afbe2c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:10:47 GMT
x-content-type-options
nosniff
age
266457
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30685
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 10:22:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 11:10:47 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/17009980130917044718/ Frame 0FEE 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17009980130917044718/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4ql3BLGdl_WrRPv4rGzLP5Yb6IsMiw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b158de0533a63f2d9084656a17356d5808fe6b570aab1fddf44ea786641baed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 12:54:08 GMT
x-content-type-options
nosniff
age
433056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24529
x-xss-protection
0
last-modified
Thu, 06 Sep 2018 07:23:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Dec 2022 12:54:08 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FEE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 05:59:37 GMT
x-content-type-options
nosniff
server
cafe
age
25927
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Mon, 03 Jan 2022 05:59:37 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FEE 		344 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Jan 2022 06:46:14 GMT
x-content-type-options
nosniff
server
cafe
age
23130
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 03 Jan 2022 06:46:14 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 0C7C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQuCGgToU88Wky0ENwReBBzV1vtNTCWwd8SXudZMmh19XtdnC4zn7c75Tdzvw&usqp=CAI
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d79d89f3e5af59f18e9e7154f9439e7c175bf597457dfa3fd845c39d333d5ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:04:26 GMT
x-content-type-options
nosniff
age
432438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34164
x-xss-protection
0
last-modified
Sun, 21 Nov 2021 14:53:53 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 28 Dec 2022 13:04:26 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 0C7C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRRFWyIXZg53eul7atG111Tm-pinnUIrcbDcXEpS7T-uEGuUv__6X3gx7lBNV0&usqp=CAI
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afcdd57b8203fc69a287e348dab2620faef5a6c5b5b9f1d20817b5d3df5b800d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 11:22:23 GMT
x-content-type-options
nosniff
age
265761
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39295
x-xss-protection
0
last-modified
Thu, 16 Dec 2021 10:30:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 30 Dec 2022 11:22:23 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 0C7C 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSQduFOYyWO8La0lc5iiXzP7yFH3ZvtKPe3af3_DXrZiiXqFLQ16EXQuB0LRo4&usqp=CAI
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 11:21:45 GMT
x-content-type-options
nosniff
age
352199
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35815
x-xss-protection
0
last-modified
Sat, 20 Nov 2021 11:18:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 29 Dec 2022 11:21:45 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 0C7C 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQEVV7b7oVodbJYZPYZl5UK-U-CmSKCTHorJcYcBMcUDQFz3ABPSaPOi2nTyvw&usqp=CAI
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca299ab3a7f12b37cce4f76c017b88026120824524d472e3e58b523858e282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 11:12:43 GMT
x-content-type-options
nosniff
age
352741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36754
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 20:02:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 29 Dec 2022 11:12:43 GMT
16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 0C7C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
  • https://tpc.googlesyndication.com/simgad/16954104317476786032
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16954104317476786032
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 00:58:44 GMT
x-content-type-options
nosniff
age
303180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34759
x-xss-protection
0
last-modified
Wed, 13 Mar 2019 08:47:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Dec 2022 00:58:44 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 01 Jan 2022 13:21:28 GMT
x-content-type-options
nosniff
server
cafe
age
85816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 31 Jan 2022 13:21:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=503423074378876&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
blockstat_post
ssp.rambler.ru/ Frame 9E15 		0
79 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ssp.rambler.ru/blockstat_post
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://profile.ssp.rambler.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:44 GMT
x-passed
0bal1
server
nginx
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8884 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2135613159901095&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame E27A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2884 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3804482334251860&bg=!KimlKW3NAAZKWFskSlg7ACkAdvg8Wj1iiGKkFzAqIZMK5NSyDtt2StXBHb9RaCyNKtiI4RzYgmOuQQIAAAFjUgAAAHNoAQcKAHAuIJrtS-9tuJgFQHidyxlSDmTqeGIHD_Iss-rpi5Tz4g7BOL-QDbbyiGtrbXKjoLvOKOKkE-8GRBSQQE9CFSoRn3EKKJcv5fUz2NUPHWC8MMGMLovNcvutWEVRzhF4QgcyRP7OgvIaQSuhY6Kxv0eWmQLkMweO9UtQEJu9UwJwDJw6yvYf_4f_WStLlfjmui-uhPGqF3OYW-JCCw9uFQMO1qVh9AqN72u3lwIFnYaanfwkqewTRlD2OeK1xVFTCOSx5rDPHUtURCB1F4frm-2BogMP9ejwUQUr5Mrxf_qwRau7oq85P5_YIjsWbXZtfa7-7VMR9459NKpvxdb8IoF_WpXuGhhEPIYmKhblNwvoQWuIuq1YwSFaRHBOVF61WewpNA-ACSR7rPb6TlpLKVC0y7DD-htNuSOi4kNoT-Ee_dVw7aJ1_4PjPoyJJ3GjnXKl0EOCjQ1KXnL3xib0zWoTRkTNT8lz6uCwzXcmwQXRbYokx0nobuM9rgnEGxmEGl7DrT6OuI7juGLmAqU0ZXAHxq4hWxdWG_tDa8eoyezpF-cLp0zV1JBDxTDDhblLOo-voi4IBr6YGJ7HjW_iFXgXxsXijNjycPSg1J5TMzGN9AR_sFCLpJAse1QHYxbSyzWSWssBweVQMCCr4zCeZf0KyR4iIbtNy60kKLtKGsBdTkzjlMSRHLev3FbmpYKnyjTMkTqdB6ZowyVDE6qCkXOsfS3daRxQLMxGB-ARytv5TbmZxrMifunsZbD3fbKIFJkfv6ElA5t4TSPGieXaBqyPllZCZusC9Lixui6bTzOjqSwsaJe85k7nJRr-QxfRP9Zge_ja4a3VSaWknWC6K4JdBeNdTHdF8UXW-BshrrUn6VUzIoZahsGA0lmAxOyyKiGpicgwZfK_kVLWXdXqbjwhjkI2ef-6eG35bEBExTAI0FZCSQtx3xVju87pwb1jBAsHcUQ43-LzphCFqgDbYQ0hkZ6RDRbJCZZIcDaXc8axLKBtq7bLpC-Ei2rPTTZ7heJ9g3rEe8Eve275WEEKAI27aXipPSY8mWLy6MKOh0DGcqqfubf4-cG3o8CYyUfdyXDFcmCu_w4iYbcVq1TcuTXrcdFXbLSm5x7PySdpNgcScBLfWF3OrYc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame 7E86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 86FB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 02 Jan 2022 05:53:44 GMT
expires
Mon, 03 Jan 2022 05:53:44 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
26280
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0C7C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2260a17d2be55e96e72d7cc84e114bfc19c5e1c48b8b447ae6fbddd720586032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 652C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=4409916342505293&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 0C7C 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 23:19:29 GMT
x-content-type-options
nosniff
age
395535
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 23:19:29 GMT
file.jsp
img02.ssp.rambler.ru/ 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img02.ssp.rambler.ru/file.jsp?url=-L3I5XpLLHWiVOnU7-nH7S4uWlEN2DzvDLyoNODHirPtZlIGFRR*jsyi2wFRSVBKMI9DmuHzP*vxd29-WnjbOP7B2ykOADC5pAbTZW7iXMBJ*9WPcY9chOMUrvv4A8JjE8iudIe0OMLoJ5SyE*NxHbHIX6ZGApnNSPOhLaYgvZDS4FTJcEBDKDhVtcPBkP4kK*6kzO1gnBQ6NYqq0PI8yHYZXJ8UemP0nVTUDymrlXWkW72W1Xt15c5BYFHbnV3ZJrb1Ddc0wQCBlrtvvpgjf-X*MOCHW3-OEvi0TCQT3MtQgmrAzQzrAM1qKCoImF8bFxVHdhvT1AyaaaT06qBP4rryvRTADkFj*pKtT0P1bPEFtp*G8WoYcYNyrFaeE-asYnnsvsh52u7fC0I51KdluYPNyANv9lHxTDuA7x-g6b9DwSckNp9hMmtlhdtk72Beo0pepKRVlTryadzUyjPJ9h-UNfGLpS41-I-5JvNYhzXslJehLQ35ULTJo3LPaONSYNCoDY7NjfV7hcgFU4N8WlHF7D2ISpI7Wnua61ArTGnmxdGVgJb*ZILHteErJmkOq1LFvTfjSgKR9lbsdeRZNtHyHN1TVO0hez5JPXKMbBuEk9ulipJRJg3cX5nQ0utObhr6gK6IMAbBo44MrOvgt4TtQtZCu2v-rM27aOvdRu8wi14MZr8Z2*SEfRQgIGimdgXPE6rRmRS7A6f4Oedtrm9*Rkg-9z10MChW9nTTKGH8Nre5qThAfy9Jzm5QqYgWgg6y9JWRLWaqo9qGCq-kwGfQ05slPaCptR-dIouiQqb*FZvsNnJ4DYSwGiNpm4rWv-z7IvaxMgrOAt3YeW1hseUyzHka9QedSt7QVMTVBJw4-exazWaC6tyFQdJY68yVgRvz14lvC5qD9czn9*45yEzIytk1IZcB1-vDVYouzWHR7Pu-K-K-gbj36fXT8iGoQZvyRtGLBt7M8jPO9lmwGnBtCIJjKi1fuYOrXFkChSheVXKzatoJVAb4BaSd-wBYxyNJB7NtujxpZE5KKyFlBZ4mFn4lI9sHztWp0MKQe0cAR9mVT1Ds9z3irvUJCRrQhpxBGpu4rmGbopwV6UbhnL30V-5z*KoQMaHB-GzAabit4jzkdAXarQ*uDvFVJUksjG-skixNuF8ZyOMy1RMLKzNuFh-DdAmaWVKtHoveoP5gd5ENcM6EvTUY8M6c9j2TQI2P4XrLYPKk67ibHMFVVBJtFFmdWYjdwMUFOt1oMHADaxHPHFpE9tGPNJKx90tjg-*9U1c0j2s3180mdBokGtvsS4exUGDk0aPJQ0Df1Mu22kwccTzKVaG89uGQjlNS42K9oIUKIfFjedB-tIcaDNzlcgrQywvhk2L8F9ktBQSaVvW6rEEeYk47oYGO2WQeAgAAALrcvAoAAAAA&eurl%5B%5D=vW-J8737msrHSDOxjY3m87rb6PtPygAB3RGh2HT6X-YGHdb5VzJLGMHEdXZJ1f6iCW7SAUhtTFKINVzNzjvrhRcxc1df0c1obRZR06YHxooCAAAAuty8CgAAAAA&seq=1&capirs_nocache=1641129104258
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 02 Jan 2022 13:11:44 GMT
access-control-allow-credentials
true
x-passed
2bal1
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 985D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=391207100571439&bg=!hoWlhcHNAAZKWFskSlg7ACkAdvg8Wmc3lvIFkH4blapF6CHBkuwB5XM0Rji1ywd-aEazJxUfoeYX_QIAAAHBUgAAAC1oAQcKAIz12i-StzfOM9-wpRnjtqDVwxeu79ZJ4QuvER8Xye-qMcl1je8itdO_BqKasFYwGur-w5pjjcIirRT3X6gUmRtUo6kHcoTxQVU5M8gthj0egbPgkG4QhE_SmbCw2Z8fDmSnyYhhFghuUPkPGm3pAR6E0C2izZ60TEsuKlNRPmfGlEo2qQcZNfJVQA075pkCu-516x9_QbkWYAwwWgT6rWcV4uLvcIw2yEVBOKdjOTGyxd77Iy07Zs2ei2BIPBev1ztg0wGYzTTfB-x3nZmbAKHR5fIoSz1gv0pbM0e8aXfgZIcEgt1NDmsjHU4VilUdeErUYr0voXE49Ye_eZcH_KFHbqhFFY_dHnUlC0Rv4V7PQ1J3y0COv-MyUmqvDsf6ZjFxOoKuc7OY2CafmHyEjgISKhTLl2uBnK8GPgLATqSvzBjPqSq4ghEdyCTN1UBjfCFGsPQlZXlgJMs3voAvXIAXDhKXujrIF9kVZ_bULMwqovzQJUIq5YABQIRC9j-wpHzpdtbP1dhKQ6XL52pnt0opMK_PFP3CeExivbhXBbFiCdf1HDB_L895zPr0z-xs5Jkw6FL5dWHgKwBx1jCU_9QnvNiqHhh3Ijavjr5BJM0nC4JUsHdn0-ykTRG8i7qWb25eOD4B8tfMQ3eZnN7L9A_1gIuw0bbzYo0BldWVpSGnOwpHyPdciG9TjoHZK6vWN3dn9atB5bZagj_O3VNlEEQE3C2r47YhRPr9WB83M7Dg2p-gdzLUoAlYSgN7B_oAWVT77j7Uzv5md4hy-Kwg3uzclXeXYlOb-irF7e1stbnREN6E-B9o6ogHJazXyKNBoIz5tV9-1V2nssXpH5IFN8v7zT5V_PUKxWbfUSRZYf64b6BrmIPOPVgN_emqonA0a6P6hENykZxz1m2iFPnaWGg6CgxEwF-KKVkCRW5L81zTDbHxtpfdA2-x4QtAyKmC7M_uhsTHnfVVRmrtxHUr4tAnfIbcodR7pYpTuZsISFYgWvo7XI1FD3ESsti_qffAQyAHMju5gjogKdlkl_yi5sVnqCmUX3VZSIXQrwVcbPrCeKFnuAQjpSUkps3BQnZiMC2Nd2Ty3c1E0oFqr2ozEMr6ZPv5-FZEmZLtkA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D938 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2139386656920698&bg=!ammlaS3NAAZKWFskSlg7ACkAdvg8WsAyA3I1ffV853Bene5En9TBov0xrST7rt-LgO9-3ng1TDJ6vAIAAAIJUgAAADVoAQeZAuQsjfZ2I_3fGtP7bARcRqsxzZQUGvAM4Ta9jUIKUhAwGJWzwwYSY8QwU3PsIeTj2_Raf6vyPg6Rqi31JkJ_7yDki_q_jPp0y9XjjUfu67tP8ZEiqqKOUT0cDcEWo_z_6NOZAOzRUM28ir4w8VnD2a8W5c6LRGKKKUnqYLaeReDHIUsHk90mT8AyIQRzrDsOHlYd14TTbjmr0_P4N8965ZbYRMH07iAHNpTCiWMWnwM4VRm91-7CI6-dPcmWVe9ivZysfqUAxiAyzRtPpCRB1sgdbf-1Ay0rWXmYdBkwdHXs9PZTkyzmlyRUhO0EcdvsURLha9KDoLQyTzKZR4GivWKnWj1t78kfUMDyNJmVOH9YZTlkwqVVsmHhh3bbI0oQdKT60UXAvQ2eudUWlYF6BhEIQuvM6sh9MOnevvKQpWhdZceU4gIjxtRzL1aZncd867u8yrQ--tCtZveeyN0dBb4YetEohjmXNNVLdTXsKm99nGdCMxtQfHwfqkkDxhnluuKeBvMYL1WbpZDmMHpBSG3KbnAwJFsFtEFjC5635L-OM_4djasBnyeZuTnzUlnxP7HJ7aUTid2g9bMKiHyuGBrXlDMwiIZstgQYyFoj-iV8__udxqEMrxR3wSAJIEoXiBr-Bb_t8WTIcidkdG50QmZ7fY4SbY5hJs3_C3E-tVqusThvxm-99brBzUEPm6fArbaZv2tjZt142qtCqjMNSVZY3u3u8Fps3jEWEZi2Q1ITLpX2KYPNrBW7HsnH-YZORQA3TezJqksOGLlck9sptvcCZIb7jJRFhTTrej2lRi3ur7BB-cwrPQunA6GG2grIFJmPFqXl-ebyCFmWHIY8E_r7z2KJjd_KRL3okfDz8ocBVqWBha3bJKgoMK2Ugs_qib7aZfE05iSt8eYJfp6JKPfffYa_w9UJgj9-N0rpNkUeT3icnSWzQv8P3P59C_dfKcbdHS1Li_8KMiNDc0Op4lXOxK6-6A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame CEE8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 12:48:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
87774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 12:48:50 GMT
pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHgwloW4XKE4jTJ69MHadQA&google_cver=1&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKPN__L28zEADAgIFQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40E9644F3892451AB00F7B62A226C3BE&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40E9644F3892451AB00F7B62A226C3BE&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKPN__L28zEADAgIFQ
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=40E9644F3892451AB00F7B62A226C3BE&google_push=AYg5qPLcBMDew1GUUris-JeiIdzLHSVrANe2JuKEWarFALypRNOlUu-_kPRRWU0SIP-giZDw_KpTvGbdsjkDYKPN__L28zEADAgIFQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 01 Jan 2022 13:11:44 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 86FB 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENClKRrPJQsWFDTBKHyKXhA&google_cver=1&google_push=AYg5qPJIu7U-lm0kRsKhbij-R-sLc7f1vbwAwSD5SAuoMDz3CDL54uFaMznI8ZAAAa6LtjxCYq2mp8pPCWaIo1WIvL92oKxZ6qxFzA
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEmmA336dVLGWilIuIUG05w&google_cver=1&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36H...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36HhOiT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36HhOiT_mXRBnABGJ
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA0ODU5NTgyNTkxMzc1NTc5Mw%3D%3D&google_push=AYg5qPJq8vrqaHPqwsW5eHUvDfNIRs_eP5nHETmYf1NARW_rNy62ZP2QLcU97LVFAjFL1Xl5XF7VBFMRlda36HhOiT_mXRBnABGJ
Date
Sun, 02 Jan 2022 13:11:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJqlvPKjjFJXcWSWwD4CLVA&google_cver=1&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwX...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=3c2f8d7b-3a7d-4d76-a5bc-b5d2aaf865a0&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwXu72xHoDeBA&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwXu72xHoDeBA&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLy_Z3M3lqa8r18fMszZKCrvVDVP3DKblv-72LxCnRuXCp9MayceDvaAJTa_N6fduqxl5hm6gwJK4r6T_wFZKwXu72xHoDeBA&google_hm=QyFfhymbQdmXrSKn6c-Tqg==
Date
Sun, 02 Jan 2022 13:11:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEG3x3M1wj5ZOjQG6R07C_w0&google_cver=1&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh2M5kKO0Ii4Sm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh2M5kKO0Ii4Sm
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 02 Jan 2022 13:11:44 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPL_otGROWH9Kgf_0iOKPu-PIeQ8EuItB1sc63sIXynNCZtjoaX_REami9V4bjOa4hc5SYogmDmvrpfMGAXh2M5kKO0Ii4Sm
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
wkdWaWnmzhxUG_X_AnN5JkCnLTUZ04GNSofhQgC1LvcOER5OF44xGA==
pixel
cm.g.doubleclick.net/ Frame 86FB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMa-_9PLg0t81MQJq_suFbc&google_cver=1&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_zInGytdcpmd-RPDPSKmh-tsEcMAMzCRa7SpxeI...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_zInGytdcpmd-RPDPSKmh-tsEcMAMzCRa7SpxeIXrHQ
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODc2MzUyNTA1MTk1MjM0Mjk3NA%3D%3D&google_push=AYg5qPJoCxQRSvABf2UTapWb7KDRs3vPcZCnCGPV_aXj8Ad_D1gJawg5TBs_zInGytdcpmd-RPDPSKmh-tsEcMAMzCRa7SpxeIXrHQ
date
Sun, 02 Jan 2022 13:11:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 86FB 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGwh58zcfAfdaJmEpsXAxrQ&google_cver=1&google_push=AYg5qPI--x-xBVTQb67Vi7TVXg_3PhDVY6NAlRUNsT3PY_9gNg8oDCe5wjAsTfBQFi4MycuUGR7GgBohuFtjl41GEuv32KS3C_Z6H_M
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 03 Jan 2022 13:11:44 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 86FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUlTdSUz1-44qAPtW5luieLCrTSV1mtw29swml1jgdffuOLJymgKZY1pdfocZs505Ekd5M4Q
Requested by
Host: af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
URL: https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 02 Jan 2022 13:11:44 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame E53A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=503423074378876&bg=!hYalhsLNAAZKWFskSlg7ACkAdvg8Wo8f0sYq9OwU0-ZuB2Zk6v906NCudpC1lpBpVXUOa15c8J0YmAIAAADEUgAAABBoAQeZAtLrlqRSMIKJ1yijyUF5m9uhAxsNqQhi1ptPb_Q6a3lUVN0dkF6Ala0JI5yrV4SG4408wbyj2NeZaDUoBxI5UtKJrMrqXby-X11RSZxVSWW294jZav6kvnlpKmatSnYMlrwP8TPhY4Qt-z1Xy_fJ6qhjheFSxcUihWD83319oYdvBsSKtwY2ICkzen84W175GBAldSzghYJ95TlxVLPZ1L9VRaZ38XcJpTSHsIkBGdimk6WpJHdl1gCQwEGwuI0K13HE47BCjblHgYI8f_soeU7KCJ78-APvpnj2wfkUrQymWdqxz_VRhgB3d2dbIXuRNLXTjIPjO-Lf61mBAXFZuIBXthinE_bq9bhD_KXktSbGlWqcP50VljN2UJByxQwWUQg5qeC8ecXakKkT-6MKdRVOB33E4bqQKSX0WX-CR2bBfn5y6PiXVHfSCBclBr4GlL4N7Ac_G0wH_oOAK--vVvn3zn4-8zOfnAPR4ZFy31pS8n23-xO2CMciqR8PcTtJZ0XakgQgtOrHnyH2b1Arpnw_dc66UVwsP6pGg7fCO0zNXcUASsuV8pYyN_lOa1rYScDoq3Gig6bwKI33dAQvkGd1pwQ-qCm0EKwUG5NPvbT1OSsx0HtFhe8a0vjzu9T5kMdz3zjJpjvz-CCkU52uPMiuPzjbRSjtB4K36uIHOJ80gfXS4H3GFowij8aScKntPgeSiJA7312beECI4AeoKkCtuLE8KJpm-DJRRdu4Kz--PVWV_VTe1_BtLhaKVt7ILQSQMrgnWUozshByd7a3C3DDOfNbFSOGtRY-NB-VmAqKGOjtXZx42ELQEU6QH39ULxnE4Vqv1Rg5hEzUxFg758QGyWAZYrzRlcQ7nUZPgQS4Ee6kRE1Eu01CjtNJsh2apZHG9z-q4TX_yUbYePzinOOyKifaBUiOD392byHFtdhBxarOuYAfYyNaFsO1JCWLDJMUdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FA2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2135613159901095&bg=!ZWalZiLNAAZKWFskSlg7ACkAdvg8Wu7xw7NCE4x8TxAEG6-BhJ8vF1W8qWNvvqYind5JYsbA3XkUYgIAAAC4UgAAAA9oAQeZAsRLBuB-hg0TsOC9mRu-sd_gVOZJL_eIAxBafNaRUoJtib16n6v-Lzd_Tya7ViEbTNXhX-0dicZKF-N2ndfLUoiUdlJRI3ODklK9qc8vnuEw4sFsYtdvWHCOq_C1bjHsRGp3yEYGVCjM6tAw53pCZjVkpFm7pPlR-wh-2iyGe1ELxHHNpPnsGe_z7S1SUV4rNOjCs3E4AYGEZnUiZYqBMgREX5OmZYZYIGqr8use2nWMwNHsuyWGUGwaUvr_ot6s5yrkSnQEtmfYN-zLvvZKd3DUzQzlUxsGX_9Ud5HZS_qUUI3iTxh4SQ8H92GBUv8XOUtgPG3guo_6P3lgW1Z3w7qNiWvhjHCJk_uaRzHsqhnM-fPmLOdMsx4-7n4oEFda_onJvqamtx6QIPo9Zeb6paDbZ0njj69QMoNCwcomf3oig07AWWoKkK6mVu_XYtjrV40BGocRFWH0-DsrmTJdM3rifmaFgP1dtwe4MmHv5M0iQF0kDlzX25TWyJsddggL-Af8at2orZLQyWPpB-lFpGf1w2hsqG4s7gFnLAgyJSJM_7DzkJUZpmWbKFRxqlt60gY7Vk_FWT5l0YgWo7OfRujjxgNST5htSAtX4LIg8ThN3f9sBrD2CFxkWDgipjqWL_75pzg3fgsRvu13R-wCv7F3CqLA-9QJj8nunj4IzBPTJCrG3ajA-nBonbHMwkEsTRvugk63m0jEDb_Gti-Re7pqlF1PC80l3TI3kQWp-e3HZfewiRPyNyDNS_wxTsqNvQgdHktpCOKYj9sSuTwU1ZiU5TXb94sx-UIxFqIGLcIvS6c8SzqRDbIbFRgMnhkOH6Rd8T6fmlccjeMMr9EVffjaWJuDMZT6T8NGbClbGkKXVVECU9Fq6m-imRf6YC09o9aAqO7fVV1ka6Fxyk-xqQDRO26B45mfKrh711KG_YpSHLE-nhs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=4409916342505293&bg=!q6ilqOzNAAZKWFskSlg7ACkAdvg8Wrnp08Wbq4XJGhWxDh4TwO-KaASM0y1lUqdofa-cu-Z84LoKzQIAAACMUgAAAAhoAQcKAGwwKMKB-Y01W4Buez9adKupZL1ZN92wGGNJ-ivw9VuyxUpYU56RBqV-A_M1qvxtIawUEcxW551D43chsYZ3HzeOVz1h8blsq1dpBlirroF52UrWijgJ6wXsVDOjFwEfzpVSfMee5S8GCKploniZAqIS97UAiuQk_cH7DXDe7i7cTOc6Ezkvp7bqZRA_pD0SpHVEpQGb6Z5IZGM6ryKPpnz1fAbxNUP3EZiHQbQ8WEe-7-3xDDQZ2bByd3cJiw43lkOv1n-Ri6Nm8EqqM5scxiFx9mDC-6hQB8ySV0ceS0zWAdedzZAvtSUW9XMKmsw7-0sqcw8svy0w_-zM9i5vahNACko92HdvuHPVLT9YKcpILhEkxyFRStSYgfzpbHnC1RQAvLbP8U-eLzCrnz55MKiBAjkI9y3uHlC9ZhF5JEmCi9k8n2EPWCIwbndaH5gtUnlQXs3RvqIxkTJWmfTmasWs0UNfgZgFmLNeSp7z1rdPmLokZcFyv_xhOfGby_-a1quE4NAsYoDTJfDHwj1cR_gNUkCc6x516_lk3WPDj1KLrkc_WGvg7f0nbTtbF7iNUng_2QmoC1WRLbtYumm0vQb1rmv6pz4wqgI0SkG7oo23DCqhcRmwL-cqdsplziie_empVY0kTTvA2CsLlV0E4g82OJFTeXUemf3j6o8QJEQjPLLzIMQWNjO-HnnnDaDM_qfDy3O4YYnkr4YhG6Om-Lzc_crjUvLYXSg1uKppf_tjIi9G5-dZ0D9J9auFE8OXeThZAk0yL2u6UvXA5Ir05cUvpCt-KBgpJk-KsFKx3jcyFyZJHM3tl86KF2y_HfXnJvRnaC3rmACH37WyOIihZCnD6VMdFN7mzCXzJFlF3WUpZfGSFGPnQGyEVJtDFrvCkKYeM1FkBSIUYf131rZqWujL950Yp5bUxHLqw1cLaEmH2ZFmZdfzhlA5b8wGUieWiYkA76ithPyPoB2m3nJW0HOkLHpS3fyP4VfJ4rAChilhVbVuzsnJsQHQD2_dK4P2m6CZUSKEzLsmanqtx4LTlEKlig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ugt7s7.ru/whome.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sandbox
profile.ssp.rambler.ru/ Frame 1D6B 		129 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://profile.ssp.rambler.ru/sandbox?img=HTMnBauXeIrAQc9KE9BriOQL4NGNjSclaWlPvzz-hTqlC3QQd-CSSkKyOJoYJdBeP2e5GHXNlIqAqN3OWUQmnLB5RSYeVIY*-aqeKHRml9tr5ImkUmHhz5crV9SoZAyeV7duCTUHyud9YX-gnApMxgIAAAC63LwKAAAAAA&img=gFdPR3kLgpapoWwDQOQYuw4Q08HK1t4l9DcZ7ZUS5y3ywxke6tPBccOVO2PuObLdFDMyhv01mkfIYSfti1hHkwYNFv7A0BXOus-z6ay9KIQk-TRqXggPZTd27DvUYl43JT5yXkinmFWzXWLKhZ9B*sNwMOVdEram7i2KKfNyGggCAAAAuty8CgAAAAA&img=6R2JYQb7HsQUiPryXZGo3YJpz3pkWQGJonRS3TD929ptof2DlmUnXXcSBt1dHzTOs--C3QPmuBqyhJNzkI1BKSc1nzOg-pRQQuwcKhQED5x2olUiBf3ZiilmyBY3O2OBAgAAALrcvAoAAAAA&img=*Nisqxon519UDqxeKybvALL70y1**wxOQm*id0JXbDY9XZNWeRSPIO1Ktd5wwURtyMmAZhZtkh78KXvDAeKAUN8g8CiNHYkTGkiCGQOY3S5TSLS**GvQOkBg1JBMMaww1-5-PRtLCMKnQF4YIk4DAQIAAAC63LwKAAAAAA&img=Pc9vZ*P5IiBTM1bixm4vlUgnrTw-sgMbNg7CP0eTUYXD-lK4JUVZluTIN0bgrLqFyeTtSBeaGXJCZL-tunVp74Sq1*f35xtv3MBxq0nhH9brye8D50nRVNkgmJT1jP9F*Q8MHYRHdqF6PXcuGu77cAIAAAC63LwKAAAAAA&img=V1Q-Cr73XcupemkdZDzChevupmx90X9L1e4nQOUya2hYKXWGrRo--Zar*7rnZWQE9RM3CTxxYgTF9m7a*c91K9DuTaC0zNTd71it*USyLcuVZJJ28fr2kTimJbxm6Kr8ahqojzGV40CehecO2Idao2*jFBvUCXHJjtOUFYgoMHsCAAAAuty8CgAAAAA&img=bmPtsLJcs1hjEkREU12QEIK1QFKU8bmI1LWc7WIN8x9wKFmO1qR7rW*uxUAmM4PAoEhswChcks3Au8ERl8KlBNmGKZWYId05WLLeiRr1lDtS-EVuK27Bn1iAuULKBySRcGVYW4i6ThXBI-qkcc0tSQIAAAC63LwKAAAAAA&img=BP1qit3*vjJSY8KwSl6NXozd2GkxK3*JmTe62*XZ6UfoxmZ78HtPITRvYdGGL0Tzte-P8KkmhB0020tRfTbLPuv4OHs5MbSNFEBOx8CQsZpvGLX5L6NRmnffTFDYwLU-dzluc7HBYbbJLY2Q5GuURgYNbdoLMjqe8s1mqSuJaDQCAAAAuty8CgAAAAA&img=3wPjFiYUM0M*m04CoumB80c7OMx1XmRc0zSw07eUWYRlQbCX707j-Xg2rC2RknjzRnfCrvLjR8D7trqIl8ZdRNCgGof5R8EhqAmAkLyz5BzfRBl-Qj7IyYDuc9D7foE6iGHYRyj-uSfkKtmN3FE2*GsdGT*QQ0enpnQoJQo3K4Sl16pV76c5xzDIajIZUlupoCINZ7sPx5ylmUG2DhBs7QIAAAC63LwKAAAAAA&img=T3B8iPjZfFRiYzv0cQ*Y-T6I7EH0tluhWxWVtLa-6WItHzvYeaxkBUz4KRBwdEvA8n8AH8eyuctDVpgF77AtGWx*C4*REf4Gl5ce7G8Q7n1GOJI6ZyvnKUva99PjgkIUwPXchy3UZ5tV6rHu1raTzs-VsvFE9Hux7dPUq7wGb49SLaHgb*wJ3aG73hhiitJ7AgAAALrcvAoAAAAA&img=7HcXdkEDwiAkoor2IQU5vkNtYzXfVY1YkVXRyAr*BNvKBdQkI1kpTyMayP-nWA3tVqJ*SH-wSUhFh4gypJc*5K9v7r51uQ0RbyDFghaH1sSHAfM*z3*cgATnXbitlyPJZnax5dbz6qkGHLuni0za-QIAAAC63LwKAAAAAA&img=3CgwOy7ge-kEjPHXcXZBZKVU4X1JcnZULuvE9WuqNYa2-5an3d0iJz5TY5ZBcAyk7VrSu6uKXGRwyw4UkZkuw*tSbXsrOx*auNbQzvnd9wAOwXnd9lYGhLvnlqmqiFb5L4qg-3cmCeHdfFK-epGZCdgzMpptqpUsvt9n8dlYRzYCAAAAuty8CgAAAAA&img=lSZFZ6d46ABMLc3EiCLCIL3N6hApKrnP1kr5iNDTmsCF75iyxkpLb15vjsU**yKuXhi1qlZlPiGxIF6QfTf6NcUOews*r1U1GGF5mqpzG0qbKE7Zow34uF5*5*aL87B0AgAAALrcvAoAAAAA&img=hyqe1IllmmeSfACr0KtV2I4N8WGeS-FKcZA4jYNQFW4MvXIGcSE-3j2jORIXC*HIFPrE7ehf2UKCzIAk4RbZ*r6YFwNu5NUzqSoONQNkViNSngVWabaQwvMhtRxe3FmeTsPLK2CjqrKWvCTzRHJp6QIAAAC63LwKAAAAAA&img=fUnwtnVMX6QdQHBzqKframATubmX2ppPKeEY3AMU7QxHnryyZ5p9ffqeknOIhzXxA-ztIaVU4us4BHlfZuhF57lGlzdJG8QSSTXighp6xfFvVT5d9fRWQMvCHIpGj4CwdKkGY-9S8AWvbpOZHEWR4vOSKYxHeVltWUOMskSPgdwH4BPoTW2fg4xWGwr3W9v9koRaFXdA26QVI5KNgx-tUDKXWHZ4ckcxUvX-J4oB2h0CAAAAuty8CgAAAAA&img=TZ*ilxkLNogng*yDq6s6MUm-j4PBbwApWaDbCAgLPBUc*Nqtm8gr-31KdD1POJoZRzBePSC4HO2E-hRiM9E-iOtzSWMqfp79vvWNyZiJuc-okM2s4hPilHP0g02QeGmdAgAAALrcvAoAAAAA&img=VCICewSSyAmR23oDJEml3hnQ53eP-m96AdDzVXjluawYsxKg7vsAEqsfyF61*OiiFoUCWH6WEs5qG2byMen*bFfyzONf*4UzRRDaDRFnfDArqG-4ZBs5LXKz5uN5B151Kl34nnT8T00i6trGIZc52wIAAAC63LwKAAAAAA&img=72jTRIvD3-Ez6HwPhUeKP0XFTYISJeN9GrpGhxUXd*HEwBMMwN0nd7DhhWVcm4YVfiWdHytCTpzbwS1h1tI7Sknk03yaj8ynBgmPbtRSFK79*4cile45Qqm*oTyCU6Rhwc7BFJRrJtgMaak8MWvcEHK-1fIowNkozF75vSu4GiD-b-BeWV9xMTJ2z2Z53ubC890O90j-yPB5r*YZmbtzQufLWhFRBcpiBOKVM8MsNNT*qejQ8Ji4AeiWOrXkJI7hXqzskO2mop1TyNfb5pqQsC1OIjKO*6kOsBfAEJnZM-ECAAAAuty8CgAAAAA&img=Trn2ERXE3sLQu4-M6NimmYs1tgFypRcqrcs-mpcrfpFFx2EBanAu5MYUY-zcGNfRegM81kzoN*YJRet9VQShOxbLdjuYUagg1fnJTfu21Ix0J5a4aaulfJenNYNtI8TnAgAAALrcvAoAAAAA
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.ssp.rambler.ru
Software
nginx /
Resource Hash
2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://profile.ssp.rambler.ru/sandbox?img=dOsQcBvSxnb08Kd2h7w-yXB1eB*WXko6MeJaZVEo42-w0LnkzigA5Pq5VvrTN0Jzu2gShu1kKA-ZYqwUld1KPUw7h*OqZM0MTwAVR9GryC6nJN0qmgiIvjuY2e9ZadWmBP8QH2-cmj6TyvM*jYRr-QIAAAC63LwKAAAAAA&script=sfgqweLW-lKRJrDaNnppyQT-kgYFxE3revd6fZNtrrIepeBScSDqzPn8fKPjdYs24bPmn6FFjz*NldEZBR5REP9AnvZ2U3diMbHDm7Ue**srLv5ve1x-fjAQQjq8h-prCNaE*4*3nOP69d7J5rTdSQIAAAC63LwKAAAAAA&img=krCLlI5xhhlPYtjLQakeZiugnEmj*0FjpIigae5yOC9UtX3txmKrBbM60wZu9vv*NkJo-XCATp4eeilOT8BzCJn2JzXhKsFYpPfmTrXymChzrAmBbTz19PJGOOfYRdpLqWA1Ou83WazlJe-4OOFRy*NKekdogFWfm-1gCqfTezi6AYjB9fZaUEl6JEHShjhk3-mL6dpvyYtUGzkBf4xYmAIAAAC63LwKAAAAAA&img=YLAo8sPXua1QXzG1pW63Vc2nCQHHKjOz2r-ggRPyMbJUOpDdVq0TSBAcYMtDf9C0r439UCrPFtZT82DBczb3a-ObSGx5WVqvTXY80la70h8LUFIsAc5xSw7iVmrCUhhGCXZX37VOW3ME6iuR4xxIswIAAAC63LwKAAAAAA&img=FUbwdGuKd36E8GhuwiGiyMc8CfzOH09aDNgY3EpzqAoyaLJ-ps9ElZ6gYh0W4Zka9-stynhBn4uWrowe7XX-uK3pqMupbNAm0YESxh3xSAffifv-rbKlh6NO5-qtLzDuDdH3AYzZCTLnZDGzBS7xSQIAAAC63LwKAAAAAA&img=ZxWjA20Wlfsw0hdkaMmNmeqVRNT1gqRV4Yk-329syZcfLkvAu6ZPuisOTnXOSTBTik-2XJJEOatkEfW*DknLcFTB1OBqdV*tgkrfgUwh2P7pCW8X-*w0jm7qqV5tgxDlAgAAALrcvAoAAAAA&img=Ru3QEQP8tZWnjD-tCMZhgfch3cB80NoXtdWhZ-LCq4VpQUHvHk4EtHz5dYNANrWlXd3yAlhEY1d*kyyc-xxpt9BZ9euL3nXBjU8fo3aHSJd149bzfHdCMiz7rwdJtm*Dj1K11upF1lc8jGG46IHCDFrf0UmQ*BaCU4zy-k70xakA0jr4Eh8XSv3-NyObO7iIS21jzFOVs7seYlSJMweJnARgMLB3zesgvB4*nxPO240xpyijuS8uWwraORhB3l*K*RL9qYPqQI8G2WfoUpODTBz2Jn5RQJcn5YIfk7YhjQoCAAAAuty8CgAAAAA&img=fvWNGH57DT6WGFigJPV9*SGQadhxNSqExYDJ1C4NOMM2RaToiVRqoXT83kRk*s-*hpN0ng9y4eo3tIIc7pcLY4evhfFsC5U56l*NikSimTqeoiqZ5nTzSlruTiFYiCsWgtiVs4bDxAoQGBSHRsbDNAIAAAC63LwKAAAAAA&img=aji5amtjJVCiDEfZXqJnv*GRqrtMDZ0DdXPdvXC994Dgr8h81JdcYJKGyv8YEtCDQ1fEx23iKK2OcyuioTjjSzWeK8ttB9CGtdP5jPjqi1zr32pXfcaaFcGvNRJXYl4As8Kcy-tAFXdfHnO8dy5J36VxhJuTohgahspOCbDMLlECAAAAuty8CgAAAAA&img=QV9-tli-PlsO*dQVfhaFMrjrOrkiSrek6ptm67p9nvzXIFmyTTAlC7DfvCW0-LA0AK19ASwP-aA7zxaN9ipsS8nXBF7haGwQOo-*25aRBoP5tmicgioOBaixpu1rfNcj-3mtqjlHQn9B*5dTwIrwAUfu6zKdGXEtj40TgeOvnFoCAAAAuty8CgAAAAA&img=zMXRFeVo6z2NZcOXRjUB*fmdS9Kpx-gOAOEr4flI3XBz7XWRrvMXaGYUwyQMWztF9vtvigWLKuV3BkTZU6RD4i9s7GN7tQexr1LfOdErMSio7bSyjvk*DkmrLulP4s*-jtGiFLTMdxPmvSufuJ2wxiP7-FGSD9A-8rJAJsIWHGkCAAAAuty8CgAAAAA&img=3HaHWiQGWYriRAnu6F5PL4zuNlye1Bw0v7x6qqrbwV*qXp2x1uIsaoyWGiYPA5nngkEpAqGXwkWpBbpOZy30xdyvGCdU9bIKTWzpsNonDiAMOwxdlb4gVnREVDWgo1tDlnzdKJTcjtiv02SVAj7UC-IThptkDEQIOQGnAY6rkA8CAAAAuty8CgAAAAA&img=Bb4uVGIwnpkvUCOH-OdGZU41x4cRAFZe7Dk9kThzet7lDovUNutk0FVFDw2BLSvrHS2sBxLP2IC2wkVVLF7qW-3pNMng9qm1V8aQYVDq7bSpLieR-Z4XV1qY0FxU1xeqf90nXhjJKtdsvKuD4WFFGQMhlNquGr59G0BDRP1gmKgKBkJkAorxr5N72odwcAlWjdTHFJfQSd-b5S5quQrIhuePWCUsbO5JWD6vN4Bl3jkCAAAAuty8CgAAAAA&img=jb6kZp352DB8xrKL-J5hxSciBCZAzCn1qUDxDCeiDlD*RzKmZYRLOiz-tWXk4neYI4Hi3SncQM4*tc047oeCmxvQ9dAQHZS0hWZSBui27ngkDlZQm8T5sdCGjabXRIh0AgAAALrcvAoAAAAA&img=mk5gSgFz3OMHMX7kefnkaTdStA8JnumnZzMPZZX8JhBnvr1zFX9ArPd6jT21Tms1DrNmtc0FWB8iBBUb1mPyKh31tkQSBmezGDu4XmCa0WGdpM*zL*3iSIeDRsXJYrf8AgAAALrcvAoAAAAA&img=FbvyMm0gh5*igI73ODtxaUpMdYl*an8jJio2VQ1aw5idA*6Vzf9kZFdLi3kz3yZP*Q0KK*m46j8T3UiLHRP4kB0T7JwSNUZaw9cSKOYOGfBXybotfVwegUh2bWWfnYrT0hCPo9Jpw38gOet8evd7HwIAAAC63LwKAAAAAA&img=PwMeWKsi1OqU3J1Om13Cbru7zFtSKyZjgKMQ4bdyYvTvXf5hfEsj02hSxlx0Xa35KG90lVzXH2MgnjHoJc74A03QAnhUcwOOWQgi*FWpaVgJjXztKCxhbTI2WF2x0iQ8Az-7sztDX8M7BviLoFQHigIAAAC63LwKAAAAAA&img=JYknAeYWP9JcVEhVlfNIDWcCDG1TS5gH0cEmi*y4vAXgQWXDXV7yAHPx*Gjs31TOecLXvWYzGJ2I9qTZ4bc-zexBhSCvdxLLGnKvMnocUIm6NEPjGmrF91pxN4rpV*Xb8ZK4DiLefeZ3Twfja7z*PAIAAAC63LwKAAAAAA&img=lRUIOWn27qi9Qyp01RCps1KLJ028wJ2VePO9zo1O8axHzc9Tbib0M9qDQ8FS1*qx9aPNXcQQeW-RqpADoR1LZp1C2-KKQ-utROyGYWr03mpo5o8FVQTlqSoc4c1fi2iIAgAAALrcvAoAAAAA&img=xlj9Ar4lfdrzZHqdjX10GiCsvmDLeOgR020IPQSjpLaurKTBiPN4jtUBrq9u-bxdvjjJCjmT1qoRWm60EfDIzZZJU*lCr0VbEY5v-n3EvczkFtA65aiv*A38fEswsj7NFvDGAXolv-RSmuHKsNOZtM6GACq*-KeinQ8jSPy-kfZN*-gbdT1PjpLTruyOKDC6AgAAALrcvAoAAAAA

Response headers

server
nginx
date
Sun, 02 Jan 2022 13:11:45 GMT
content-type
text/html; charset=Windows-1251
x-passed
0bal2
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-encoding
gzip
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C7C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-ICb4F9thju07ozx_r68e9O4-RKSGjZvkX1clbTD-48aUSrmoS3UxUt71Whszra3veU3GAn74GeDYQjYbNRYyLU-YUnu5Mn5UeuK42DCW544A7VXZe2bVkENqU6AdKLFJs63aA7cRTXXRgQ&sai=AMfl-YTXoLsUoIxC4rjY8ntPRWp8mscffB7b3tviVJkQppX5lq4r6uvthjTBDCFuJUpugRPPirtuatZi7mvfQBgAEGY6fXw6HXX0yj0DCv_dk9tC2LTCd9P9_TlEqzo&sig=Cg0ArKJSzFMPS_Kq51LMEAE&cid=CAASF-RowCpmeQQF8mHmGoUj7TDd4Zws-tcT&id=lidar2&mcvt=1000&p=85,315,335,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4036918566&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641129103862&rpt=495&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kraken.rambler.ru/cnt/ 		3 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/
Requested by
Host: ugt7s7.ru
URL: https://ugt7s7.ru/css/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer
https://ugt7s7.ru/whome.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 02 Jan 2022 13:11:46 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://ugt7s7.ru
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
application/octet-stream, image/gif
access-control-allow-headers
content-type
expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp4ads-v0.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp4ads-v0.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-ad-exit-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-analytics-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-fit-text-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-form-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp4ads-v0.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp4ads-v0.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-ad-exit-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-analytics-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-fit-text-0.1.mjs
Domain
ugt7s7.ru
URL
https://ugt7s7.ru/css/amp-form-0.1.mjs
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/17151699583860951539/6592766407814317453
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/simgad/17378830689005347748/downsize_200k_v1?w=100&h=100
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=0&cas=0.000&nas=0&wls=0.000&tls=0.000&was=0.000&lcp=0&lcps=0&cbt=59&mbt=53&nlt=2&nif=1&ifi=0&eid=31063820%2C21064365%2C21065725&top=0&pvsid=1311268864144586&gpt=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV6vflb0o6ej4dziYwfuzcYSgj18NZS93ZJ2pZrrt7DnITyQIik3ZR_NDRoETcz2DQPlWGnbNtttbO8OLYoRiulDpt-KX3X0Mpdbeq97R1dSHfv5-8D5RH2xRP4l84qgvB9rKkBxHnRYMr75xd4k7RJ6BJtKT2_-5m6Zl2qw4ONFcl6OZkPehr7VQ8qB2koDBW9TYEkuOkQFTJ6GRoZyH_MKsirEasP8fFOV7ViqgpGgcaLWTui7FuI0nmQAc6dWFnM72x-Wu2Sj2h4OCnawGYEqRiERgr1Zi8xJPOw663eq2BpS7BBnUmlLV0zOYYOSnwnp8L8qHv&sig=Cg0ArKJSzNytDrov8B6vEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4spOuwiBSThzkb7dWbZUrIJ6wR2Jd6zSgRyj27mqpqQXPTSXaxs6hpuzR3Vt3OqceHrmK777DvSsk3IOPDX6vC1I4BWX6Y94w2fBGQwVOLib-6eI5dVwGDvd4n9N7nPQXdUK9VZgki139I8gZNDYZQ1k_3tM4sEu9WtXli_dNdIqDD3liwj0W42gKoFrIekM3Efy8KwvTdZWSTcYBBTLmV6Yp7dVP1ISQryGSrnsnfyPlFTV3o7ma27fFkdzr3c2ZUgKum7G2QoGGUWetYciwla2UQYVLuDly_57ZgVkh4Wk4h1LHiNsRL0Ep22qZD7KqG0r0Kw&sig=Cg0ArKJSzKAFyWouEpMUEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8KgsJtdBVV6_kDuCw_jA2W2aJY2cCNX91K83znE380GDMFLAlM0D4PaXmgSQsd2JRUk2T-1_4upYJPStgFco_p3hsG9WN1e8GJou_IczN0bfrCv8xJZKF0bLp5Iljs-b5HQ8UPt7SNKA_oS9iye4yeFrFhQTmedveIl2blSD7KdiSzYZ0hUx2Vspk0w3h--JPgoI9F6ph1vZ7GD-WCqZ4jPYWZVuWBTJDoZ4Tw3l4DQWtu6oUg52MmblqRR85P5bwuxZCxQ1qZ-U1NqSAjxImabcmAP79S4fHUkQkMSmM6o-1Z3FnHOACNm5VGr_UHg&sig=Cg0ArKJSzDasUQIYKTJAEAE&uach_m=[UACH]&urlfix=1&adurl=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPkt4pPFBsny3LVY47w8i0M&google_cver=1&google_push=AYg5qPJyTkwZZ6MsiyXaytzr1FHd7fNig_gpDgZa--pPTRk2E9XS2y3yabDCpIQZT3B4dvjNKaP0oG0BZss653LzAsvsz8g46Fbz
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| yaContextCb object| __core-js_shared__ object| core object| RamblerComments function| CHAMP object| CAPIRS_CONFIG boolean| catchMeIfYouCanAdblock object| begun_callbacks function| SyncR_Callback function| acquirePortraitCallbackFunc function| rnetplus_acqPt function| rnetplus_acqPtCb object| rnetplus_acqPtQ object| pcodeJsonp51472k5pet9SnCF object| _mgq object| SSPjs object| webpackChunkSSPjs boolean| eventListenerAdded object| HistoryEvents object| regeneratorRuntime object| primeStorage object| globalStorage object| _montblanc object| __montblanc object| Debug string| af_lpdId object| Adf object| Begun function| af_setLpdId object| _top100q string| RamblerExchangeObject function| re object| RCRMT object| pcodeJsonp51484u5EPgVtm8C object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya boolean| yandex_context_perf_logging object| layoutConfig function| setImmediate function| clearImmediate object| _config_aab function| loyalty function| rPlus_embedCbFx function| rPlus_onBlocksDataLoadedCallback function| rPlus_embedCbFxCb object| rcmjsWebpackChunkGlobal object| TNS object| primeHelper object| google_tag_data function| ga object| gaplugins object| $sf object| yaSafeFrameAsyncCallbacks object| webpackChunkLoyaltyProfile object| RamblerLoyalty object| google_tag_manager object| dataLayer function| DSP-Branding-2.19.25 object| __ramblerShareVersions__ function| RamblerShare object| webVitals function| sha256 function| sha224 function| userID object| adtechUID object| goog function| Kraken function| top100 object| closure_lm_24510 object| top100Counter object| _top100 object| ramblerIdHelper object| lazySizes object| Pushwoosh object| top100Prime function| rcm object| rnetplus_acqPtCbUbCtx object| yaCounter188282 string| script string| data object| VK function| RS_vkontakteCounterCallback_742259435 function| RS_vkontakteCounterCallback_306229814 function| RS_facebookCounterCallback_1725807510 function| DSP-Image-2.12.0 function| Begun_Autocontext_saveFeed1 function| Begun_Autocontext_saveFeed2 function| Begun_Autocontext_saveFeed3 function| Begun_Autocontext_saveFeed4 function| Begun_Autocontext_saveFeed5 function| Begun_Autocontext_saveFeed6 function| Begun_Autocontext_saveFeed7 function| Begun_Autocontext_saveFeed8 function| Begun_Autocontext_saveFeed9 function| Begun_Autocontext_saveFeed10 function| Begun_Autocontext_saveFeed11 function| Begun_Autocontext_saveFeed12 function| Begun_Autocontext_saveFeed13 function| Begun_Autocontext_saveFeed14 function| _jsload object| jsapi object| ttsmi2_data object| smi2TrackerSend object| __statmedia_callbacks object| onchangestate object| jsapi_ object| JsAPI object| jsApiBlockCode object| __statmedia object| U function| StatMedia object| statmedia46746 object| googletag object| __CREATED_GPT_SLOTS__ object| 4lbvd5234buj object| closure_lm_425477 object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_image_requests object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| pcodeJsonp51606ISOnZHQk5v object| GoogleGcLKhOms

109 Cookies

Domain/Path Name / Value
.ugt7s7.ru/ Name: user-id_1.0.5_lr_lruid
Value: pQ8AAI2k0WGTmqOIAUcF2gA%3D
.adfox.ru/ Name: luid1
Value: bhjt:bbaw:bhjt:bbaw:a
.championat.com/ Name: cuid
Value: URNWAWHRpIyjyR7KBLTtAgB=
.ugt7s7.ru/ Name: top100_id
Value: t1.648840.2133838648.1641129101187
.ugt7s7.ru/ Name: last_visit
Value: 1641129101189::1641129101189
.ugt7s7.ru/ Name: adtech_uid
Value: bc30a6f5-8838-4c72-ba14-4712d1bf0986%3Augt7s7.ru
ugt7s7.ru/ Name: pushPageCount
Value: 1
.yandex.ru/ Name: yuidss
Value: 6804824601641129101
.yandex.ru/ Name: yandexuid
Value: 6804824601641129101
.ugt7s7.ru/ Name: _ym_uid
Value: 164112910210726334
.ugt7s7.ru/ Name: _ym_d
Value: 1641129102
.lentainform.com/ Name: muidn
Value: m02FyGaiJAb5
.ugt7s7.ru/ Name: t1_sid_7040998
Value: s1.480538276.1641129101353.1641129101653.1.3.3
.ugt7s7.ru/ Name: rchainid
Value: %7B%22message%22%3A%22this%20cors%20call%20is%20not%20allowed%20for%20you%22%2C%22code%22%3A-16%2C%22details%22%3A%7B%22method%22%3A%22%2Fsession%2FgetRsidx%22%2C%22requestId%22%3A%22ridkxx9w6z2gn166odl6%22%7D%7D
mc.yandex.ru/ Name: yabs-sid
Value: 1553403621641129101
.yandex.ru/ Name: ymex
Value: 1672665101.yrts.1641129101#1672665101.yrtsi.1641129101
.smi2.ru/ Name: _sm_uid
Value: 8e32a9b6-664f-4a44-b5a3-1db47502330d
.smi2.ru/ Name: _sm_udt
Value: 1641129101789
.smi2.ru/ Name: _sm_sid
Value: 89e5653b-f72b-4216-8454-8b2ddf057238
.smi2.ru/ Name: nid
Value: ads5-3sselp11
.vk.com/ Name: remixlang
Value: 6
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CIayFBCQWhgB
.yandex.ru/ Name: i
Value: y/DcNjTVRjk5TSyAGNAlPkbeDDbILOgUXb62ANH1Rrl1MFg78V1ROewtsdQn187Qyqn/zjuhUkAR7cqtgsL8aQpKBMQ=
.ugt7s7.ru/ Name: sspjs_32.1.0_af_lpdid
Value: %7B%22DATE%22%3A1641129101977%2C%22ID%22%3A%2222561%3A18274%22%7D
.tns-counter.ru/ Name: guid
Value: 93F56A1761D1A48DX1641129101
.rambler.ru/ Name: rambler_3rdparty_v2
Value:
.yandex.com/ Name: yandexuid
Value: 2447788021641129102
.yandex.com/ Name: yuidss
Value: 2447788021641129102
mc.yandex.com/ Name: yabs-sid
Value: 968629831641129102
.yandex.com/ Name: i
Value: 8gv4HW4BUwZzBmJYu9LasWwozy6EEb1r/kmg5iTJaHfQlx8CyZsA93YlG/FjQmy1X93H4SH4fvYJWi533X1Ykz/6gJA=
.yandex.com/ Name: ymex
Value: 1672665102.yrts.1641129102#1672665102.yrtsi.1641129102
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 425785287fake
.exchange.buzzoola.com/ Name: uuid
Value: e48f8e48-21f8-4179-6a58-b1023ae49a93
.creativecdn.com/ Name: u
Value: M06kVoiNBqAW3xFNIX0H
.creativecdn.com/ Name: ts
Value: 1641129102
.datamind.ru/ Name: dmp.ctest_id
Value: 1641129102120
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: d647ef3d-d9ae-5102-8a85-f2bbeb545635
.betweendigital.com/ Name: ss
Value: 1
.ops.beeline.ru/ Name: BeeAID
Value: 6e988646-ed80-4ea2-9720-62b9ed0c12c0
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3339515586fake
.datamind.ru/ Name: dmp.id
Value: 03eeb3c1-7592-4b83-a6cf-393719c23cc0
.ugt7s7.ru/ Name: _ym_isad
Value: 2
.weborama.fr/ Name: AFFICHE_W
Value: 1Lr-dwitpWPU33
.1dmp.io/ Name: uid
Value: 874693e2-6bcd-11ec-ae6b-901b0ea4a41b
.webvisor.org/ Name: yandexuid
Value: 6804824601641129101
.webvisor.org/ Name: yuidss
Value: 6804824601641129101
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.adhigh.net/ Name: gi_u
Value: usPwgLEKAG0x.AikABlF-GurMLg
.doubleclick.net/ Name: IDE
Value: AHWqTUlHWqpprJNF9RgK5v_pM9Xw6Gaz0tYIAirc3BhWbIiPg74l2NsgZl_FPbbet8M
.stat.media/ Name: _sm_uid
Value: 8e32a9b6-664f-4a44-b5a3-1db47502330d
.stat.media/ Name: _sm_udt
Value: 1641129101789
.stat.media/ Name: _sm_sid
Value: 89e5653b-f72b-4216-8454-8b2ddf057238
.stat.media/ Name: _sm_cm
Value: 6
.bidswitch.net/ Name: tuuid
Value: 43215f87-299b-41d9-97ad-22a7e9cf93aa
.bidswitch.net/ Name: c
Value: 1641129102
.bidswitch.net/ Name: tuuid_lu
Value: 1641129102
.adhigh.net/ Name: btw_sync
Value: j8k
.seedr.com/ Name: cid
Value: 68532648-3663-4fe9-9383-6187a9305d61
.wi-fi.ru/ Name: dmpuid
Value: 9nlOc3ZoReyIVMsBHtqeug
.dmg.digitaltarget.ru/ Name: viuserid
Value: m11rWhSYPAx8HqH7Qer0
.mathtag.com/ Name: uuid
Value: 1a4261d1-a48e-4000-8a9c-c4ce7bc6612f
.nativeroll.tv/ Name: cid
Value: 32416a9f-0f7f-4c8b-aeff-39778129f00d
.aidata.io/ Name: __upints
Value: 1641129102
.aidata.io/ Name: __upin
Value: aNr8Sb1AahXDY9Sr/1Yl0g
.rutarget.ru/ Name: userId
Value: 5kPLR4fgHjx2
x01.aidata.io/ Name: mts
Value: 1
.mts.ru/ Name: dspid
Value: 3ce6ce22-96d5-4a93-b1ff-31bd4ea8386a
.rambler.ru/ Name: sts
Value: 0.1641129103.1.1641129103.2.1641129103.3.1641129103.4.1641129103
.ugt7s7.ru/ Name: __gads
Value: ID=6055141899fb1754:T=1641129102:S=ALNI_MbghWpxlhm5FU_c5nCLn8BDqV9ABg
.mts.ru/ Name: mts_id_last_sync
Value: 1641129103
.mts.ru/ Name: mts_id
Value: 66c90601-67d2-447d-882c-f8ef51c5c5a0
.betweendigital.com/ Name: bug
Value: 1
.1dmp.io/ Name: ru-seq
Value: null
x01.aidata.io/ Name: livin
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adsniper.ru/ Name: uuid3
Value: IiQ4ODA2YjBhOC02YmNkLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mail.ru/ Name: VID
Value: 1zK-CE0I32o700000Z16H4I7:::0-0-0-6ebfd4e:CAASEICwBiWanJW6a4okgvCeU7oaYPqIAm3p3r4ikjPVuirn71LQkQRdkY-Zd1pgqCqxnljjTBXUXc8d17CwpkU7N6velBb5oWZphy7wM2bEvHxiViewe31rBlthRJ7VQNNoUEYBplKbU_jLMeXO5KW19EAUVA
.ctnsnet.com/ Name: cid_85332356b46b4b84abb4a0783d9425a1
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7048595825913755793
.advertising.com/ Name: APID
Value: UP880ca3c7-6bcd-11ec-b031-06c61451f302
.bumlam.com/ Name: suuid3
Value: IiQ4ODA2YjBhOC02YmNkLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.turn.com/ Name: uid
Value: 4360880810634295436
.360yield.com/ Name: tuuid
Value: 7f96dc67-a7e5-4e84-a60c-196774039dbf
.360yield.com/ Name: tuuid_lu
Value: 1641129103
ads.avct.cloud/ Name: uuid
Value: 097262cf-752f-44c6-a9b2-c84a32fd735d
.yahoo.com/ Name: A3
Value: d=AQABBI-k0WECEJJ5ZXjibuM95u1BIAOPswwFEgEBAQH20mHbYQAAAAAA_eMAAA&S=AQAAAlVFlrsal-G-epdtAokb1pc
.3lift.com/ Name: tluid
Value: 8763525051952342974
.quantserve.com/ Name: d
Value: EDABCQGNJYEA
.quantserve.com/ Name: mc
Value: 61d1a48f-c2505-0b7a5-766c7
.casalemedia.com/ Name: CMID
Value: YdGkjzTQM0OVUrCOUYyaxwAA
.casalemedia.com/ Name: CMPS
Value: 5221
.analytics.yahoo.com/ Name: IDSYNC
Value: 18wq~22fp
.yahoo.com/ Name: APID
Value: UP880ca3c7-6bcd-11ec-b031-06c61451f302
.yahoo.com/ Name: APIDTS
Value: 1641129103
.casalemedia.com/ Name: CMPRO
Value: 1160
.casalemedia.com/ Name: CMST
Value: YdGkj2HRpI8A
.betweendigital.com/ Name: ut
Value: YdGkjwAOV-CBaRd7UbXb88GgkahjwD6nbpImMQ==
.rambler.ru/ Name: uuts
Value: 4vrJyKCvEmdKi8y6tnTpyz4sg4Dwapec
.rambler.ru/ Name: ruid
Value: AAAAAI2k0WERjHYYAQmRAQB=
.simpli.fi/ Name: suid
Value: 40E9644F3892451AB00F7B62A226C3BE
.sportradarserving.com/ Name: zuuid
Value: 3c2f8d7b-3a7d-4d76-a5bc-b5d2aaf865a0
.sportradarserving.com/ Name: c
Value: 1641129104
.sportradarserving.com/ Name: zuuid_lu
Value: 1641129104
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1641129104
.tribalfusion.com/ Name: ANON_ID
Value: aunsIHwl6h6bQQwbQQaZaYaUU3jC65hGjt51Dqk9F8UtgrO4TpIr8YABZcUAZaHY7gQZb3fDu61W3T4KBqprZbv1bAq1a
.ugt7s7.ru/ Name: t1_sid_648840
Value: s1.295039877.1641129101187.1641129106658.1.5.5

32 Console Messages

Source Level URL
Text
network error URL: https://ugt7s7.ru/css/bundle(1).js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ugt7s7.ru/css/bundle(1).js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://an.yandex.ru/meta/188282?target-ref=https%3A%2F%2Fugt7s7.ru%2Fwhome.html&charset=utf-8&pcode-test-ids=483201%2C0%2C47%3B466940%2C0%2C27%3B462894%2C0%2C41%3B481684%2C0%2C3%3B452125%2C0%2C20%3B483267%2C0%2C75%3B462728%2C0%2C99%3B477460%2C0%2C17%3B478733%2C0%2C19%3B482094%2C0%2C88%3B474276%2C0%2C92%3B483938%2C0%2C63%3B466679%2C0%2C10%3B483562%2C0%2C44%3B437233%2C0%2C-1%3B203222%2C0%2C59%3B478381%2C0%2C83%3B473705%2C0%2C8&pcode-flags-map=eJyNVtty4jgQ%2FReeyZYt3%2BdNtgXWri15ZTlAUikVSVy7qWIgRUhqZ6bm37flS8CGMZMHwIpPd%2Bv00Wn9mBCGw5SoiMckKtQioZKktJCTL%2Fc%2FJh%2FrzXs1%2BTKRoiST6eRQvR3oMzzbKDCcYPLzYTqJaVHjYzLDZSqVTEhGFMlyuVJxKbCknF2N5Vl1rIzEFKsZhXAhlYAlKheUCwqxZjiSXPQiGX8Y%2Bs88i2bX0W55WkIpYSklZwozmp0X02z%2BLIBXBygZnXEBqN%2BBNGxECWZzIDOl0V9AheDlPFEpn9OoFwP2ApV0pXV77MW0kIdQHbNt0G0etE0ap9M2vcA8BR5ZhfZSmaisIPpREqFKFsMnDmPFWbq6EtixUcMstAa2F%2FEsTwn0KCRAE7QKFouEX2XLRb7jNB3CBZDD5oosczVLMfwYlqzkKj9TgYJ8ILiCChJ3Shmv3bNc0%2FpFzivJeoHNYVTk1lHpnGkKBjUpynCeX6ksMO0jG4Vsek1EMZSq7Zueb%2FSwvmV7fo3NtTJUdxZvaUw4JNctCnkns7jMQZbnZ6D673UQNTDcUwG1as0xI2mjICwEX%2FT7DCWvFgkR5BexcDzjS5WJCKoraEhTzTBErY%2FKaD3IsyyjO5Apx1qxWgA461F72L9XPZjO3cBA70UhNCEDzHmuT9CsTNMalRMRESb1KQapSHyKrx3I7Ivb8ZoNd4aoYzQ20ju495Pv1RZywydqv27%2BWW821f4bPD6%2BbDaPu%2FX%2BGX7%2Fu9u%2FfN9tD%2BtN78GwTB8W1s%2Fr18PLRxXttm9AwdNht4fVr7vnar%2FF7f9g4XX3dqj20Xq%2Fe3%2BrNqe449Lb1%2FX%2BoA4vm2rycHlPQoYqxIzpDsDRKUa5PMKSENRx%2Bq6NTMe6%2FO5FnYQglQXrx7g3Xd9F3hQ5MIsc%2BPJ935xajm36%2FhRZgWPpL8fw3Clybdu2pshApmF0r1hG4LoA94wAWgj5bdt%2FGJxMw2xrUgUhTPGwIGKwlUm1XT9uqr53uyhoRsiMLsEOmvYrQbTbjnJmuX5gd0iVgWITQueJVEyOC9d2rNb1c15oZwcXi8g4xIcR00D0u517xJfV2gjottofXp5qJTYLyak4f0dkl%2FV6lHUR98V3rPKOMAQcao%2BdM4VM9bcFfklyZY1u00EoaKw%2FwjCPC%2FCwFN%2BtlHYSBXeC%2BThLnuE7XssSASdU%2BgxQllJ2BYeCFlckOOYLJTiXiudk3Hw9N0BNtSle8RLsg97pab0ct2zTN9rRXApwfEYWqnHKK06PWoXr2dO6fcIZWeW6VqaKDIMLtg44PsdcN7CNz1h%2FloWsTVrLmMC06BcCs3d4JWhln%2FF61ugNaAcuIkGuMOaDD7RYsFva2NMVRZioGbmwPyE7R7s0dGtLvHlcb7fV%2FqaTrvowhzS63uekkTyHy2ZEisHdYTifwLuQf1KF5GWUKAbjmsO4zsZV4tluQ3bEGdQtle5Tz2wkVzjGuaS3fZ0%2BHTb9UD6M10ZwRAsm5FjEIAJB7ziTGGZg3MNvqvVzf%2FfIaHsX8ZLViZeJGM8JM909NSvYRQGKOrtuDYEwna2GsxUGL10qUaqYZxh8EtxLChoO4PvNQKRue1GvL0xDK3dMG6TUT%2Bi4qCNa6jy1Y%2BihPu7jHqpZ%2Ffk%2FIfXtxw%3D%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=jdUjRU1OViXKczlG32aUPO7%2BxH%2BJsmKbxPDfs6puEUgG11lz7Q2%2BEV%2FzrUIPfN4TyyZ8yCmQKjLBriIxDSPvVPYMvUQ%3D&imp-id=16&partner-stat-id=15&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=156182190751746&ad-session-id=9129021641129100989&target-id=90500639&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fugt7s7.ru&top-ancestor-undetermined=0&pcode-version=51484&pcodever=51484&flash-ver=0&available-width=1050&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1050%2C%22h%22%3A0%2C%22width%22%3A1050%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A275%2C%22top%22%3A1116%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=996&grab=dE5o4buvbmcgxJFp4buBdSBi4bqhbiBj4bqnbiBiaeG6v3QgduG7gSBjw6EgY8aw4bujYyB0aOG7gyB0aGFvIGNobyBuZ8aw4budaSBt4bubaSBi4bqvdCDEkeG6p3UsIGPDoWNoIMSR4bq3dCBjxrDhu6NjIGNow61uaCB4w6FjIGNobyBuZ8aw4budaSBt4bubaSBi4bqvdCDEkeG6p3UsIG3hurlvIC0gR2nhuqNpIHbDtCDEkeG7i2NoCjFOaOG7r25nIMSRaeG7gXUgYuG6oW4gY-G6p24gYmnhur90IHbhu4EgY8OhIGPGsOG7o2MgdGjhu4MgdGhhbyBjaG8gbmfGsOG7nWkgbeG7m2kgYuG6r3QgxJHhuqd1LCBjw6FjaCDEkeG6t3QgY8aw4bujYyBjaMOtbmggeMOhYyBjaG8gbmfGsOG7nWkgbeG7m2kgYuG6r3QgxJHhuqd1LCBt4bq5byAKMkPDoWNoIGNo4buNbiBuaMOgIGPDoWkgY8OhIGPGsOG7o2MgCjJDw6FjaCBjaOG7jW4gdHLhuq1uIMSR4bqldSDEkeG7gyDEkeG6t3QgY8aw4bujYyAKMk5o4buvbmcgxJFp4buBdSBi4bqhbiBj4bqnbiBiaeG6v3QgduG7gSBjw6EgY8aw4bujYyB0aOG7gyB0aGFvOiB0aMOhaSDEkeG7mSDEkeG7kWkgduG7m2kgY-G7nSBi4bqhYyAKMkPDoWNoIHjDoWMgxJHhu4tuaCBuZ8OibiBow6BuZyB0csOyIGNoxqFpIMSR4buDIMSR4bq3dCBjxrDhu6NjIAoyQ8OhY2ggxJHhurd0IGPGsOG7o2MgY2jDrW5oIHjDoWMgY2hvIG5nxrDhu51pIG3hu5tpIGLhuq90IMSR4bqndSAKMkjDo3kgbGnhu4d0IGvDqiBjw6FjIG5ndXnDqm4gdOG6r2Mgc-G6vSBsw6BtIGdp4bqjbSBy4bunaSByby4gCg%3D%3D&uniformat=true&callback=Ya%5B8780682837811%5D
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ugt7s7.ru/static/i/svg/icons.svg?1639650712802
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ugt7s7.ru/live/now/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ugt7s7.ru/counter/set/news/4056685
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ugt7s7.ru/wstoken/
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://ugt7s7.ru/whome.html#manifest.json
Message:
Manifest: Line: 1, column: 1, Syntax error.
network error URL: https://dsp-rambler.ru/pixel/630779359/?url=51vQXnoJdvUTeqCXRpoT3l7Pi8kjK9mnZ5oq*5F6ZUZPuVWjGrn9lWECW84DbcHMuuHuQZi7TehTusduwGigMVU8p4mtSQfK5-ByARie6KYFXDoOcHjohbW9D43*314nApZcgwF*Gq7REvEDGhU7xDQlsoY47WqeZEvc-e4LGqAa8HNQTcmqAZE1jHOG4n3EnoIE7MTC6-zJZVyWGHtnWHtOQ7UMya1j2KH9elaevf04MHxTt9I-u89d6wwLFEp4Xyx9zkjURxx6PSNuiiwjRnJS*J-BJ4BtbDY20pWWejiSeRwJ-V188CFnMK2cG*vRtFnKYVE26BoaIXXaXmjw0mRdZjrxtyr6LZtXoIMNC*9KCwaVlaxNnZxRBwByKd9SzImv7f2FA1i0vM3JFahZbvO*17vGXc8rcmlgdhpWQIHumC6fJ36OydM9q30tQBBMLssUTVodnBY1uSz3rvIYDvsEDwSdE4A8FgqOPM1b-B3f6Et8tw65GvJCoqWLhE2w9Sl6XI0yjdHNGMjpozAkltEeHpK-77IdDtFuU6mTCxLufnNtm5m9u-r975*cZWIKqIr*JF9xHD3jgnkS5pFbEzwmP-Vb3AYFsZipjDYR4M-069XNBhEkoZVABR5BIt6qgqlpbou-zY2Dm6DpWDgBCMHyZSKvspKed8nHurLb8PgB8Ru3lqHjzlVQHYAmKw9lFNyPdLhUUKxGEhAleG17YHffd2W4ul-CD3V6rHykyaOCfOiL*ZPRcQ-zDDd9TcRq2bO9zBu6OojBqOD-g*yC9MRol2f54kneZ56PKyqI4RgTw7WX3eyYDHw3dzxI968qBOPMVVSxHrBDi5VQD3o25-uGCHMS2Pal83QOkmlkwQAAg4mwICg82PmJjrF6HqJEdl1o164Vb14e5COkZM*zbjF4nuVDN7AOBa19pFYBFtnCWigRmFH6abq2S72mmQ-IbBN9bF670ZN87v*IcHVk7pngYV5J1O8t3CyeQz13f5bNHbe3cFjMXlJmAdDBheGzqK9PB5IDJWSeDygLjH*sU81bu6KgH473A0ckHrXI8jB5p25FhHRFFSBvqPWdRxWXJ5L*6SOl2wYRpg-0n1B9Cy0p3LXz1BRaodYcS*6nmPX6OEm7gdZ9yjuLQnHsku7HKgEasoXWVhbAWqvHKqsykQr4Gr4l7SdkcFMAQi0qQ0Q08WyR4rOO1khUkdLWIHUqkksbBYM00NzoMKZOILOuVZDZEW2-FOJelAueHECgQhIIQxuhptUpC7ctaIMqJjI8xEVq41*dZZC-10kqhRJwWocHkT4cF*W*JA4oHwApIZnfZWMd3nKfwaeyno6OU0xqoXaKFdMjW1o0K48IXdLggwMzs5hk6GF71S8QnFWe5DR2Y071pgunIaWbIKbdYHozwulNbLZRww9fwN53ID1aE2kdP5y8g*HtiOr0V52BAMFoS-aglzFvZtxP5*8uMKelIeYzHsXcfdwXNg2QZahZruwqX1uFOfNCrN5TBdxgbY9l1LH4UwbHuwYo00dgY9yqZ8EKV*rXI3jvxg7KpWjw-B1JqU3fWlM-EPN*g6cJH3lp2dlLSkNktplA6OuxiG6EfVrs0ot3bSZONdsj4VVnwr6maHMRy*aURJZJaANAAXGz-lc9OyqG8YnE0e6-5mb*ylBxeXPv1YBDZXdWhrh1fH2PgBQ9bBGLZJWYvrn7z*cuG8RvoKd*9Brr6x2EWbB63sbl39nTqVAx1-GtG03D*K85-dZUguZeS-3ZiXCqAd2FzaDf8Lvd6NKDsGD5CwzSnJcnHzyLG34cSSoApTiV3jk1h7PPwsth5Hf5P3LNLgLNCv7R6bG5auCkK1wJpkfVmzSo-vbB-tXGJu9XaGgk4TOQIWmPXXWLZxvqda-O4h8Oy4AhWI*vmlz*OnFlFeo*6IZEmwUVh12pM-KWoSAVYlbtP4Vvk9W8XSPIxEf-EWwN-0VLeBkW7KEXp2v7a2uQzJ6yaqBPc7XBAvUwtR7mTjbLi11wFPS3s*O8TR*LBz5pbhW9XEqeUUuKRvlLxyXG8f8IibhOMR62AwpgeIXmp-nf--cEuNcyF680ZYto0v5y-MTYSGkPM9*voliXIiCcAgAAALrcvAoAAAAA&cost=0
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ugt7s7.ru/61b0d30bb4b32236109537.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ugt7s7.ru/css/saved_resource(4).html(Line 5)
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp4ads-v0.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(4).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp4ads-v0.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(4).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-ad-exit-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(4).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-analytics-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(4).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-fit-text-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(4).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-form-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html(Line 5)
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp4ads-v0.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp4ads-v0.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-ad-exit-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-analytics-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-fit-text-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://ugt7s7.ru/css/saved_resource(3).html
Message:
Refused to load the script 'https://ugt7s7.ru/css/amp-form-0.1.mjs' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
network error URL: https://an.yandex.ru/setud/tinkoff/A-6zwXWSS4Omzzk3GcI8wA?sign=1204374944
Message:
Failed to load resource: the server responded with a status of 404 ()
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://an.yandex.ru/setud/mts_banner/PObOIpbVSpOx_zG9Tqg4ag?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DaNr8Sb1AahXDY9Sr%252F1Yl0g&sign=3556300022
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN2piAwgpGaA3jYJoX1cSjQ&google_cver=1&google_push=AYg5qPIcacyeZMGz1W7tABVpzQeQeLhr_dKssrgigUGZm8WUF47kJfNP3kg5_N8CM_aejf8Kh2zqWzYb6j7KmxQ9k-VJzKWbvN1f
Message:
Failed to load resource: the server responded with a status of 503 ()
other warning URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=f5bcZ6flToSmDBlndAOdvw&google_push=AYg5qPK7Dn8cBxnzhCeQD1BEi_ol_HTZMQDifVPZ_kq3kj30ADrEJPSOxL0SqfZmddbLs7O96By8ypURVVetTd_hl8NIZkrK6-JD
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YdGkjzTQM0OVUrCOUYyaxwAABIgAAAIB&google_gid=CAESEOukoGcjKs77qgadvSwTSyU&google_cver=1&google_push=AYg5qPIPcHYzxsONQO-tO2gJesyDzJpqx3k4ai561O655C2o394H1ygfcl4HG1kp77IafyN0BoGx8IW2Vpwl9hyR5LDvdO9NHmCH
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript warning URL: https://ugt7s7.ru/whome.html
Message:
The resource https://ugt7s7.ru/whome.html#manifest.json was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://ugt7s7.ru/whome.html
Message:
The resource https://ugt7s7.ru/css/chto-nuzhno-znat-o-stavkah-na-sport-novichku_1591798890366659541.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

29550a6774465c2fefc7c60fd493fe18.safeframe.googlesyndication.com
47a62b5598302721afe2c2e22bf15e30.safeframe.googlesyndication.com
5db9a8bcf711cf0d71dc0a2c634d4aae.safeframe.googlesyndication.com
7b5868f5428335e5053e527f06f79868.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a5d84237b2adbb561c87907ddbec0eca.safeframe.googlesyndication.com
ad.turn.com
ads.adfox.ru
ads.avct.cloud
ads.betweendigital.com
adservice.google.com
adservice.google.de
af00c4d352a4342d5af34e89ae3b80eb.safeframe.googlesyndication.com
an.yandex.ru
api.rnet.plus
begun-sync.rutarget.ru
c.rambler.ru
c37518537793b0475d38bc38f923af27.safeframe.googlesyndication.com
cdn.ampproject.org
cm.g.doubleclick.net
cm.lentainform.com
cms.quantserve.com
comments.rambler.ru
counter.yadro.ru
creativecdn.com
developers.rambler.ru
dmg.digitaltarget.ru
dsp-rambler.ru
dsp.adfarm1.adition.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
id.rambler.ru
img.championat.com
img01.ssp.rambler.ru
img02.ssp.rambler.ru
jsc.lentainform.com
kraken.rambler.ru
lbs-ru1.ads.betweendigital.com
loyalty.rambler-co.ru
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.konnektu.ru
pixel.rubiconproject.com
prime.rambler.ru
profile.ssp.rambler.ru
px.adhigh.net
r.turn.com
rambler-sync.rutarget.ru
rcmjs.rambler.ru
redirect.frontend.weborama.fr
rmb.ops.beeline.ru
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
sandbox.ssp.rambler.ru
securepubads.g.doubleclick.net
sm.rtb.mts.ru
smartligts.site
smi2.net
smi2.ru
ssp.adriver.ru
ssp.rambler.ru
st.top100.ru
stat.media
static.smi2.net
static1.smi2.net
static2.smi2.net
static3.smi2.net
static5.smi2.net
static6.smi2.net
static7.smi2.net
static8.smi2.net
stats.mos.ru
stats.seedr.com
statsb.nativeroll.tv
sync-tm.everesttech.net
sync.1dmp.io
sync.bumlam.com
sync.datamind.ru
sync.dmp.otm-r.com
sync.mathtag.com
sync.rambler.ru
sync3.adsniper.ru
target.smi2.ru
tech.rtb.mts.ru
tms.dmp.wi-fi.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ugt7s7.ru
um.simpli.fi
ups.analytics.yahoo.com
vk.com
www.google.by
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
cm.g.doubleclick.net
fonts.gstatic.com
google2waycm.netmng.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
ugt7s7.ru
104.19.216.61
104.19.217.61
104.21.73.3
116.202.236.172
130.193.58.13
138.201.55.243
138.201.55.245
138.201.55.248
142.250.186.130
142.250.186.162
148.251.4.142
148.251.87.137
151.101.130.49
169.50.137.184
172.67.202.211
18.156.0.31
18.197.4.101
185.110.56.134
185.15.175.159
185.184.8.65
185.29.132.245
193.232.150.70
2001:678:cb4:bbbb::11
2001:6d0:4001::226
212.11.155.166
213.87.44.187
216.58.212.130
217.66.147.165
217.69.133.145
2600:9000:223f:a00:1b:5138:8a40:93a1
2606:4700::6812:d05
2620:112:f006:bbbb::12
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:802::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::90
2a02:6b8:a::a
3.120.81.147
3.124.133.36
31.172.81.158
31.172.81.172
35.186.193.173
35.190.16.14
37.9.245.57
5.188.198.132
52.214.235.66
66.155.71.149
69.173.144.139
76.223.111.18
80.239.201.45
80.64.106.149
81.19.78.89
81.19.82.74
81.19.82.95
81.19.86.1
81.19.89.16
81.19.89.17
81.19.89.27
81.19.89.3
81.222.128.214
82.202.225.227
82.202.225.229
82.202.225.240
85.114.159.93
87.240.190.67
88.212.201.198
88.212.234.27
88.212.234.28
88.212.252.22
88.212.252.75
88.99.129.243
88.99.213.228
89.108.119.28
91.192.148.14
91.192.149.113
91.192.149.14
91.192.149.54
91.192.150.12
91.192.150.14
91.192.150.30
91.192.150.36
91.220.120.21
95.163.53.109
95.163.53.111
96.46.186.57
0188e22f9fe58731f093b3183a909f4c047b0b01d7feee86eddf647beb63dbb8
01e1b24ddea92b249640501a65233c7a7fb9756ea8efb566ccf3cc1a5694f9b8
023e848b9553976755e44ad4de54ec109556ed86ba408ed6833187e34b5ebc72
025768f1e2e2b05ac6211f57180812df5fbba6398de0eda4acca13f4532ab6fb
041ded233f2298062bd23064158751a7c6e88f21fc0b02b7df620da3484a3094
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
057e5db02edf1604d1ff859fd55991aaa74f3adfb41dca332343d517e138ba49
0700d9b3b616a1d6db6c073e30bc6c7a710b9963318b1cc31b90d701eb7eead4
0b40afb826577054ff8872ffbe5aefd4b52eac1764a1e5420fc954db871690d8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f4640dd5df7de31af540174612950a74366cae539910580965e8728afbe2c90
0f98532d2383eb05f3f44a12e690b47c83239f028f0fb8f144e7e56329327f90
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
131af85b780177363212133650a8a504b7acca8731c549fd4787a8e04d90efde
133c092800fbff394f44f3a69baa0cfe34e0ce20feec5cf7198fc371543595da
13478bdce3b05abe223de8fe7aeab8fa7e1c0599adde7b20944739374757ecfb
1375eb50abd04888ab5d23bf9209c10b689551a405e530c054cec7c110b6ab54
15278e4626abf5fe5a7a9a19c339b54f5c32aef245c51a7ac4bd7155e2efd5dd
18e3db3b393f7206f3807cae77c202999bc83a1ed32a8a613f8ed080254545e2
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1bb0255125a103007051bc4d9fc2dfa5104bdcdb878c8fa5d6a5a6c7a9f04322
1cefab70ed949c1aa116a319767c9c54f934af8931ee9b78dcb04a9e74a05d6d
1cf294cf6c76ba0eebcb764f18bb0468e4f9f6b527c0f8c14d124fa3e2c47b34
1f506cee127964acc6cf94344499a14250d611d67afa0c660e59304b67de4909
1fa33403ce1e62335f928800168be1aacaa387820009d2208a6750b0db404d06
2260a17d2be55e96e72d7cc84e114bfc19c5e1c48b8b447ae6fbddd720586032
23da05438074b2aec6e28871fd0f5f94de8dfd03a6b94826e3ae201e70525961
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2786347f609a2dbd55d468e6cd090e172545608446832f89f4524424b09063ca
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758
2ad025bfdd3e63bb89713eebf6c849e0d651babd48b4aa85a335496224e7e22b
2c200bef3f01f52f589092abeaf1fae8c9281f55fb630925958c5b1966a00ec7
2cdd56de7680fb9708ac5fb369cc17e91f84cc7cfa71f250d9ecb197ddf0b2d2
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
30194c9fdb9a73bc0d39b8b0c5d6eba7e84c7439ebf4008890b96f50e8fb8cf9
30b93a7fb0e296dc127e767121e011beb38e57b592d3b7a5176d5574760d574b
3201d9712ff684086f00807e5850178e095cf1b6ce9393f8069aed03f7dfd9d1
33401584374b1498e38b98fdf8e23a0397dbcf3afe993a587b31f79cbbb2684a
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
3450da15e9d4afff41f661b26bcb5cc0564720506667f5b4ab1ff7a108bf282c
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34ba1c15cbee07be1ae5b516fa52bbef5cb00bad234efc422c279b431e07be4e
34cec36547d91551ff5b928d791d21254c2840d23276fb35e0258547745ab077
34fb3561d2318b388dcf585105f30691852f3779b65e08c5ce422ace5efe1c39
35e71143f9e3681b4579c88310e0b04fe5139c7a8f984e605196c990e6af075e
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
370e84225ba11f3c73383cbcbdc8a0e83e45d0e3a9e3cd657da7bde860b50490
398a6181a061a1b4e9e1e893b11ea4ec1207829ce2cbbed9e1c9430088ca4bb2
3a4d8a0b69143cbe239c8f8323bc43e1bdaa1ae683b0a1d52f7aae30c07adac6
3b9fee0274708a6bb0a1dc8d0ee0917f76b7d3ee2aee7a3ec7816e196be7440a
3bf889f44b8cecc3dbaed3fe1aea659186f39222e1b8d8b2bbb0743ce1ac696b
3c343f634912be8aef1c6319335ef52db52112a754ba1337464b1966e6009cb6
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e10f66065fad2dacd31daafde87f167fec51fe361d7558fe5891d250dd3e311
3e63fad9b35b28601962eea9b7c74fc6b90d0b742c1de531672bcc1ff25d2d74
3e8c4dcc729a99c30eb55a3f935abcb9d7d4f3cd500c052d47b231d162567f32
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4049e17634f0df8dbd1146cf2782e410ae91fcc13678b8e3c44b324ae19cb293
40a47acbcda4fe9d7aa358e39b8e851f59a58fd40f227f3b67e7465f13871565
40a9e4eafdc0f5dd1ba04a385e62b8d3b645c3b10dae5d6c6d0a86838402cd91
40c83ed5448502bd44af245366c8211b869fcfaab05170853ad81b16092f6bcc
427d2685841a31254fdccb66cebe9238bafda8df5389752124d878aedcdb8c16
451879c66628ca593bbe53b20321e7ba5e9cec2102223d9e02c1a20c6493d157
451a7009759f8faf72dfcf8b211e44ec94cba5fa6835f9413c3948d48e4d0bd6
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4782079b25a2b347c99a41c613e8e65534d01cddb19a718afde3ca3271ebd7ac
4840dc681695df24a6300b26e0574ecd3cb69b2084d8e8fd8a626303fd0ea576
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49ec5c90e77f3df474712f2a2dc78ab6535152a317283e96ac54ef91e615f07f
49f295275f707ac20c97560058a73d05bc4981cca0edc21e344fe5c66b012680
4b04df514562f4bd342f7d3dfccb57daaf6fad092ce30b116a19499d35d58cfc
4bc7a949ce87c9ec6992be8eb0420fea5632afd2101bd5c80b298cb6d9f771d0
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
50a141a1e273cd9a7d07db6b878124cd3779f86b7f141fbbc69131ec26b36c42
51b700dbacbef87068acf249ba8267d6854aa6958b765a3185b29cee30052832
51e5b4ad4a1e0c8fb2379e67edf306c9140d6ad64b345e2cbc7014975d95aaf1
5207637a3fb149db62bc71874afc88d2df80af40c12e23676c3d3aa977497955
522842190d8772d9b5d27852591dd456e6b80f09e7f52aa5f85258eeb9669295
535ab2f2779b29b6ed18af6aa8fb3ecd2e387bdef80583a2dc8ff6caa31f75a1
53b7e7be97addf8dac497e15a81bfdb5af401d4c1246ddbcd9bf2b366b22ba4e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a374c857cedf9cfd88a7958eca6b6751cddd3c19130ab9fbc7364c8e2cbc4df
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5bed1192f2bebd28b184abc40076411dcf7a7e2c80b12b2e03f5eb788863ea31
5c0a87083d278151c970b702b9ae010ce4e3ac9cc8a0483ac30bc55320f2b270
5c6a848f385ff3230af5ea53f5656082254bdd9a460559c662250dbe080ada5d
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5d2c6650eb20b5fac28d5ae63f3bdb04a70a3b093d0cf20c614d74952c239c94
5e5ec3e0eba9cee12f3ada38f189d0d671ad971a208e513ab76bb79c51ab242e
5febe42d958a25aac2eab77ef3cb52ab401ced8c1df1c7ec06d94fe6160f4554
6006fe7a58797d0c3eabdc514beb320f5f56f88088e5b6bfac1e7b4c9f2b0106
6091257875be8caffc291e2b5476a2136ca81de5420a640598e5331c496f33c4
61958968b3142d572f23147214b00cf6c7b3a7eea430e34e7a8f72bf52c7d585
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6267d4f123679bdcffcc2c888dfc9450e6a0fb190611c530470382163d3a9923
6326563e692936edb1842955d0340c9c1b4549b6ae34919fda0dbc6143d0abb5
6430c8ab9f83be322f9491e515f6360d62dfb480a7eac1682e61b128318db9ba
643d572b967cbb79e42fc8c4723791b6b4fc33e7e6c4177371c33b50f199d8dc
650a667255250a7528a330a3096ea286bf15d8ac3d552e9508d15e96a2a42c2d
65694a3608a1a8018a3b9a5f5949b34d506042d588de1f52e2c4012e9b809334
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
68228b78d59388c22ab9aeaccedef93b63e80157fbda930ab39ca7d64b3704cb
69a9e17f60f539af96d72b23bacb57e087baf53caa1328b0a25448a55cd02525
69dff2ae7f98e7a5dd1b1f8bf31c8fa5ee3757b54408cc949b5c6debc66792d8
6a163c4c6ec0cd3748096cce22097324784485b142278d683019e2fd99157714
6a23af7407cce9df7b6e0419ac4e0b2d9802f964ebbb855545f719160c021693
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdc824227f1260a106038627a52010d2c31ff5415822ef9b9e247bfcdef9f26
6e9e056ff03fe853eb95b2d34bcc5db0d7160c4febdd1d61afd3a5bda08cacb5
6fd987d10fe4256736dc603435f5aba78ef968d3361054582d6c085b7c6f610c
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6
782558849b4b5a573795bec4204fc8eeef0cfaefdd33f7e18bfe0601c5d93558
78479eacb8dffc6a7b10ee7107fbe18b6a5716efb5fa957084bfc4cc52b720ef
789781aafb1f981f1a4c80d09fcc466026438b6a2482956ce44c418d04f687f4
794904cbadec91868002069ddff438310cc60c88f349a723b24e3fd0dfb223ed
7a07a05265c72a40584a7977578e14a43ba517ea0a58c6d1ed5b59bc5a24a8a9
7ad2d097970b4db22e21d9cd61db5d0de1a257b213c72029bbd248d950538f0f
7b4b6c732d0d0ea4de02f42fb9bbe4b819b9b8a24d3538f96497dec6fde5a32e
7d074583ff8f44c8d69ac5715c8ffad5554b2b52da3f06639ce857329f31e23a
7ddd4adb7a58a31725eced4db67d1d83c98df30224444d21c3cb542fa04dc3b9
7eded56040a88db06b19ec0904a6714a18078943b7febf190dcfb5860f3c089c
7f85185cdaf8a279a0acb9ec47ae98cd047fbf65fce06ce64e10d861cc7ab92f
7fc4b2211750b506a2e3dacad7d241a18dc11c30bdf0c12816290abc04acc99f
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8180f387279e265b8e9ed3a60e4596bea1a5df4904098d012a53f937208712c7
82522744a8e4d599774ae242d9acdaddde622f9ae287aceb6dc8f65e5105b236
827632d11c1182e950b085e8f64e03879a6911d569b8eecc33cc5a93bf8e4054
82a39779b117d411dbcf0c8cb4e327ee28cfb4a579cbf0295c043d45cbc3a842
831e79847e0846a87d18e1fdd3571817ede65f3fbb533aad417a912af32681e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c59fc6daf57a78f87435d8d4be08a80e32fbc6d41255434d03218dc3af292e
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
856fee986643a80d07e8de3cfadc5b1eee1b60d03a58489f0c252b3143dc8f51
859ffa6647516c0fd079253b4aefcad43f0298fe303ab1d8be8ae64eefea9c6d
867fc76ca79f54a7e22dff7512e52893b333fd5487dd20035ff2187f4518de1d
87c09fe32554932375d5ab08c355e14fd06105d355eca1d507fda38da7382ff9
87e2489fb8571124db769a1b958b46f654c4f406b7ed0b993c2e3df6c5a9fe82
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
891eb5206ff1a66393b256b47e17c5bcfb9d60918cb388b0158dbeac6ac07f83
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fd2f32ba6eb80b66d35ad9f5815a6109e9f52476895b314281fa01d3f612389
901a68f229867f3c87785a705e43010174e68f8e1e8a51f9269042275996e1b9
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc
92c2baebf9307a81c5fe9346c79d5f8e01e7544eea68f74c38b9796ae20cdca0
92d57892ed4ad0cc9171a682cbd0b60ff3636da26b294fa7a8159406f20e54f4
932b483420091cad5d60ce25c2bc72d5bcb2feec5b1cc15b44c76a06f201fffe
94b572bf0146e7b387b8a488ec1924a969bd7f1349b9c519b292672029ebcf7d
9500962e87d29b77ca82039925092432f738c1e68e68f5cb1aa7bffeb446d734
95dff572ea6990027a35656318742dc8695728f2a263a5b04e46163ea28931a7
95f06e55ada30c6ee51aae7fc65374690d996c0ce9a2c583a4997677b01eecab
97031eed6944946930650d15f3ba7dc8cd5114357870513a940392cb424a250a
97b403b8e52c06f3327b746266da1ecf9cd4fb7a6f55c01eeca13b40dd083199
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
995020fea613b5c91983b993da4b7b8b92721ff98d86ca84abc13d7fda0ec945
996df6750b8a9abf597467616ceeccea172009f1460cd792e7d1af512bd1ad9e
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6b0b47625cceb65d36d7737a23784d7c91aee2e99e9c9bcf8676f234ee8aba
9b8419a5d46a1a7d4c9ce128a07a63ecac483c5fcea1950694cfae290b49eb63
9c48058bc6dd7a2652a38d9e510fc066024983cee0a663226d3ac2869ae67b0c
9d08ad08f30c77f59e103a231a38d1e5f33a789a2f7eef05cb193ff8d6eb9ca7
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e7b1889e548067d2f0c258377caedab53dceafd5eaccf0da048fa99e9f690a2
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9f0d17588c3f715bf27a7b0cb4a50d3fdba961572413c2ddbf09eb9facc87425
9f0d5781311660c2d4f05816041497b33ad71acd98621a24f9783dae3f0a7bca
9f46c2af5260815461be10e868c09a724c3fd69e469d210d2b8aa1608dc6b151
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3106567b25111408e8bcc098bb846480c90862e1fcef624727b2f6fe86ab986
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50f0915215e311e8c7dfaa3f78c4faebd24fbe56f29e25b99f0e41fbf919d37
a5f7fc8533714e8196ff254ba2d574b7be8e2921a61cf86ccf44438edd8eb25b
a6a577e93ea5adf741c96f6299d6681df07c9f6876e83680dea178fdc0638992
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5
a80dd5788cb63db238d4056d1510f08ec49b22e5f7ccc9f6cabf72f9d63c962f
a8cc6e6df7c5de34a0c6812c703b297bbb61e454d3b58ca7d9df1a7a372471e1
aec543652c8c9baa1fe0f7797c6c36f23db3b5c7558ccae21411f7b329fd8e67
aecd885357e6cf19201278a51366752baff2c8706717e2e6d535a9fff31dfca7
afcdd57b8203fc69a287e348dab2620faef5a6c5b5b9f1d20817b5d3df5b800d
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
b05ead113fb16f0c8b39d7621f118db2ad2d9b87f5ca5d97d0ebf51253117524
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b158de0533a63f2d9084656a17356d5808fe6b570aab1fddf44ea786641baed8
b16df8032ad8c88c7ce561a799d2eba80d6fdbb90d33f94c7c4b5934295196e9
b1beea78a7c215a41f6db6a8a8c52d20bfb9f5897a19f25749d223f3ea8e1546
b22cff16acfdd670cfef6d4a8ecb84673e06407e32a4bd12e584ee7cffef74ba
b43e2c60c1c7c0ac47463df85db69c8a8eddf2ef65c884f98eaa327a0aa635a6
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b55bfbf9006b0c20c972bf5a74d6a6c685915038126a0b80141292266751787a
b59055732ac368b6ea6c1d8cdd93c46b7d1c8589db5804e60282eb7128dc52fb
b5a7694928ec9efa94b61d98cd70535eeb00dd1bf34f2689044938b583fbd5ca
b77edec431f49f9befd25654ad0812d86be9bda78090c782cb673c174b0ed453
b78f04572f4a6b78d06725c92ac38e22f3796b1e4e73f728e267e715a1bd40f2
b82ea8fb2948d1a9c54552b4d7220c48b4b318174977fd11e408306f4d925776
b94fab3bac24c7ed4b445ff76243c9eeb8c1c3516984cc62b9365c39c39c2098
baa877d70f417b15872e2be0a758a9836a777b207e043e3255508b09f010fa28
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb4c67203f9888a8d46287c8f8ad00c3f4285034b480d69277796caa4ae569f6
bdf71a61d110f7920e0f09d7807adcb7695e0e70ecd5b40443ce75e9f3c24986
bed2365e0935b48d4d3b1392538a2bf1add63576b70f840e09ecd0ac619e234e
c0a1362e7667fffd5674baa98fed00df12be3df5252276d0e19852520adf2e88
c0afdc3069bcc20b910d59cb9ec7e1656c9d3fa909989a32f26e001eb23f93ae
c3e6c1002f9a4c4411a94ee238b51a48d85b77640b9cd9a1e2f63744fea17d00
c59edf97034f2a96fc56fa27bb9208e1dd00e586263bde35a2a84797790d7f08
c6140c5e5def9ed020641499e57484d7ccfde5616e0aa4ad7af65cfa35a8af3a
c669e3cf8ddf1b4fb568561f60c115245fc7d440fde24fb47c0a38b2e1935410
c73a75f77daef3dd6f9447f21061136b51950f1e81fc61bb3058eae844727b95
c9ca299ab3a7f12b37cce4f76c017b88026120824524d472e3e58b523858e282
ca3bc02a526e39502f162a42a1d720ba2f593a31b60353de1ce62b5d65abe67f
cba06688454c4b504c7c8294249b21e63c52176a237d77dbc2c3a6b2f0a9faf8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc7ab88ea375af880a0c70c42c7e0afad39595c96752f34f802c871077e149e9
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb2db441843afa6001a335972da84db30d9b2723d9772d338e00cfd2eea1507
cff2cd66a2264398e777b859aaf0d69b25c7a5d86f1a633cecc5fa8768dc9588
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0740d7aaa9efdb636f85313593461e60280263f69fd956e29e0c01a2d32b036
d2ffa9981ea4a6f5970546a44c2304f006973b4043b84b72a3c547da0e6e2ec7
d49499747d8bb7e66d3d8aa7c28e62ed8e676543997ef842cb2c0799354bdee2
d6121206e7302e80b6fabd18339efbd05f73f021ee4e98865f80a581e2bc26b8
d79d89f3e5af59f18e9e7154f9439e7c175bf597457dfa3fd845c39d333d5ef7
d7e4736fc4c67e7e13212fd832908b0191c4bdb933f873885bfd1ed53ebef23f
d8872bba7bb071f052bc62cacbe0857334b6a2b199acfb5e9cf30dc7bd0d3d35
d989fc2b6ac051eb809d3cb5b49b113eee9854aa01a449a2e36692c80232ac0d
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dac617021f15d67da4f7d7b41ff795051b39b4bcf0098b491ebb8efc15e19f64
dbd37284a3841f5f82188e6992c2797e8a2c678baa70b536bbad5cbe5bcc783e
dd8a0c4aac49389cc949f0b133430fa1787491420fbe568583d02c2251c6c08c
dd8ba1ea05ba97834f9e032e431c4435bade0e277e48ed46b5704528271b1dec
dea1e5288ed99f478e4666d59028dc6e2a81ebff156844c3a7c47bff17088271
e0c7c404948dc421969b3ff93d72478d8066a3f4026ed6a9d5da00974e8fd303
e0de968b72b77d0eac9b83b057675ad39731d99d3d133b998fd46fbedc8bcf9c
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e1fc9f233483c734a251bb7a17fdd2324faf80fd2bd3faba06c1089da45acfc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42e168b64cb8a3867ee39f7c7455a953787f0137b239fac00a47b1186e0c6b2
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6ce5befa3b0ca1acf61319ff2e477a7ce5d652313bc323a1b06612f4e4a3d40
e6d8e21a76f073ba5b66ec29a675587cd809144ef66a9f18e0d5d7532aedaf53
e7e91241475a34cc797af5ba181a15165cc8bc78e8dc6effaf6bdf440403f92d
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eb7317d29dfc9c043d03219d9042bdbb60afc6e49c43031891dd9d0beef9c110
ebaaa00d7a0d03e309230bc91cf4b9e6994130b9170786840315da05a04aac94
ecf3d38aee83ae02119fc5c586dfc23331ba49198a3332e80a3c3abfcb389058
eda2886530b8b6b3a2bf786ee7ace9c2920e7db8492a18b06e25dbb5641acdfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ea0fe56ed7f7e648864769252966858b0e3a7040365d9642c5397a2c57f4a
ef727f710c848eb92abfa47f6a5e214b5ee5d337719a79a027f24a06a4aae5ba
f03cc6e6183c14fc1938c5a87c9366c3d06364cb4ed7678bc8fb3030c82e995c
f4cd9b1e524be163d8535b0c5a2fb35c324934004d84f4957016f88704037078
f7a8ea10aa7f4c6489430c8b5b6a56fe48602447ec0791b45606474e06d0f2c5
f86de435aaca56dd7e506148f423ad070df94e970de7ef16f94a93fef39fbb4c
f8feb323d2ad7d1c4e02ebb24edcf21e9c1634bd36cefe1cb02f36d9640421d3
fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58
fc0202d59436339ba688fdbd48ebf86cf65bb66d4a3507e7697d34bff093d907
fd5118294651aabdc87865c9b9d7931b581ff9d12a54f31e2141fd93683146fe
fe768d39b56b1b4d18729812fc52dfb044da0734df5bd6c3944a39c078cc287b
fe8d52e5f35b18fe36309545b7ae1bb614faa6166cf85aa96b8a3553317f38e0
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff880ca3d57b793716c15f500d7df3dc6d56172dead2eb16e2bb683e00dc3508
ff94cfaa773b763e3ed2c1d285dd992322d5634cec5f633727bf9d6f16342e79
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914