urlscan.io logo urlscan.io
SecurityTrails logo

mfd.ru Open in urlscan Pro
195.10.198.167  Public Scan

Go To Rescan Add Verdict Report
URL: http://mfd.ru/
Submission: On September 16 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 7 countries across 24 domains to perform 127 HTTP transactions. The main IP is 195.10.198.167, located in Russian Federation and belongs to NBKI-AS, RU. The main domain is mfd.ru.
This is the only time mfd.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 195.10.198.167 35802 (NBKI-AS)
4 2a02:6b8:20::215 13238 (YANDEX)
2 95.211.66.35 60781 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
10 95.211.66.34 60781 (LEASEWEB-...)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
2 7 188.42.196.115 7979 (SERVERS-COM)
1 2 94.130.13.220 24940 (HETZNER-AS)
11 2a00:1450:400... 15169 (GOOGLE)
2 69.173.144.141 26667 (RUBICONPR...)
2 178.250.2.131 44788 (ASN-CRITE...)
2 146.0.227.110 29066 (VELIANET-...)
2 159.69.59.100 24940 (HETZNER-AS)
2 6 34.98.64.218 15169 (GOOGLE)
1 2a02:6b8::16b 13238 (YANDEX)
1 7 2a02:6b8::1:119 13238 (YANDEX)
9 2a02:6b8::90 13238 (YANDEX)
1 2a03:2880:f11... 32934 (FACEBOOK)
5 172.217.23.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 88.212.201.204 39134 (UNITEDNET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 104.111.230.142 16625 (AKAMAI-AS)
127 32
12    195.10.198.167 (Russian Federation)

ASN35802 (NBKI-AS, RU)
PTR: forum.mfd.ru
mfd.ru
4    2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
2    95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
s.clickiocdn.com
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
10    95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
clickiocdn.com
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
7    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    94.130.13.220 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de
exchange.buzzoola.com
11    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    146.0.227.110 (Germany)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
2    159.69.59.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de
ssp.otm-r.com
6    34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
alz-d.openx.net
eu-u.openx.net
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
matchid.adfox.yandex.ru
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
9    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
65337aeb157dc8b86d7d7fc28f9628ca.safeframe.googlesyndication.com
17    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Domain Requested by
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
mfd.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
12 mfd.ru mfd.ru
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 clickiocdn.com mfd.ru
s.clickiocdn.com
9 an.yandex.ru yastatic.net
mfd.ru
an.yandex.ru
7 mc.yandex.ru 1 redirects yastatic.net
mfd.ru
mc.yandex.ru
7 ads.betweendigital.com 2 redirects yastatic.net
s.clickiocdn.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 pagead2.googlesyndication.com mfd.ru
pagead2.googlesyndication.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
mfd.ru
4 eu-u.openx.net 2 redirects s.clickiocdn.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.google.com 2 redirects mfd.ru
4 yastatic.net mfd.ru
yastatic.net
3 counter.yadro.ru 2 redirects mfd.ru
2 static.criteo.net s.clickiocdn.com
static.criteo.net
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 www.google-analytics.com mfd.ru
www.google-analytics.com
2 alz-d.openx.net s.clickiocdn.com
2 ssp.otm-r.com s.clickiocdn.com
2 inv-nets.admixer.net s.clickiocdn.com
2 bidder.criteo.com s.clickiocdn.com
2 fastlane.rubiconproject.com s.clickiocdn.com
2 www.googletagservices.com s.clickiocdn.com
pagead2.googlesyndication.com
2 exchange.buzzoola.com 1 redirects mfd.ru
2 s.clickiocdn.com mfd.ru
1 eus.rubiconproject.com s.clickiocdn.com
1 65337aeb157dc8b86d7d7fc28f9628ca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.facebook.com mfd.ru
1 matchid.adfox.yandex.ru yastatic.net
1 ad.mail.ru yastatic.net
127 33
Subject Issuer Validity Valid
*.yastatic.net
Yandex CA		 2020-08-07 -
2021-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-18 -
2021-01-18		 2 years crt.sh
ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-06 -
2022-02-16		 2 years crt.sh
*.buzzoola.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-30 -
2022-09-28		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2020-08-17 -
2021-11-26		 a year crt.sh
*.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-10 -
2021-06-10		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2020-02-26 -
2021-02-25		 a year crt.sh
informer.yandex.ru
Yandex CA		 2020-08-27 -
2021-08-27		 a year crt.sh
bs.yandex.ru
Yandex CA		 2019-09-24 -
2020-09-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
*.google.de
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh

This page contains 14 frames:

Primary Page: http://mfd.ru/
Frame ID: F32D6AB5F5D1859CD9E3D4C4DE4A2FAF
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200914/r20190131/zrt_lookup.html
Frame ID: 471D4AB2A9BF27EA43FAB1010348200A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014
Frame ID: 12FB29E752B0C9639CBE527824D67DDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&h=240&slotname=2063741449&adk=3385708369&adf=838900461&w=120&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=120x240&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893732&bpp=16&bdt=456&idt=180&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8636135935829&frm=20&pv=2&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=2953347114&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=1078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1tCbQGLJnz&p=http%3A//mfd.ru&dtd=203
Frame ID: 609EC651F4FEA1A535B28384E4371761
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&h=200&slotname=7124581848&adk=1629665268&adf=307954327&w=200&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=200x200&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893870&bpp=1&bdt=594&idt=88&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=j0vbsPuSuk&p=http%3A//mfd.ru&dtd=93
Frame ID: 07AABFE63111D58F9BE9F562A281DF39
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&adk=1812271804&adf=3025194257&lmt=1600258893&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmfd.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600258893904&bpp=1&bdt=628&idt=66&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240%2C200x200&nras=1&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=71
Frame ID: 926C978043EE634BF325DCF155E2B808
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Frame ID: 2EB4511FD196BD6B761A989FA9D93156
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 032D1C10E6586E115BD354F9FC9A0FA5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Frame ID: 02252E648DAD87E086CF869FE6612726
Requests: 16 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Frame ID: 3F0F50BAD23DFD767DC3445FE718998E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 67EDFAD3519D3981DF8E23373207D4C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: D036C5E790503FD8679A30AF9FB16B67
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Frame ID: 57A982B35B15BB929AF690B80635F89A
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: 68B3C288793D672BF0BCB32C5F658463
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

127
Requests

78 %
HTTPS

58 %
IPv6

24
Domains

33
Subdomains

32
IPs

7
Countries

1865 kB
Transfer

6053 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 44
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014 HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014
Request Chain 47
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 48
  • http://counter.yadro.ru/hit?t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612 HTTP 302
  • https://counter.yadro.ru/hit?t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612 HTTP 302
  • https://counter.yadro.ru/hit?q;t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
Request Chain 61
  • https://mc.yandex.ru/watch/39394400?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258894%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A133301383349%3Arqn%3A1%3Arn%3A424449151%3Ahid%3A416910013%3Ads%3A1%2C12%2C159%2C95%2C0%2C0%2C0%2C624%2C5%2C%2C%2C%2C800%3Afp%3A512%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258894%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8 HTTP 302
  • https://mc.yandex.ru/watch/39394400/1?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258894%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A133301383349%3Arqn%3A1%3Arn%3A424449151%3Ahid%3A416910013%3Ads%3A1%2C12%2C159%2C95%2C0%2C0%2C0%2C624%2C5%2C%2C%2C%2C800%3Afp%3A512%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258894%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Request Chain 96
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 116
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 123
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Request Chain 125
  • https://ads.betweendigital.com/sspmatch-iframe HTTP 302
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
Request Chain 126
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Request Chain 127
  • https://ads.betweendigital.com/sspmatch-iframe HTTP 302
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mfd.ru/ 		66 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mfd.ru/
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
ceffab292f4d039aa5e2e66650f000ff443a2b13ec66903b26ccd14434cdb8ab
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
mfd.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Frame-Options
SAMEORIGIN
Set-Cookie
.MFDAUTH=; domain=.mfd.ru; expires=Tue, 15-Sep-2020 12:21:31 GMT; path=/; HttpOnly __RequestVerificationToken=IPST9xdwdVKv5XdTwoIrv5zabcU-kS5pOJ-zdNak1NJZsQ3BsiJ0pfGQywmTL3_dP076sG-1-UdPggsM7PZ6yaWdhiQ1; path=/; HttpOnly
Date
Wed, 16 Sep 2020 12:21:31 GMT
Content-Length
20465
mfd.css
mfd.ru/static/styles/ 		67 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
d1c45ddefbd814d27a9dd955d4ee2aa07069b0bdeea1f8c602621bdcdae1fb38

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Aug 2020 22:51:25 GMT
Server
Microsoft-IIS/8.5
ETag
"80d4839de869d61:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
13193
bundle.js
mfd.ru/static/scripts/ 		196 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mfd.ru/static/scripts/bundle.js?v=0.10.7562.41083
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
cf3d4c8d462b4e74eb0f247e2e2a3c0d1aa1f20f6779ab1e2924353633dd6e68

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Aug 2020 22:51:25 GMT
Server
Microsoft-IIS/8.5
ETag
"80d4839de869d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private
Accept-Ranges
bytes
Content-Length
66718
header-bidding.js
yastatic.net/pcode/adfox/ 		177 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/header-bidding.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2b45b59fbb2798d01472d5fdd19fa6be3193c4f6ee26b4187627f7bfa0934f7d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
41762
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 12:32:57 GMT
server
nginx/1.17.9
etag
"e58494bbee4e4daf62272235dd2f67c3"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 16 Sep 2020 13:20:19 GMT
360.js
s.clickiocdn.com/t/211512/ 		301 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.clickiocdn.com/t/211512/360.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
4009803dc7b08dd1d60c7a31510e508edb55e4babdc9512b8f1cb4c7b7cf3c9e

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Sep 2020 09:09:37 GMT
Server
nginx/1.16.0
ETag
W/"5f61d651-4b5a5"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Expires
Wed, 16 Sep 2020 12:51:33 GMT
common_258.js
s.clickiocdn.com/t/ 		127 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.clickiocdn.com/t/common_258.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
8de04b57a5f56268a025667ca2687c1f6d130139dae3f59949acd7a743e8c8e4

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 11:46:37 GMT
Server
nginx/1.16.0
ETag
W/"5f5a121d-1fd6e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
Connection
keep-alive
Expires
Wed, 16 Sep 2020 12:51:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a80e5bc6824957c820fc176a64856461adcfdc8bf1ff884189e0c2591d5d58de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45924
x-xss-protection
0
server
cafe
etag
13133778186156096072
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Sep 2020 12:21:33 GMT
logo.gif
mfd.ru/static/styles/logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/logos/logo.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
b2e28c9ee3c2f6463c69b03d4619560e454f9e7b7eb632b5281866bb0a528b5e

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Thu, 20 Sep 2012 12:50:58 GMT
Server
Microsoft-IIS/8.5
ETag
"cb38be942e97cd1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
1430
/
clickiocdn.com/hbadx/ 		24 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/hbadx/?f=__clADF__&rt=1600258893580&site_id=211512&title=Mfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&r=
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
a5575f951eff80612d43a449ff223040bf3e0aafa3978ecfde8bc744199d4a89

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=ISO-8859-1
search.gif
mfd.ru/static/styles/icons/ 		866 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/icons/search.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
dbf17abf2cdee7dc807cade94431455530b36762b4962cb7618114043d0bc02b

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Tue, 03 Apr 2012 14:24:09 GMT
Server
Microsoft-IIS/8.5
ETag
"ad35db6ea511cd1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
866
productlogos.png
mfd.ru/static/styles/images/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/images/productlogos.png
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
43d202fb83fa52f4c41997ded2e09ea459be98743efb1fbe3f3dbd69369ea4f4

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Wed, 11 Apr 2012 13:53:44 GMT
Server
Microsoft-IIS/8.5
ETag
"4d3b9982ea17cd1:0"
Content-Type
image/png
Cache-Control
private
Accept-Ranges
bytes
Content-Length
53342
headingseparator.gif
mfd.ru/static/styles/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/images/headingseparator.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
03413ba0ecb717b3ee7aaaaa9105b9620b97fd7860b42139df0c4ed487944ff7

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Fri, 27 Apr 2012 08:26:09 GMT
Server
Microsoft-IIS/8.5
ETag
"dccf29664f24cd1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
1174
/
ad.mail.ru/hbid_yandex/ 		11 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
adjson
ads.betweendigital.com/ 		11 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://mfd.ru
content-encoding
gzip
content-type
application/json
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
94.130.13.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.13.130.94.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
server
nginx
status
200
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://mfd.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Wed, 16 Sep 2020 12:21:33 GMT
status
307
server
nginx
location
/ssp/adfox?set_buzzoola_cookie=t
etag
W/"714dc14137b229c39607c017b0b16edace9e4ce96df16cbdd7646ce9f7013b8e"
serverid
TODO
access-control-allow-origin
http://mfd.ru
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
trends.gif
mfd.ru/static/styles/icons/ 		149 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/icons/trends.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
cfd93861333e9bc27cd103b811be1dd87294c307d1c3075804ff30594c205d7a

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Fri, 27 Apr 2012 15:52:21 GMT
Server
Microsoft-IIS/8.5
ETag
"46839bb8d24cd1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
149
bearbull.gif
mfd.ru/static/styles/icons/ 		145 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/icons/bearbull.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
895e4d52850e6f3fd71ced1428265fbef1d46af87319bec561428aebde95dcf7

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Mon, 09 Nov 2009 13:35:29 GMT
Server
Microsoft-IIS/8.5
ETag
"aa9b93804161ca1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
145
flagssmall.gif
mfd.ru/static/styles/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/images/flagssmall.gif
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
b564c90f9a368211942b59151667ded4ee618fb99bf6d4a38ff6f539016d9e23

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Mon, 26 Sep 2011 12:21:55 GMT
Server
Microsoft-IIS/8.5
ETag
"9e3852e1467ccc1:0"
Content-Type
image/gif
Cache-Control
private
Accept-Ranges
bytes
Content-Length
3897
loader.js
yastatic.net/pcode/adfox/ 		193 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/loader.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
32ea98c6760d32113a5c31dc46d0fbde7f38bd88e7ff6d3d51d79d1f9526b25f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
46205
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 12:32:58 GMT
server
nginx/1.17.9
etag
"b5a73f7e4899d1c03793a9cd3005b008"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 16 Sep 2020 13:19:39 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/ 		228 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57b34a23487339f53b201f781b1ef81f58cdf77033f9551c44efe8a21b49867c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87685
x-xss-protection
0
server
cafe
etag
9656598585391825739
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 16 Sep 2020 12:21:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200914/r20190131/ Frame 471D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200914/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 15 Sep 2020 22:09:22 GMT
expires
Tue, 29 Sep 2020 22:09:22 GMT
content-type
text/html; charset=UTF-8
etag
17942277541989656716
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4728
x-xss-protection
0
age
51131
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gpt.js
www.googletagservices.com/tag/js/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5c7922180e0379319e2256c322ed801805a94831c074cb118591447cef2cf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"634 / 417 of 1000 / last-modified: 1600254728"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
17775
X-XSS-Protection
0
Expires
Wed, 16 Sep 2020 12:21:33 GMT
/
clickiocdn.com/hbadx/ 		47 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/hbadx/?f=__lxG__.tmp.pol_iq7r61676ouwddzo&rt=889375701&site_id=211512&title=Mfd.ru%2520-%2520%25D0%25A4%25D0%25B8%25D0%25BD%25D0%25B0%25D0%25BD%25D1%2581%25D0%25BE%25D0%25B2%25D1%258B%25D0%25B9%2520%25D0%25BF%25D0%25BE%25D1%2580%25D1%2582%25D0%25B0%25D0%25BB%253A%2520%25D0%25BA%25D0%25BE%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25BA%25D0%25B8%2520%25D0%25B0%25D0%25BA%25D1%2586%25D0%25B8%25D0%25B9%252C%2520%25D0%25BA%25D1%2583%25D1%2580%25D1%2581%25D1%258B%2520%25D0%25B2%25D0%25B0%25D0%25BB%25D1%258E%25D1%2582%252C%2520%25D1%2584%25D0%25BE%25D1%2580%25D1%2583%25D0%25BC%2520%25D1%2582%25D1%2580%25D0%25B5%25D0%25B9%25D0%25B4%25D0%25B5%25D1%2580%25D0%25BE%25D0%25B2%252C%2520%25D0%25B0%25D0%25BD%25D0%25B0%25D0%25BB%25D0%25B8%25D1%2582%25D0%25B8%25D0%25BA%25D0%25B0%2520%25D0%25B8%2520%25D0%25BD%25D0%25BE%25D0%25B2%25D0%25BE%25D1%2581%25D1%2582%25D0%25B8&l=http%253A%252F%252Fmfd.ru%252F
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
b560d747e2930f41840d69ba37f40e261f9b4cb055530c8477370873678a7774

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=ISO-8859-1
/
clickiocdn.com/clickiotag_log/ 		83 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=1&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669369&type=dfp&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889376328
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
80abfc4b3bc65e4167c29623efb9cc6f6fe0de2021421135cddc879bfde6ae58

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
/
clickiocdn.com/clickiotag_log/ 		83 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=0&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669370&type=base&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889376333
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
06d4ef778f856a04a018789bcf2dd4f4c5022b3a73d00487d0db86085fae51df

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
/
clickiocdn.com/clickiotag_log/sensitive/ 		0
214 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/sensitive/?site_id=211512&time=53&r=889381035
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
fastlane.json
fastlane.rubiconproject.com/a/api/ 		264 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1832262&size_id=2&alt_size_ids=38%2C43%2C117&rp_schain=1.0,1!clickio.com,128183,1,,,&rf=http%3A%2F%2Fmfd.ru%2F&tk_flint=pbjs_lite_v3.25.0-pre&x_source.tid=25ae498f-2605-45c1-a71a-283ee75858dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.26271808496166615
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
0db31111bda692acbafb392cfdbe7ae3b7f07d955259c271b87a95590d265e1a

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ 		2 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=930x180%252C320x50%252C320x100%252C728x90&jst=hb&ord=6412798925153549&tz=-120&fl=0&rr=direct&s=3941629&bidid=4e2037852b8b26&transactionid=25ae498f-2605-45c1-a71a-283ee75858dd&auctionid=76c73064-01c6-4c2c-91df-3e40c058f0e8
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://mfd.ru
content-encoding
gzip
content-type
application/json
cdb
bidder.criteo.com/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.25.0-pre&cb=42911083003
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 16 Sep 2020 12:21:33 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://mfd.ru
timing-allow-origin
*
vary
Origin
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%223457BD32-F35D-4287-BC44-A299B7E71052%22},%22__sds_id__%22:%22jmp02me0yo%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[930,180],[320,50],[320,100],[728,90]]}},%22adUnitCode%22:%22/45470634/clickio_area_669369_930x180__0%22,%22transactionId%22:%2225ae498f-2605-45c1-a71a-283ee75858dd%22,%22sizes%22:[[930,180],[320,50],[320,100],[728,90]],%22bidId%22:%228c3fd62facab51%22,%22bidderRequestId%22:%227735c2c382f9f5%22,%22auctionId%22:%2276c73064-01c6-4c2c-91df-3e40c058f0e8%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22128183%22,%22hp%22:1}]}}],%22referrer%22:%22http%3A%2F%2Fmfd.ru%2F%22}
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
http://mfd.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
adjson
ssp.otm-r.com/ 		2 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=728&h=90&s=263&bidid=10be5fc4e16e8c2&transactionid=25ae498f-2605-45c1-a71a-283ee75858dd&auctionid=76c73064-01c6-4c2c-91df-3e40c058f0e8&bidfloor=0
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:33 GMT
server
nginx/1.17.10
status
200
content-type
application/javascript
access-control-allow-origin
http://mfd.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
arj
alz-d.openx.net/w/1.0/ 		173 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://alz-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fmfd.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=25ae498f-2605-45c1-a71a-283ee75858dd&nocache=1600258893823&schain=1.0%2C1!clickio.com%2C128183%2C1%2C%2C%2C&aus=930x180%2C320x50%2C320x100%2C728x90&divIds=%252F45470634%252Fclickio_area_669369_930x180__0&auid=542275002
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.193.0 /
Resource Hash
275d0ac31200db0c55dac0653a68cbadd6920186cfa89ef9528826838f5fe6db

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
server
OXGW/16.193.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://mfd.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
getcookie
matchid.adfox.yandex.ru/ 		88 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
03a493f9245c57b6486c32849c00dfccb836fa3a6f7adcac0c0a97ce107c4b8d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
x-content-type-options
nosniff
status
200
content-type
application/json
access-control-allow-origin
http://mfd.ru
access-control-allow-credentials
true
timing-allow-origin
*
content-length
88
watch.js
mc.yandex.ru/metrika/ 		141 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ab5281d1a6c8fcab92f44b16f8478ae9435805a7795cb0f72d41fb19d86533c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
br
Last-Modified
Tue, 15 Sep 2020 12:41:01 GMT
Server
nginx/1.14.2
ETag
"5f5a2dab-a6d2"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
42706
Expires
Wed, 16 Sep 2020 13:21:33 GMT
banners.js
yastatic.net/pcode-bundles/0.1852/ 		132 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode-bundles/0.1852/banners.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f9d11bcf0470dfd72db6fde7cbfbee8c4077a3deddbb150d1e104aa0ab143d7e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
32467
timing-allow-origin
*
last-modified
Fri, 11 Sep 2020 14:31:17 GMT
server
nginx/1.17.9
etag
"1de5980a83b284ad61c4ba9fa32a353b"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 19 Sep 2020 00:18:19 GMT
banners.js
yastatic.net/pcode-bundles/0.1852/ 		132 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode-bundles/0.1852/banners.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f9d11bcf0470dfd72db6fde7cbfbee8c4077a3deddbb150d1e104aa0ab143d7e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
32467
timing-allow-origin
*
last-modified
Fri, 11 Sep 2020 14:31:17 GMT
server
nginx/1.17.9
etag
"1de5980a83b284ad61c4ba9fa32a353b"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 19 Sep 2020 00:18:19 GMT
context.js
an.yandex.ru/system/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b567561c05cff21573aa8ced9324b9f962a22c6c8747e66c3c7a4722b62d6aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
br
server
nginx/1.12.2
status
200
etag
2912604819
x-yandex-req-id
1600258893964660-636281083646043068000151-production-app-host-iva-pcode-2.iva.yp-c.yandex.net
strict-transport-security
max-age=31536000
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 16 Sep 2020 13:21:33 GMT
/
clickiocdn.com/clickiotag_log/ 		83 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=0&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669116&type=base&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889386137
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
ba3010548fa93ebd50eeeda3e9d7aeaf7dd2e46b0f5e4be5fddfc7ddbcee68a2

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
/
clickiocdn.com/clickiotag_log/ 		83 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=1&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669123&type=dfp&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889386293
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
afbda4c02c857b078b34c75cef255e1144173aadd4e6cfdfbf6c4fd144c493a3

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
cdb
bidder.criteo.com/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.25.0-pre&cb=73370777993
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Wed, 16 Sep 2020 12:21:32 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://mfd.ru
timing-allow-origin
*
vary
Origin
adjson
ssp.otm-r.com/ 		2 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.otm-r.com/adjson?tz=-120&w=240&h=400&s=265&bidid=166bd8e4744ef7a&transactionid=50ceb744-9ab7-42e5-b688-62b1f2ed5cd3&auctionid=3cded9bc-1f89-4b5b-b8a6-8fcf3a0f85d3&bidfloor=0
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:33 GMT
server
nginx/1.17.10
status
200
content-type
application/javascript
access-control-allow-origin
http://mfd.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
2
expires
0
arj
alz-d.openx.net/w/1.0/ 		173 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://alz-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fmfd.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.2&dddid=50ceb744-9ab7-42e5-b688-62b1f2ed5cd3&nocache=1600258893868&schain=1.0%2C1!clickio.com%2C128183%2C1%2C%2C%2C&aus=240x400&divIds=%252F45470634%252Fclickio_area_669123_240x400__0&auid=542275002
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.193.0 /
Resource Hash
63302f15f3f56fdecd14cbc51cbcfdb584934c42963bbe74b03097e34f96e41b

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
server
OXGW/16.193.0
status
200
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://mfd.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid.1.0.aspx
inv-nets.admixer.net/ 		2 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.0.aspx?data={%22imps%22:[{%22bidder%22:%22admixer%22,%22params%22:{%22zone%22:%227F025ADA-61A9-48C7-A2B5-0C409A653E96%22},%22__sds_id__%22:%2236fbiqz9yo%22,%22mediaTypes%22:{%22banner%22:{%22sizes%22:[[240,400]]}},%22adUnitCode%22:%22/45470634/clickio_area_669123_240x400__0%22,%22transactionId%22:%2250ceb744-9ab7-42e5-b688-62b1f2ed5cd3%22,%22sizes%22:[[240,400]],%22bidId%22:%222051e1b06b04bde%22,%22bidderRequestId%22:%22193bddb17f5178c%22,%22auctionId%22:%223cded9bc-1f89-4b5b-b8a6-8fcf3a0f85d3%22,%22src%22:%22client%22,%22bidRequestsCount%22:1,%22bidderRequestsCount%22:1,%22bidderWinsCount%22:0,%22schain%22:{%22ver%22:%221.0%22,%22complete%22:1,%22nodes%22:[{%22asi%22:%22clickio.com%22,%22sid%22:%22128183%22,%22hp%22:1}]}}],%22referrer%22:%22http%3A%2F%2Fmfd.ru%2F%22}
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 16 Sep 2020 12:21:33 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
http://mfd.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19944&site_id=233404&zone_id=1832262&size_id=17&rp_schain=1.0,1!clickio.com,128183,1,,,&rf=http%3A%2F%2Fmfd.ru%2F&tk_flint=pbjs_lite_v3.25.0-pre&x_source.tid=50ceb744-9ab7-42e5-b688-62b1f2ed5cd3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2430075987447109
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
4065685f82c29b36fa511b8b46d20163eefc8abc819ca678e3b49db430716aaf

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adjson
ads.betweendigital.com/ 		2 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?sizes=240x400&jst=hb&ord=6596870631928604&tz=-120&fl=0&rr=direct&s=3941994&bidid=24f9450780db7df&transactionid=50ceb744-9ab7-42e5-b688-62b1f2ed5cd3&auctionid=3cded9bc-1f89-4b5b-b8a6-8fcf3a0f85d3
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
http://mfd.ru
content-encoding
gzip
content-type
application/json
likebox.php
www.facebook.com/plugins/ Frame 12FB
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169...
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=16...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
8O+at5P2/fkbL0LTK2sS+5EOm4gBuq2xPPTiNWVhlYnfHYNi26gIjoPsT0mTCYneYClbdz/PPCn8tL9XmJujJw==
date
Wed, 16 Sep 2020 12:21:33 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fmfd.ru&width=240&height=210&colorscheme=light&show_faces=true&border_color=white&stream=false&header=false&appId=169034706555014
Non-Authoritative-Reason
HSTS
pubads_impl_2020091001.js
securepubads.g.doubleclick.net/gpt/ 		264 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
sffe /
Resource Hash
0f8433dbf9e41e702d91b217f5f4d0188af54cbacb448e5665fd8d9842758728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 08:40:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94535
x-xss-protection
0
expires
Wed, 16 Sep 2020 12:21:33 GMT
bottomlogos.png
mfd.ru/static/styles/logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/static/styles/logos/bottomlogos.png
Requested by
Host: mfd.ru
URL: http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
483818b7a58ec494c1285b7e29f666201b2187ef091ce2dceadd484246a9aeaf

Request headers

Referer
http://mfd.ru/static/styles/mfd.css?v=0.10.7562.41083
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:31 GMT
Last-Modified
Wed, 13 Apr 2016 14:53:02 GMT
Server
Microsoft-IIS/8.5
ETag
"7143fe2d9495d11:0"
Content-Type
image/png
Cache-Control
private
Accept-Ranges
bytes
Content-Length
6804
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3953
date
Wed, 16 Sep 2020 11:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 16 Sep 2020 13:15:40 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
  • https://counter.yadro.ru/hit?t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
  • https://counter.yadro.ru/hit?q;t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
130 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
ee6f303f28c9a4778ee3e6e0e8b640e0fc6aa526cfc877ba3cc7b0507bddc318
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
130
Expires
Mon, 16 Sep 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t39.6;r;s1600*1200*24;uhttp%3A//mfd.ru/;0.21532593939123612
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 16 Sep 2019 21:00:00 GMT
context.js
an.yandex.ru/system/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://an.yandex.ru/system/context.js
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
10c9d096fa3815b5fbcd1e277787db8c446edfe811d9421327f44f2ee0d7d089

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 16 Sep 2020 12:21:33 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
ETag
2257029818
X-Yandex-Req-Id
1600258893977678-1519443312229290332500111-production-app-host-sas-pcode-8
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, noarchive, nofollow
Expires
Wed, 16 Sep 2020 13:21:33 GMT
/
mfd.ru/marketdata/chart/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mfd.ru/marketdata/chart/?id=140335&width=400&height=158&timeframe=1&lineColor=%23ff660a
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
195.10.198.167 , Russian Federation, ASN35802 (NBKI-AS, RU),
Reverse DNS
forum.mfd.ru
Software
Microsoft-IIS/8.5 /
Resource Hash
730210f3446fc39be7f9a22f500800f972e7ce809f6728d1b6722845c13d116d

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:32 GMT
Cache-Control
no-cache, no-store
Expires
-1
Server
Microsoft-IIS/8.5
Content-Length
8738
Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		109 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mfd.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mfd.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 609E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&h=240&slotname=2063741449&adk=3385708369&adf=838900461&w=120&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=120x240&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893732&bpp=16&bdt=456&idt=180&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8636135935829&frm=20&pv=2&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=2953347114&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=1078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1tCbQGLJnz&p=http%3A//mfd.ru&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8980300939565371&output=html&h=240&slotname=2063741449&adk=3385708369&adf=838900461&w=120&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=120x240&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893732&bpp=16&bdt=456&idt=180&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=8636135935829&frm=20&pv=2&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=2953347114&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=188&ady=1078&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=1tCbQGLJnz&p=http%3A//mfd.ru&dtd=203
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Sep 2020 12:21:34 GMT
server
cafe
content-length
22512
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Sep-2020 12:36:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Sep 2020 12:21:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fef134a7880b8d72bac16738b34fe1ed9a72da52f702537b22486826cd3b5888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1600083386116863"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27476
x-xss-protection
0
expires
Wed, 16 Sep 2020 12:21:33 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 07AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&h=200&slotname=7124581848&adk=1629665268&adf=307954327&w=200&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=200x200&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893870&bpp=1&bdt=594&idt=88&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=j0vbsPuSuk&p=http%3A//mfd.ru&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8980300939565371&output=html&h=200&slotname=7124581848&adk=1629665268&adf=307954327&w=200&lmt=1600258893&psa=0&guci=1.2.0.0.2.2.0.0&format=200x200&url=http%3A%2F%2Fmfd.ru%2F&flash=0&wgl=1&dt=1600258893870&bpp=1&bdt=594&idt=88&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=j0vbsPuSuk&p=http%3A//mfd.ru&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Sep 2020 12:21:34 GMT
server
cafe
content-length
21369
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Sep-2020 12:36:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Sep 2020 12:21:34 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 926C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8980300939565371&output=html&adk=1812271804&adf=3025194257&lmt=1600258893&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmfd.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600258893904&bpp=1&bdt=628&idt=66&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240%2C200x200&nras=1&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=71
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8980300939565371&output=html&adk=1812271804&adf=3025194257&lmt=1600258893&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fmfd.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600258893904&bpp=1&bdt=628&idt=66&shv=r20200914&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=120x240%2C200x200&nras=1&correlator=8636135935829&frm=20&pv=1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&ga_fc=0&iag=0&icsg=138177290282&dssz=38&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=3449042972565164&pem=492&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&dtd=71
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Sep 2020 12:21:33 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 16-Sep-2020 12:36:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Sep 2020 12:21:33 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		2 B
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=826327189&t=pageview&_s=1&dl=http%3A%2F%2Fmfd.ru%2F&ul=en-us&de=UTF-8&dt=Mfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAAABAAAAAC~&jid=171959502&gjid=1605061650&cid=1251353029.1600258894&tid=UA-15583455-1&_gid=1382430073.1600258894&_r=1&_slc=1&z=476251215
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
http://mfd.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
7a322f54faa0f8d90bdc.js
an.yandex.ru/partner-code-bundles/12379/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12379/7a322f54faa0f8d90bdc.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e38c483a8385cd6894380c2c44cade9f15bda29376a1874df6953539afed3201
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
17633
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 11:20:42 GMT
server
nginx/1.12.2
etag
"733700ae8a4c73288c209aab26b52a60"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:03 GMT
d0298e290ca7152f36c7.js
an.yandex.ru/partner-code-bundles/12379/ 		339 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12379/d0298e290ca7152f36c7.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
884b5fc559366db787330ce124f5355885b9d95e3ae039284e3fd32228784472
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
73198
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 11:20:42 GMT
server
nginx/1.12.2
etag
"9f41012456afa2feb0adce2752083c55"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:03 GMT
778dc9afcb3b98880f9f.js
an.yandex.ru/partner-code-bundles/12379/ 		728 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12379/778dc9afcb3b98880f9f.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f267b0380fe5dd99e583ce977e694411ad5392ad1bb6a88d994c4a5a31c07590
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
124806
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 11:20:42 GMT
server
nginx/1.12.2
etag
"79590fbf05a58d4d837ed7272ac8c156"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:03 GMT
1
mc.yandex.ru/watch/39394400/
Redirect Chain
  • https://mc.yandex.ru/watch/39394400?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3...
  • https://mc.yandex.ru/watch/39394400/1?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn...
186 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/39394400/1?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258894%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A133301383349%3Arqn%3A1%3Arn%3A424449151%3Ahid%3A416910013%3Ads%3A1%2C12%2C159%2C95%2C0%2C0%2C0%2C624%2C5%2C%2C%2C%2C800%3Afp%3A512%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258894%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0499074629e88a17c1cc59abc8fb64be5f404c90a8107675c1a72bf3e702f7ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://mfd.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/39394400/1?wmode=7&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258894%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A133301383349%3Arqn%3A1%3Arn%3A424449151%3Ahid%3A416910013%3Ads%3A1%2C12%2C159%2C95%2C0%2C0%2C0%2C624%2C5%2C%2C%2C%2C800%3Afp%3A512%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258894%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3449042972565164&correlator=513348456487818&output=ldjh&impl=fif&adsid=NT&eid=21067332&vrg=2020091001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200916&iu_parts=45470634%2Cclickio_area_669123_240x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&prev_scp=ar_imp%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1600258894&dt=1600258894148&dlt=1600258893276&idt=855&frm=20&biw=1600&bih=1200&oid=3&adxs=1180&adys=258&adks=3364112093&ucis=1&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fmfd.ru%2F&dssz=40&icsg=552709163648&std=0&vis=1&scr_x=0&scr_y=0&psz=242x-1&msz=242x-1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
3651cf88de7ca40a52b720846ae4ca673666d1767b58d4013ce7908a5c9bcc93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11255
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://mfd.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
65337aeb157dc8b86d7d7fc28f9628ca.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://65337aeb157dc8b86d7d7fc28f9628ca.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3449042972565164&correlator=513348456487818&output=ldjh&impl=fif&adsid=NT&eid=21067332&vrg=2020091001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200916&iu_parts=45470634%2Cclickio_area_669369_930x180&enc_prev_ius=%2F0%2F1&prev_iu_szs=930x180%7C320x50%7C320x100%7C728x90&prev_scp=ar_imp%3D0&cookie_enabled=1&bc=23&abxe=1&lmt=1600258894&dt=1600258894160&dlt=1600258893276&idt=855&frm=20&biw=1600&bih=1200&oid=3&adxs=178&adys=7&adks=2844542908&ucis=2&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fmfd.ru%2F&dssz=40&icsg=552709163648&std=0&vis=1&scr_x=0&scr_y=0&psz=1244x-1&msz=1244x-1&ga_vid=1251353029.1600258894&ga_sid=1600258894&ga_hid=826327189&fws=4&ohw=1244&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
fff50062cf2e54a26b272da923ab0cc48b52951c9d544b2dd214db0d72d9ff41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10433
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://mfd.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
clickiocdn.com/clickiotag_log/ 		83 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=2&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669123&policy=ok&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889415901
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
1741de575a6b20e84e84264eb3bc6704772e62525cf4b7d2cc87013bc363edce

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
/
clickiocdn.com/clickiotag_log/ 		83 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
http://clickiocdn.com/clickiotag_log/?step=2&ses_id=ybt0yqsb8w7y1eq889375496&area_id=669369&policy=ok&f=__lxG__.tmp.rot_eqbj3rzfownj7z5s&rt=889415936
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/common_258.js
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
3f56368cc3f6cf764c7643a3dcedf2d8365149afc8d2baca849a0ba13e67a1c6

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:34 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html
a68e7dcbc970304bebf3.js
an.yandex.ru/partner-code-bundles/12385/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12385/a68e7dcbc970304bebf3.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8816398c0e5073e3fb5cc104bcd5b04a3e338befc9cab9a8d42abd8742fd380f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
17665
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 21:43:38 GMT
server
nginx/1.12.2
etag
"903b6e16674f1a61f14ce10cd547adb5"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:02 GMT
72e8b776793a60c28816.js
an.yandex.ru/partner-code-bundles/12385/ 		339 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12385/72e8b776793a60c28816.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
38c53847f896230865f9683d5c80c30f6d3a9cb30ae664ba5ae534b5b4854e5c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
73188
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 21:43:38 GMT
server
nginx/1.12.2
etag
"5dee7f04a1c54cbcf010e9d66227bb56"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:02 GMT
74e9e89783eef8c77d94.js
an.yandex.ru/partner-code-bundles/12385/ 		729 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/partner-code-bundles/12385/74e9e89783eef8c77d94.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b8e910e9a48cdca978518fde3091edf8afcb9d84e4d229d954a24f0640415845
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin
http://mfd.ru
Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status
200
content-length
124862
timing-allow-origin
*
last-modified
Mon, 14 Sep 2020 21:43:38 GMT
server
nginx/1.12.2
etag
"4231d21465dacf7925aef02e30930b95"
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 17 Sep 2020 20:51:02 GMT
1
mc.yandex.ru/watch/39394400/ 		43 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/39394400/1?page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258894%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A133301383349%3Arqn%3A2%3Arn%3A851892189%3Ahid%3A416910013%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258894%3Au%3A%3App%3A3629563401
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT
35333
an.yandex.ru/meta/ 		162 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/35333?grab=dE1mZC5ydSAtINCk0LjQvdCw0L3RgdC-0LLRi9C5INC_0L7RgNGC0LDQuzog0LrQvtGC0LjRgNC-0LLQutC4INCw0LrRhtC40LksINC60YPRgNGB0Ysg0LLQsNC70Y7Rgiwg0YTQvtGA0YPQvCDRgtGA0LXQudC00LXRgNC-0LIsINCw0L3QsNC70LjRgtC40LrQsCDQuCDQvdC-0LLQvtGB0YLQuAoy0JLRhdC-0LQg4oCiINCX0LDQsdGL0LvQuCDQv9Cw0YDQvtC70Yw_IOKAoiDQoNC10LPQuNGB0YLRgNCw0YbQuNGPIAoy0JjQu9C4INCy0L7RgdC_0L7Qu9GM0LfRg9C50YLQtdGB0Ywg0LDQutC60LDRg9C90YLQvtC8IAoz0J_QvtC40YHQuiDQutC-0YLQuNGA0L7QstC-0Lo6IAoz0J3QsNGI0Lgg0L_RgNC-0LTRg9C60YLRizogCjPQotC10LzRiyDQtNC90Y8gCjPQnNC40YDQvtCy0YvQtSDQuNC90LTQtdC60YHRiyAKM9Ck0LjQvdCw0L3RgdC-0LLRi9C1INC90L7QstC-0YHRgtC4IAoz0J3QsNGB0YLRgNC-0LXQvdC40LUg0YDRi9C90LrQsCwg0LrQvtC80LzQtdC90YLQsNGA0LjQuCAKM9Cf0L7Qv9GD0LvRj9GA0L3Ri9C1INGC0LXQvNGLINGE0L7RgNGD0LzQsCAKM9Ca0LDQu9C10L3QtNCw0YDRjCDQvNCw0LrRgNC-0YHRgtCw0YLQuNGB0YLQuNC60LggCjPQmtC-0YLQuNGA0L7QstC60Lgg0LDQutGG0LjQuSDQuCDRhNGM0Y7Rh9C10YDRgdC-0LIgCjPQmtGD0YDRgdGLINCy0LDQu9GO0YIgCjPQm9C40LTQtdGA0Ysg0YDQvtGB0YLQsCDQuCDQv9Cw0LTQtdC90LjRjyAKM9Ci0L7QstCw0YDRiyAKM9CQ0L3QvtC90YHRiyDRgdC-0LHRi9GC0LjQuSDQuCDQvNC10YDQvtC_0YDQuNGP0YLQuNC5IAoz0KHRgtCw0YLRjNC4IAoz0JrRg9GA0YHRiyDQstCw0LvRjtGCIAoz0JrRg9GA0YEg0LHQuNGC0LrQvtC40L3QsCAK&target-ref=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&imp-id=1&enable-flat-highlight=1&test-tag=50027779063810&ad-session-id=9077701600258894083&target-id=978646&server-side-rendering-enabled-formats=posterVertical%0AposterHorizontal%0Amotion&pcode-version=12379&flash-ver=0&pcode-icookie=6503730091600258893&available-width=242&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A242%2C%22h%22%3A0%2C%22width%22%3A242%2C%22height%22%3A0%2C%22left%22%3A1180%2C%22top%22%3A1309%2C%22visible%22%3A0%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8035084379978%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
8a4a563888428ccbd7e283657248839c48a3557babe9ceb61422eeadfbc7b77a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
gzip
last-modified
Wed, 16 Sep 2020 12:21:34 GMT
server
nginx/1.12.2
timing-allow-origin
*
status
200
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://mfd.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
x-xss-protection
1; mode=block
expires
Wed, 16 Sep 2020 12:21:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9475ae39c1be64b1abf690e2997c818d492198a60aaad1f038dfa05fee2edb77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6468
x-xss-protection
0
amp4ads-v0.js
cdn.ampproject.org/rtv/012009010507000/ Frame 2EB4 		206 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7805
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57296
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 10:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9e379dcbf00ec980"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 10:11:29 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 2EB4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18665
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:10:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c8394c73e5080432"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:10:29 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 2EB4 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7759
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29275
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 10:12:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"56557b91d9fb04b1"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 10:12:15 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 2EB4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18587
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1795
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:11:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0cc102b09e8903d"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:11:47 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 2EB4 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18574
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14591
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:12:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4ca25f57e218a94a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:12:00 GMT
css
fonts.googleapis.com/ Frame 2EB4 		6 KB
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
664e301047b55580edd789d6cfc6e4e74132992c8d48e07b74d7b540710d9d00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 12:21:34 GMT
server
ESF
date
Wed, 16 Sep 2020 12:21:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 12:21:34 GMT
css
fonts.googleapis.com/ Frame 2EB4 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4edbed2ec39726c52750f204b150082378a801ef0bdda3a0bc1b699d1852d39f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 12:16:36 GMT
server
ESF
date
Wed, 16 Sep 2020 12:21:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Sep 2020 12:21:34 GMT
truncated
/ Frame 2EB4 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea66b0be4859eede494490a7eb666bd71e8d0d2ecbea5968b70667544a41ba7a

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
3056133381600486426
tpc.googlesyndication.com/daca_images/simgad/ Frame 2EB4 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3056133381600486426
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5e2bfe2e8d173cad40a01ce26b5ac9808dded962f763f6309272ac248a2c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 09:13:42 GMT
x-content-type-options
nosniff
age
184072
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59813
x-xss-protection
0
last-modified
Wed, 26 Oct 2016 05:16:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 09:13:42 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 2EB4 		1 KB
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181061
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 10:03:53 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2EB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4Nw6TgNiX5_HDqij3gPI37TwB9SwpNRd-73Sr48MwI23ARABIKLioyZgkYSThfwXoAG0isO6AsgBAakCfwTcN_Tlsz7gAgCoAwHIAwqqBNEBT9DD3ed5LCRBkhM_9KzzF8t24R-S_zx5iDT209ArAd5g4ODBGAhxcFwaMrbyo3XpeaDTwn00pq298RcshEdUctSMG3miyS2xJCjZ45n2EbYb7_VgnjaNSqdAYgxGV8_nROdhh6XYNYF-PA-3K4pTFAaET3jMjfU6ch2eYpOsfJeQ-L3ZxKlG0oL1srZ08WewsATgNoxDMZ4Zd3pcrsBWGVtS7hwXzgOx04OWWOGLouizt9V4zCmfMVx2pPUsFrYNwV0u6naLhubmpdDYtoDkjs_ABMaEver4AuAEAZIFBAgEGAGSBQQIBRgEoAZRgAe09bzFAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD7myDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTkzMTk3ODMzNDYyOTg2OTOACgPICwGyDBRwdWItMzEwNDc5MDM4Nzc5MjQ2ONgTCg&sigh=iAMVCgYXs8w&tpd=AGWhJmsAjwVAx171vckWPPudpqUJW2rcJLf6yzawxnW3vmjwJw
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 2EB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaRthipCOkkKuiCV0ueUXTvu2yeC9VWy9zSVpVX6YgyE5aGHhA32UQPOJNgkGAImJFN1sm2Z3sJhTpMdvEoOy47Gm76Ojw
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EB4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Sep 2020 15:33:28 GMT
x-content-type-options
nosniff
server
cafe
age
74886
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Wed, 16 Sep 2020 15:33:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EB4 		344 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 11:09:07 GMT
x-content-type-options
nosniff
server
cafe
age
4347
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 17 Sep 2020 11:09:07 GMT
35333
mc.yandex.ru/watch/ 		35 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/35333?wmode=7&cnt-class=1&nohit=1&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258895%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Als%3A432564200497%3Arn%3A386090219%3Ahid%3A416910013%3Agdpr%3A14%3Aeu%3A1%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258895%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT
1
mc.yandex.ru/watch/35333/ 		43 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/35333/1?cnt-class=1&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258895%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A432564200497%3Arqn%3A1%3Arn%3A464555451%3Ahid%3A416910013%3Ads%3A1%2C12%2C159%2C95%2C0%2C0%2C0%2C624%2C5%2C1391%2C1391%2C2%2C800%3Afp%3A512%3Agdpr%3A14%3Aeu%3A1%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258895%3Au%3A
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT
35333
mc.yandex.ru/watch/ 		43 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/35333?cnt-class=1&page-url=http%3A%2F%2Fmfd.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1600258893100%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200916142134%3Aet%3A1600258895%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Als%3A432564200497%3Arqn%3A2%3Arn%3A155912499%3Ahid%3A416910013%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1944%3Arqnl%3A1%3Ast%3A1600258895%3Au%3A%3At%3AMfd.ru%20-%20%D0%A4%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%3A%20%D0%BA%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%BA%D0%B8%20%D0%B0%D0%BA%D1%86%D0%B8%D0%B9%2C%20%D0%BA%D1%83%D1%80%D1%81%D1%8B%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D1%84%D0%BE%D1%80%D1%83%D0%BC%20%D1%82%D1%80%D0%B5%D0%B9%D0%B4%D0%B5%D1%80%D0%BE%D0%B2%2C%20%D0%B0%D0%BD%D0%B0%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 16 Sep 2020 12:21:34 GMT
Last-Modified
Wed, 16-Sep-2020 12:21:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://mfd.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Wed, 16-Sep-2020 12:21:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200914/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Wed, 16 Sep 2020 12:21:34 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 2EB4 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mfd.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 17:24:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:01 GMT
server
sffe
age
500213
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13720
x-xss-protection
0
expires
Fri, 10 Sep 2021 17:24:41 GMT
4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 2EB4 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mfd.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 17:40:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:13 GMT
server
sffe
age
499262
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13848
x-xss-protection
0
expires
Fri, 10 Sep 2021 17:40:32 GMT
4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 2EB4 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKew72nU6AF7xm.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mfd.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 17:40:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:00 GMT
server
sffe
age
499246
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8128
x-xss-protection
0
expires
Fri, 10 Sep 2021 17:40:48 GMT
4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 2EB4 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jtGyNPYZvg7UI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mfd.ru
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400|Ubuntu:400,500&lang=ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 17:40:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:49 GMT
server
sffe
age
499242
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Fri, 10 Sep 2021 17:40:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2EB4
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Wed, 16 Sep 2020 12:21:34 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 032D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Wed, 16 Sep 2020 11:19:47 GMT
expires
Thu, 16 Sep 2021 11:19:47 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3707
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.prebid.js
static.criteo.net/js/ld/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b260d188c64b6737b307a491daf03fdbbe9937e531d88496bdbf359ab6f3c943

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
gzip
last-modified
Tue, 25 Aug 2020 15:42:48 GMT
server
nginx
etag
W/"5f453178-1109f"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 17 Sep 2020 12:21:34 GMT
3056133381600486426
tpc.googlesyndication.com/daca_images/simgad/ Frame 2EB4 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3056133381600486426
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea5e2bfe2e8d173cad40a01ce26b5ac9808dded962f763f6309272ac248a2c1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 09:13:42 GMT
x-content-type-options
nosniff
age
184072
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59813
x-xss-protection
0
last-modified
Wed, 26 Oct 2016 05:16:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 09:13:42 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 2EB4 		1 KB
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 10:03:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181061
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 10:03:53 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EB4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Sep 2020 15:33:28 GMT
x-content-type-options
nosniff
server
cafe
age
74886
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Wed, 16 Sep 2020 15:33:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2EB4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 11:09:07 GMT
x-content-type-options
nosniff
server
cafe
age
4347
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 17 Sep 2020 11:09:07 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012009010507000/ Frame 0225 		206 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7805
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57296
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 10:11:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9e379dcbf00ec980"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 10:11:29 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 0225 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18665
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5755
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:10:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c8394c73e5080432"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:10:29 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 0225 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
7759
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29275
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 10:12:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"56557b91d9fb04b1"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 10:12:15 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 0225 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18587
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1795
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:11:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0cc102b09e8903d"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:11:47 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012009010507000/v0/ Frame 0225 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
18574
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14591
x-xss-protection
0
server
sffe
date
Wed, 16 Sep 2020 07:12:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4ca25f57e218a94a"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Sep 2021 07:12:00 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0225 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Sep 2020 15:33:28 GMT
x-content-type-options
nosniff
server
cafe
age
74886
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Wed, 16 Sep 2020 15:33:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0225 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 11:09:07 GMT
x-content-type-options
nosniff
server
cafe
age
4347
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 17 Sep 2020 11:09:07 GMT
truncated
/ Frame 0225 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f8ad3d2e8ee7ad8c58a3b6834b0e163762da211001183e83c7e5585183fc589

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
7214555590189843076
tpc.googlesyndication.com/simgad/ Frame 0225 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7214555590189843076
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
006234b4a2856d91964858fd63e219ac4e723003105dc8c006da1edf2b4f9ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 20:00:08 GMT
x-content-type-options
nosniff
age
145286
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47289
x-xss-protection
0
last-modified
Mon, 09 Mar 2020 10:03:54 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:00:08 GMT
l
www.google.com/ads/measurement/ Frame 0225 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaSb2olxdEmVXyKXLv6rp8axdB8P6rlGF8vqP4Gc8Yyd-iR6RgYFI86vGE_nl11s_QXTBRqMqJPc3xGAYBGK_ydi6NfT-w
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0225 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjPsOTgNiX7m_HtCz3gO4l7XgBrf4kMNciN3vn8MLtrO7sMwIEAEgouKjJmCRhJOF_BegAbC41f4DyAEDqQJhj5YTIOGzPuACAKgDAcgDCKoEzgFP0DA_u1NxtUdvH-p_IvawMYEr_Dn4e-LvX_miibNWyUm8ljEOY4q5BBxwH47_SnCOs4ywqgC0_s4Nm21UTQT2t93Hxw7Zbl-4dsnUrrHV-DhAm36-q6--3_87XlegFZBdvGdmNc7l6153nRHPYAZMQFaplattWwEPKFZD3bwK8r57zgVbyqVgJG96Q9R5i2l0c6kROzHgfHbXMUqNw3Ybywew5kutNjUDDgvy_JyJQm8ANN86ysAgDNwb3WCXRxdc_khC-4cfGH9n3JMvO8AEj7qXw7EB4AQBkgUECAQYAZIFBAgFGASgBgOAB7jHqgGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQxrUH0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MzE5NzgzMzQ2Mjk4NjkzgAoDyAsBsgwUcHViLTMxMDQ3OTAzODc3OTI0NjjYEwI&sigh=1YYELK8USM0&tpd=AGWhJmsbocNGdaNtyxTRU17fJB74EZhI8n7yc2z3DZQr05QshA
Requested by
Host: mfd.ru
URL: http://mfd.ru/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
publishertag.prebid.js
static.criteo.net/js/ld/ 		68 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b260d188c64b6737b307a491daf03fdbbe9937e531d88496bdbf359ab6f3c943

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Sep 2020 12:21:34 GMT
content-encoding
gzip
last-modified
Tue, 25 Aug 2020 15:42:48 GMT
server
nginx
etag
W/"5f453178-1109f"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Thu, 17 Sep 2020 12:21:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200914&jk=3449042972565164&bg=!t7SltKxYlLrUTOSgbx0CAAAAVlIAAAAUCgIZmckWyORlPCTXP0Ief4tSLyvpI52npKd35pJyhpvLORMC9uAgHSJBwPXBywyYm8LedoHb-LPIqtUHZhHgu7twctrcPe8i5ycU8tWRjlHJlH_FIOsJBQzOa7cq5kkYUE8EF1Iwof1vwatXwCPcS39ILM84RgsnyOIEIcWqVkucmip1vL62meUxg5eXmI6nUV-wjpIjxl7HGbC-C14_N4yXSK3ncUxQMADI_C9tkWRqI5nRudzToMLloqIlWI-fFbcVGMBZ3u9-GPTQ1WPSBJZ6K_KBIX4fdU3VrJDobwropZkxFTQZzBBrjGj3RSIpeviq2j4FPdpxjAipZgVa1vJe7S_YBmU06USjyH5AQkIgPCgwZlRb7DQeNBBABHCXxeiAzVEpPRih5QO6qdt4NCYIG2JrOs63ijPvSgKItFmEssbwWHGqZjqMMzoJhejYqCnsrb40ZyC5PRujNjokOvK3Gl_o2Dn4dqr4VuZYuvoYe70IEk-E-JEEEDSPaDmTovKuSZQpKLTVucgckoAwWCO5U8ew2ewg6Ae_gQ93a7q1EEGtLqOOKnoisVq92_S_h3F61bMuq1GGO9d363pit_fhix69jD7yf3I_vOxCErerQ1rkmk73Q9jGk-ZzvMFgT7kPUALNeWF0hAjAOKm8y21-9O-xDou8PepM24TnZHZwK9GR25NE4PPf3l1nPwoy8SlM679E75DTMabkmQGeaLdhbFk7QfuXizdzgu6MtGt_jdgRoDqAfy1cVFHnlm1aGude8HvSJQuuk0lBCphXYp2Twv1I4vRVb6rp0BTP7g3NIfPrEhv8q2PaRetjeudK2GLMQXhtI_-UZ1Jabw_OYY5XVlNYnN8S6kCOJFh_5wbM1dYo-49XxIhdLk8q9uUR0uyl3Z1CMZLTbs1UE-H7kyz_hQJQDRjFJrX7fmlikULDmWUjY2EqCc-YhHfNJv-Q0P7eCMSX0j7VO4waZPryBfk-s7YA0VdTLY-lmQOXZkHyHb1U57IP3xdf1_q3C27AXxbD243PgR3-u_wJMRiC4SNaYaiiBSkTPC1gO11Z7AVgj7aAPst4Ut-XvT0axllDIoZOLCutdQlnTlhvfi3i5xzdFJdy4PSPta6MMEH-OH7pcXW3WkzNoncZBtYx547ZsMJRd7Ig4iV_TrJRFYOI3HdMB-Q-q-idsVVlHIOuyXVP-s-SuqjqKhtW74_hrq9_Cs8Cb4NuPeWv1fdCL58x2WpYhlRBqsChf6bGoXwQoUoEOuWO8nSqIGXan4ME
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0225
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Wed, 16 Sep 2020 12:21:34 GMT
X-Content-Type-Options
nosniff
Server
safe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control
private
Content-Length
246
X-XSS-Protection
0
7214555590189843076
tpc.googlesyndication.com/simgad/ Frame 0225 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7214555590189843076
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
006234b4a2856d91964858fd63e219ac4e723003105dc8c006da1edf2b4f9ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 20:00:08 GMT
x-content-type-options
nosniff
age
145286
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47289
x-xss-protection
0
last-modified
Mon, 09 Mar 2020 10:03:54 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Sep 2021 20:00:08 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0225 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Sep 2020 15:33:28 GMT
x-content-type-options
nosniff
server
cafe
age
74886
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Wed, 16 Sep 2020 15:33:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0225 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Sep 2020 11:09:07 GMT
x-content-type-options
nosniff
server
cafe
age
4347
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 17 Sep 2020 11:09:07 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EB4 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvA_NLeIbTC7KQFRq935u2N49hOWC0_UBoq9rHgp--Z6TveaF8UTTzIlMxl_UG30VH-TSq1Q0lXaRfyDJgKCm_4eRbFx40GHOx1-qhKxKR6-gz6vmfWd8nwho0MYw&sai=AMfl-YSJQhHudeixlX0XDGyZ4yxdUPicsU_PqxD9D6_w5cLOwkboRc7QNnOWsoA7mV9VZpnqXn1Po0hvgaKoXVCYOO-E7Jasngb_EG5j0WTYTEpfUSW0h6s2u83EEuw&sig=Cg0ArKJSzCY9TeLsGA61EAE&cid=CAASF-RoGry6c6u2WlQm_LFifQ2Sy2qE2CSc&id=ampim&o=1181,258&d=240,400&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=161&tls=1168&g=100&h=100&tt=1168&r=v&avms=ampa&adk=3364112093
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0225 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujBc77mMHeWAIPa1F5REoFpwielNKBEO8v2mIp8rtCt5SQpc0M-6h_dN14GMvHkvJqVSM60El0yZwyuZEhCClgKHLnf2elcEMT84JbILdpXkYapNky0LLmCi0EOw&sai=AMfl-YQPfNgiqCS_HWrayKLSW8RWG1GO8-kUX7vO9o0nzRG2Lj-ACVfp2YhD2n52qnCehV3chOjPdtfx2TO7sqfA86fPesu0sLdIJQg8BZIk2ycpEpxXm3K8qZNOokg3&sig=Cg0ArKJSzIHQuKI94JuPEAE&cid=CAASF-RoniAVghk6kwk-AKe32NXM-yT6OqC8&id=ampim&o=335,39&d=930,115&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=109&tls=1110&g=99.56521987915039&h=99.56521987915039&tt=1110&r=v&avms=ampa&adk=2844542908
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Sep 2020 12:21:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
clickiocdn.com/utr/scmps/ 		42 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clickiocdn.com/utr/scmps/?rt=889676338&cmp=-1&api=-1&sid=211512&req=1
Protocol
HTTP/1.1
Server
95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mfd.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Sep 2020 12:21:36 GMT
Server
nginx/1.16.0
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
pd
eu-u.openx.net/w/1.0/ Frame 3F0F
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.193.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=31bd1360-45a5-07b4-2f07-f8d219ecd016|1600258897
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=31bd1360-45a5-07b4-2f07-f8d219ecd016|1600258897; Version=1; Expires=Thu, 16-Sep-2021 12:21:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1600258897|gekin0vNiygu; Version=1; Expires=Thu, 01-Oct-2020 12:21:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.193.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 16 Sep 2020 12:21:37 GMT
content-type
text/html
content-length
416
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=31bd1360-45a5-07b4-2f07-f8d219ecd016|1600258897; Version=1; Expires=Thu, 16-Sep-2021 12:21:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.193.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
date
Wed, 16 Sep 2020 12:21:37 GMT
content-length
0
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 67ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://mfd.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding
gzip
Content-Length
9457
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=43908
Expires
Thu, 17 Sep 2020 00:33:25 GMT
Date
Wed, 16 Sep 2020 12:21:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame D036
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe?crf=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; tuuid=c9bc7878-8ba6-5204-b88c-719be7ee72ca; ut=X2IDUQABW6iy_Z4XgJTivKsAv6OmXy93SyrGTw==; ss=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658

Redirect headers

status
302
location
/sspmatch-iframe?crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
dc=lux1; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=c9bc7878-8ba6-5204-b88c-719be7ee72ca; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=X2IDUQABW6iy_Z4XgJTivKsAv6OmXy93SyrGTw==; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length
0
pd
eu-u.openx.net/w/1.0/ Frame 57A9
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.193.0 /
Resource Hash

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=bcb3f92b-9516-0b21-1c36-0cf519da9118|1600258897
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
vary
Accept, Accept-Encoding
set-cookie
i=bcb3f92b-9516-0b21-1c36-0cf519da9118|1600258897; Version=1; Expires=Thu, 16-Sep-2021 12:21:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1600258897|gekin0vNiygu; Version=1; Expires=Thu, 01-Oct-2020 12:21:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.193.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 16 Sep 2020 12:21:37 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
set-cookie
i=bcb3f92b-9516-0b21-1c36-0cf519da9118|1600258897; Version=1; Expires=Thu, 16-Sep-2021 12:21:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.193.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=65177c2a-960d-453f-a7b7-2f374404a0a7&gdpr=1
date
Wed, 16 Sep 2020 12:21:37 GMT
content-length
0
via
1.1 google
alt-svc
clear
sspmatch-iframe
ads.betweendigital.com/ Frame 68B3
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by
Host: s.clickiocdn.com
URL: http://s.clickiocdn.com/t/211512/360.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
ads.betweendigital.com
:scheme
https
:path
/sspmatch-iframe?crf=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mfd.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
dc=lux1; ss=1; tuuid=0bdf02d6-5715-5204-a83b-13d4f7591085; ut=X2IDUQABdwBOuMAu3SY9MtB3EmfpkLxF1xwRYQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://mfd.ru/

Response headers

status
200
content-type
text/html
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
658

Redirect headers

status
302
location
/sspmatch-iframe?crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
set-cookie
dc=lux1; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=0bdf02d6-5715-5204-a83b-13d4f7591085; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=X2IDUQABdwBOuMAu3SY9MtB3EmfpkLxF1xwRYQ==; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sat, 14 Sep 2030 12:21:37 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length
0

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| inheritPrototype object| Mfd object| adUnits number| userTimeout object| YaHeaderBiddingSettings object| __clADF__ object| __lxGc__ object| adsbygoogle object| __core-js_shared__ object| Ya object| yaSafeFrameCallbacksStorage string| n string| n1 object| __lxGr__ object| __lxG__ object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| __lxGp__ object| __lxG211512__ object| pbjs object| lxpbjsdfp object| googletag function| clickio_pbjsChunk object| _pbjsGlobals object| Criteo number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| googleToken object| googleIMState string| GoogleAnalyticsObject function| ga undefined| yandexContextAsyncCallbacks object| jQuery1113002972345456192893 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_tag_data object| gaplugins object| gaData function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| conceptJsonp1852 object| pcodeStaticJsonp12379 undefined| yandex_context_callbacks object| yaCounter39394400 object| pcodeStaticJsonp12385 object| yaCounter35333 object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_pubtag object| google_image_requests

10 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUl4lujjeNMatpLSuZSmmPpcHgZs9sEjTlwmABN9JaaQbDC6qjtZwsaQHsED
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mfd.ru/ Name: _gat
Value: 1
.mfd.ru/ Name: _ga
Value: GA1.2.1251353029.1600258894
mfd.ru/ Name: __lxGr__ses
Value: ybt0yqsb8w7y1eq889375496
mfd.ru/ Name: __lxGr__var_669370
Value: _669369
.mfd.ru/ Name: _gid
Value: GA1.2.1382430073.1600258894
mfd.ru/ Name: __lxGr__var_669116
Value: _669123
.mfd.ru/ Name: __gads
Value: ID=5e0bb75308d79fc2:T=1600258894:S=ALNI_MY3q6694g1c7WP1HOu33poMDAhGWQ
mfd.ru/ Name: __RequestVerificationToken
Value: IPST9xdwdVKv5XdTwoIrv5zabcU-kS5pOJ-zdNak1NJZsQ3BsiJ0pfGQywmTL3_dP076sG-1-UdPggsM7PZ6yaWdhiQ1

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420)
Message:
Powered by AMP ⚡ HTML – Version 2009010507000 http://mfd.ru/
console-api info URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420)
Message:
Powered by AMP ⚡ HTML – Version 2009010507000 http://mfd.ru/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65337aeb157dc8b86d7d7fc28f9628ca.safeframe.googlesyndication.com
ad.mail.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
alz-d.openx.net
an.yandex.ru
bidder.criteo.com
cdn.ampproject.org
clickiocdn.com
counter.yadro.ru
eu-u.openx.net
eus.rubiconproject.com
exchange.buzzoola.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inv-nets.admixer.net
matchid.adfox.yandex.ru
mc.yandex.ru
mfd.ru
pagead2.googlesyndication.com
s.clickiocdn.com
securepubads.g.doubleclick.net
ssp.otm-r.com
static.criteo.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
yastatic.net
104.111.230.142
146.0.227.110
159.69.59.100
172.217.23.130
178.250.2.131
188.42.196.115
195.10.198.167
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a00:1450:4001:825::2004
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f11c:8183:face:b00c:0:25de
34.98.64.218
69.173.144.141
88.212.201.204
94.130.13.220
95.211.66.34
95.211.66.35
006234b4a2856d91964858fd63e219ac4e723003105dc8c006da1edf2b4f9ffa
03413ba0ecb717b3ee7aaaaa9105b9620b97fd7860b42139df0c4ed487944ff7
03a493f9245c57b6486c32849c00dfccb836fa3a6f7adcac0c0a97ce107c4b8d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0499074629e88a17c1cc59abc8fb64be5f404c90a8107675c1a72bf3e702f7ab
06d4ef778f856a04a018789bcf2dd4f4c5022b3a73d00487d0db86085fae51df
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0db31111bda692acbafb392cfdbe7ae3b7f07d955259c271b87a95590d265e1a
0f8433dbf9e41e702d91b217f5f4d0188af54cbacb448e5665fd8d9842758728
10c9d096fa3815b5fbcd1e277787db8c446edfe811d9421327f44f2ee0d7d089
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
1741de575a6b20e84e84264eb3bc6704772e62525cf4b7d2cc87013bc363edce
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
275d0ac31200db0c55dac0653a68cbadd6920186cfa89ef9528826838f5fe6db
2b45b59fbb2798d01472d5fdd19fa6be3193c4f6ee26b4187627f7bfa0934f7d
32ea98c6760d32113a5c31dc46d0fbde7f38bd88e7ff6d3d51d79d1f9526b25f
3651cf88de7ca40a52b720846ae4ca673666d1767b58d4013ce7908a5c9bcc93
38c53847f896230865f9683d5c80c30f6d3a9cb30ae664ba5ae534b5b4854e5c
3f56368cc3f6cf764c7643a3dcedf2d8365149afc8d2baca849a0ba13e67a1c6
4009803dc7b08dd1d60c7a31510e508edb55e4babdc9512b8f1cb4c7b7cf3c9e
4065685f82c29b36fa511b8b46d20163eefc8abc819ca678e3b49db430716aaf
43d202fb83fa52f4c41997ded2e09ea459be98743efb1fbe3f3dbd69369ea4f4
483818b7a58ec494c1285b7e29f666201b2187ef091ce2dceadd484246a9aeaf
4edbed2ec39726c52750f204b150082378a801ef0bdda3a0bc1b699d1852d39f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57b34a23487339f53b201f781b1ef81f58cdf77033f9551c44efe8a21b49867c
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63302f15f3f56fdecd14cbc51cbcfdb584934c42963bbe74b03097e34f96e41b
664e301047b55580edd789d6cfc6e4e74132992c8d48e07b74d7b540710d9d00
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
730210f3446fc39be7f9a22f500800f972e7ce809f6728d1b6722845c13d116d
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
7f8ad3d2e8ee7ad8c58a3b6834b0e163762da211001183e83c7e5585183fc589
80abfc4b3bc65e4167c29623efb9cc6f6fe0de2021421135cddc879bfde6ae58
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8816398c0e5073e3fb5cc104bcd5b04a3e338befc9cab9a8d42abd8742fd380f
884b5fc559366db787330ce124f5355885b9d95e3ae039284e3fd32228784472
895e4d52850e6f3fd71ced1428265fbef1d46af87319bec561428aebde95dcf7
8a4a563888428ccbd7e283657248839c48a3557babe9ceb61422eeadfbc7b77a
8de04b57a5f56268a025667ca2687c1f6d130139dae3f59949acd7a743e8c8e4
925e403d59ea3e89cf998b801db15a40177e4a30374a307a1846753863c1b429
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
9475ae39c1be64b1abf690e2997c818d492198a60aaad1f038dfa05fee2edb77
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5575f951eff80612d43a449ff223040bf3e0aafa3978ecfde8bc744199d4a89
a80e5bc6824957c820fc176a64856461adcfdc8bf1ff884189e0c2591d5d58de
ab5281d1a6c8fcab92f44b16f8478ae9435805a7795cb0f72d41fb19d86533c2
ae184cd595b89f965d824a9e8748f6ec8f8d3a76ce836e054162207ccb69c251
afbda4c02c857b078b34c75cef255e1144173aadd4e6cfdfbf6c4fd144c493a3
b260d188c64b6737b307a491daf03fdbbe9937e531d88496bdbf359ab6f3c943
b2e28c9ee3c2f6463c69b03d4619560e454f9e7b7eb632b5281866bb0a528b5e
b560d747e2930f41840d69ba37f40e261f9b4cb055530c8477370873678a7774
b564c90f9a368211942b59151667ded4ee618fb99bf6d4a38ff6f539016d9e23
b567561c05cff21573aa8ced9324b9f962a22c6c8747e66c3c7a4722b62d6aea
b8e910e9a48cdca978518fde3091edf8afcb9d84e4d229d954a24f0640415845
ba3010548fa93ebd50eeeda3e9d7aeaf7dd2e46b0f5e4be5fddfc7ddbcee68a2
ceffab292f4d039aa5e2e66650f000ff443a2b13ec66903b26ccd14434cdb8ab
cf3d4c8d462b4e74eb0f247e2e2a3c0d1aa1f20f6779ab1e2924353633dd6e68
cfd93861333e9bc27cd103b811be1dd87294c307d1c3075804ff30594c205d7a
d1c45ddefbd814d27a9dd955d4ee2aa07069b0bdeea1f8c602621bdcdae1fb38
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
d5c7922180e0379319e2256c322ed801805a94831c074cb118591447cef2cf2c
dbf17abf2cdee7dc807cade94431455530b36762b4962cb7618114043d0bc02b
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e38c483a8385cd6894380c2c44cade9f15bda29376a1874df6953539afed3201
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5e2bfe2e8d173cad40a01ce26b5ac9808dded962f763f6309272ac248a2c1e
ea66b0be4859eede494490a7eb666bd71e8d0d2ecbea5968b70667544a41ba7a
ee6f303f28c9a4778ee3e6e0e8b640e0fc6aa526cfc877ba3cc7b0507bddc318
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f267b0380fe5dd99e583ce977e694411ad5392ad1bb6a88d994c4a5a31c07590
f9d11bcf0470dfd72db6fde7cbfbee8c4077a3deddbb150d1e104aa0ab143d7e
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
fef134a7880b8d72bac16738b34fe1ed9a72da52f702537b22486826cd3b5888
fff50062cf2e54a26b272da923ab0cc48b52951c9d544b2dd214db0d72d9ff41