www.liveinternet.ru Open in urlscan Pro
88.212.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.liveinternet.ru/click
Effective URL:
https://www.liveinternet.ru/
Submission: On May 02 via manual (May 2nd 2022, 10:09:53 am UTC) from UA — Scanned from DE

Summary HTTP 212 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 56 domains to perform 212 HTTP transactions. The main IP is 88.212.202.50, located in Russian Federation and belongs to UNITEDNET, RU. The main domain is www.liveinternet.ru. The Cisco Umbrella rank of the primary domain is 39275.
TLS certificate: Issued by GoGetSSL RSA DV CA on October 5th 2021. Valid for: a year.

This is the only time www.liveinternet.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	88.212.202.50 88.212.202.50	39134 (UNITEDNET) (UNITEDNET)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
20	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
7	151.236.71.1 151.236.71.1	204720 (CDNETWORKS) (CDNETWORKS)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	88.212.196.113 88.212.196.113	39134 (UNITEDNET) (UNITEDNET)
2	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
1 17	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	195.209.111.15 195.209.111.15	52007 (ADRIVER-AS) (ADRIVER-AS)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
2 3	194.190.76.38 194.190.76.38	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 2	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1	188.72.107.194 188.72.107.194	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
6 18	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1be 2a02:6b8::1be	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::36 2a02:6b8::36	208722 (YNDX) (YNDX)
8	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3 12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2 2	35.157.46.192 35.157.46.192	16509 (AMAZON-02) (AMAZON-02)
1 1	74.121.143.245 74.121.143.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	52.211.8.77 52.211.8.77	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::402 2a02:6b8::402	208722 (YNDX) (YNDX)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:878:2:9:... 2a02:878:2:9:0:1:2:21	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	83.222.109.36 83.222.109.36	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1 2	83.222.115.14 83.222.115.14	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
9	212.76.131.50 212.76.131.50	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	195.209.108.51 195.209.108.51	52007 (ADRIVER-AS) (ADRIVER-AS)
1	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	83.222.114.188 83.222.114.188	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
3 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
3 3	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2	195.201.108.196 195.201.108.196	24940 (HETZNER-AS) (HETZNER-AS)
3 3	217.66.147.162 217.66.147.162	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	81.163.17.245 81.163.17.245	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
3 3	188.34.131.130 188.34.131.130	24940 (HETZNER-AS) (HETZNER-AS)
1 1	95.217.193.114 95.217.193.114	() ()
1 1	193.106.92.202 193.106.92.202	() ()
1 2	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	188.72.107.156 188.72.107.156	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	212.76.131.55 212.76.131.55	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
3	212.76.131.35 212.76.131.35	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2	151.236.67.192 151.236.67.192	57363 (CDNVIDEO-AS) (CDNVIDEO-AS)
1	2a02:6b8::28d 2a02:6b8::28d	208722 (YNDX) (YNDX)
4 8	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	89.108.82.15 89.108.82.15	197695 (AS-REG) (AS-REG)
1	142.250.185.162 142.250.185.162	() ()
212	60

17 88.212.202.50 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host150.rax.ru

www.liveinternet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.li.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.236.71.1 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cdn.viqeo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.196.113 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host13.rax.ru

mediametrics.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.15 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.190.76.38 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.matchtv.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.200 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.194 (Paris, France)

ASN208677 (SBERCLOUD-AS, RU)

adfox-hb-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1be (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.46.192 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-46-192.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.143.245 (United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.8.77 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-8-77.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::402 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

static-mon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:878:2:9:0:1:2:21 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

api.viqeo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 83.222.109.36 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

stats.viqeo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 83.222.115.14 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

data.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.76.131.50 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs25.videonow.ru

sync.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.51 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.16 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

videonow-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.24.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.108.196 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.108.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.162 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-162-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.130 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.130.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.193.114 (None, ) 1 redirects

ASN- ()

dmp.redllama.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.92.202 (None, ) 1 redirects

ASN- ()

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.133 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.156 (Paris, France) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

videotarget-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.76.131.55 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.76.131.35 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
PTR: vs14.videonow.ru

stats2.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.236.67.192 (Moscow, Russian Federation)

ASN57363 (CDNVIDEO-AS, RU)

cdn.videonow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::28d (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:6d0:4001::226 (Russian Federation) 4 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.82.15 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d52892.azlk.regrucolo.ru

px130.mediahills.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	yandex.ru 4 redirects yandex.ru — Cisco Umbrella Rank: 1168 an.yandex.ru — Cisco Umbrella Rank: 3120 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 19743 mc.yandex.ru — Cisco Umbrella Rank: 2327 log.strm.yandex.ru — Cisco Umbrella Rank: 13426	611 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 171 ade.googlesyndication.com	291 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354	204 KB
17	videonow.ru 1 redirects data.videonow.ru — Cisco Umbrella Rank: 55796 sync.videonow.ru — Cisco Umbrella Rank: 157799 rtb.videonow.ru — Cisco Umbrella Rank: 117312 stats2.videonow.ru — Cisco Umbrella Rank: 77755 cdn.videonow.ru — Cisco Umbrella Rank: 70749	88 KB
17	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 4093	605 KB
13	viqeo.tv cdn.viqeo.tv — Cisco Umbrella Rank: 74218 api.viqeo.tv — Cisco Umbrella Rank: 83003 stats.viqeo.tv — Cisco Umbrella Rank: 86614	408 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8750	3 KB
9	li.ru i.li.ru — Cisco Umbrella Rank: 605916	310 KB
8	tns-counter.ru 4 redirects www.tns-counter.ru — Cisco Umbrella Rank: 8344	3 KB
8	liveinternet.ru 1 redirects www.liveinternet.ru — Cisco Umbrella Rank: 39275	214 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821	5 KB
5	adfox.ru 1 redirects ads.adfox.ru — Cisco Umbrella Rank: 7469	873 B
5	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 5041 favicon.yandex.net — Cisco Umbrella Rank: 6370 static-mon.yandex.net — Cisco Umbrella Rank: 27014	104 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 856 gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931	8 KB
4	mts.ru 4 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 23965 tech.rtb.mts.ru — Cisco Umbrella Rank: 24275	3 KB
4	com.ru 3 redirects rtb.com.ru — Cisco Umbrella Rank: 26133 adx.com.ru — Cisco Umbrella Rank: 47570	1 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	126 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	1 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9741	528 B
3	bumlam.com 3 redirects sync.bumlam.com — Cisco Umbrella Rank: 4233	2 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	3 KB
3	rutarget.ru 2 redirects adfox-hb-bidder.rutarget.ru — Cisco Umbrella Rank: 58562 videonow-sync.rutarget.ru — Cisco Umbrella Rank: 239868 videotarget-sync.rutarget.ru — Cisco Umbrella Rank: 61153	2 KB
3	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 9014	1 KB
3	otm-r.com yhb.p.otm-r.com — Cisco Umbrella Rank: 31868 sync.dmp.otm-r.com — Cisco Umbrella Rank: 13663	394 B
3	adriver.ru 2 redirects pb.adriver.ru — Cisco Umbrella Rank: 28373 ad.adriver.ru — Cisco Umbrella Rank: 14902	2 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 760	42 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 17732	1 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 11546	1 KB
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 50487	683 B
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 17932	1 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 6076	788 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 950	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1443	2 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 15423	1 KB
2	betweendigital.com 1 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2385	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	52 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5351	914 B
2	yadro.ru counter.yadro.ru — Cisco Umbrella Rank: 5873	822 B
1	mediahills.ru px130.mediahills.ru — Cisco Umbrella Rank: 123803	184 B
1	prodmp.ru 1 redirects prodmp.ru	273 B
1	redllama.ru 1 redirects dmp.redllama.ru	563 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 24909	263 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 41713	867 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 17086	785 B
1	relap.io 1 redirects relap.io — Cisco Umbrella Rank: 22207	635 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 23860	238 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1119	323 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 16987	555 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 680	861 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	37 KB
1	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 39514	213 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 7239	342 B
1	mediametrics.ru mediametrics.ru — Cisco Umbrella Rank: 99478	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	646 B
212	56

	Domain	Requested by
20	an.yandex.ru	www.liveinternet.ru an.yandex.ru
17	yastatic.net	1 redirects yandex.ru an.yandex.ru www.liveinternet.ru yastatic.net
15	pagead2.googlesyndication.com	www.liveinternet.ru pagead2.googlesyndication.com bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
12	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com www.liveinternet.ru
9	sync.videonow.ru
9	mc.yandex.com	2 redirects www.liveinternet.ru mc.yandex.ru
9	mc.yandex.ru	4 redirects an.yandex.ru www.liveinternet.ru
9	i.li.ru	www.liveinternet.ru i.li.ru
8	www.tns-counter.ru	4 redirects
8	tpc.googlesyndication.com	bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
8	yandex.ru	www.liveinternet.ru yastatic.net cdn.videonow.ru cdn.viqeo.tv
8	www.liveinternet.ru	1 redirects www.liveinternet.ru
7	cdn.viqeo.tv	www.liveinternet.ru cdn.viqeo.tv
5	ads.adfox.ru	1 redirects www.liveinternet.ru
4	stats.viqeo.tv
4	s0.2mdn.net	www.liveinternet.ru s0.2mdn.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	yastatic.net securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com www.liveinternet.ru
3	stats2.videonow.ru
3	adx.com.ru	3 redirects
3	sm.rtb.mts.ru	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	sync.bumlam.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	px.adhigh.net	2 redirects www.liveinternet.ru
3	static.criteo.net	yandex.ru www.liveinternet.ru
2	cdn.videonow.ru	cdn.viqeo.tv
2	dmg.digitaltarget.ru	1 redirects
2	x01.aidata.io	2 redirects
2	sync.dmp.otm-r.com
2	ut.rktch.com	1 redirects
2	sync3.adsniper.ru	2 redirects
2	ad.adriver.ru	2 redirects
2	data.videonow.ru	1 redirects
2	api.viqeo.tv	cdn.viqeo.tv
2	gum.criteo.com	1 redirects static.criteo.net
2	static-mon.yandex.net	i.li.ru www.liveinternet.ru
2	googleads4.g.doubleclick.net	www.liveinternet.ru
2	match.360yield.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	www.google.com	bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com tpc.googlesyndication.com
2	bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	avatars.mds.yandex.net	www.liveinternet.ru
2	bidder.criteo.com	static.criteo.net
2	exchange.buzzoola.com	1 redirects www.liveinternet.ru
2	ads.betweendigital.com	1 redirects yandex.ru
2	matchid.adfox.yandex.ru	yandex.ru
2	www.youtube.com	i.li.ru www.youtube.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	counter.yadro.ru	www.liveinternet.ru
1	ade.googlesyndication.com
1	px130.mediahills.ru
1	log.strm.yandex.ru	yandex.ru yastatic.net
1	rtb.videonow.ru	cdn.viqeo.tv
1	videotarget-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	dmp.redllama.ru	1 redirects
1	match.new-programmatic.com	1 redirects
1	a.utraff.com
1	mitdmp.whiteboxdigital.ru	1 redirects
1	relap.io	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	rtb.com.ru
1	videonow-sync.rutarget.ru	1 redirects
1	dm.hybrid.ai
1	mug.criteo.com
1	fonts.googleapis.com	s0.2mdn.net
1	onetag-sys.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	www.googletagservices.com	bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
1	favicon.yandex.net	www.liveinternet.ru
1	adfox-hb-bidder.rutarget.ru	yandex.ru
1	yhb.p.otm-r.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	pb.adriver.ru	yandex.ru
1	ad.mail.ru	yandex.ru
1	mediametrics.ru	i.li.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
212	84

This site contains links to these domains. Also see Links.

Domain
g.liveinternet.ru
mediametrics.ru
blog-mastera.ru
smart-lab.ru
www.technohelp.ru
www.03.ru
www.3dnews.ru
radio.mediametrics.ru
doctor.ru
chat.li.ru
wiki.liveinternet.ru
www.li.ru

Subject Issuer	Validity	Valid
*.liveinternet.ru GoGetSSL RSA DV CA	`2021-10-05` - `2022-11-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.li.ru GoGetSSL RSA DV CA	`2021-10-05` - `2022-11-05`	a year	crt.sh
yandex.ru Yandex CA	`2022-02-17` - `2022-08-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
counter.yadro.ru R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
cdn.viqeo.tv AlphaSSL CA - SHA256 - G2	`2021-08-12` - `2022-09-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.mediametrics.ru R3	`2022-02-26` - `2022-05-27`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.p.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.rutarget.ru RU-CENTER High Assurance Services CA 2	`2022-02-28` - `2023-02-28`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.adfox.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.naydex.net Yandex CA	`2022-02-19` - `2022-08-20`	6 months	crt.sh
api.viqeo.tv R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
stats.viqeo.tv R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
rtb.com.ru R3	`2022-03-09` - `2022-06-07`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.videonow.ru AlphaSSL CA - SHA256 - G2	`2021-08-02` - `2022-09-03`	a year	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-03-18` - `2022-08-14`	5 months	crt.sh
*.mediahills.ru GlobalSign RSA OV SSL CA 2018	`2021-06-03` - `2022-07-05`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.liveinternet.ru/
Frame ID: 7B9827A5EBD721DA72A72ED9D850B91F
Requests: 133 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: 589DCA30F9EDD3F94EB4E25A31C6033A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9165516179791802&output=html&adk=1812271804&adf=3025194257&lmt=1651486181&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651486181081&bpp=187&bdt=142&idt=284&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6800782474106&frm=20&pv=2&ga_vid=175933928.1651486181&ga_sid=1651486181&ga_hid=604168834&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C21066429%2C31061828&oid=2&pvsid=1380397679045905&pem=456&tmod=1525808453&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307
Frame ID: FA78F9E137697DBFBEA259620355E2DB
Requests: 1 HTTP requests in this frame

Frame: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4B12A2DAB7DCE945FED40CEDCBEA9D9
Requests: 1 HTTP requests in this frame

Frame: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9E8310CA322FE40146D3229FF9B5698
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYx4-oxAEwAQ&v=APEucNVuBx3fpB_yW4shLUfg2Vl6Mfs1emnE4OMure_e_LB_ELZ-ADBdZusvqS7xXWHYfLD4-FmNo3x_WYQChUbOKruZQjNlCEAJwq1kAERLwLiV2hV4qdEVXVZJ_6mAKcvfmVQ2dMfzi3tHZd7_I92_aVZgK5euRS-cunc3MU_uAl924zod4D0
Frame ID: D4853A787844EADFFB81C6D2B96F91DF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F288FC7F3786392DFD151AFC79E28608
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50057D6CD3CD9DBF94874561E61AD437
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1337995899757920256/CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html
Frame ID: 2CC419A893BED4DBF4895F01C37986C2
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Frame ID: 2DB9C9976309FC4B619753D69BA79417
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.liveinternet.ru
Frame ID: D330A5182855A29EC7139D2E14E29CFA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7309DB61E01C0B07A368FA857008FAEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0D02181D3E9DBF866CC25BF1D449B3C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.viqeo.tv/embed?vid=8064ac7d578a1db6e548&presetId=7023&playerId=512
Frame ID: 8F694C71179E841E7CCD209CA366D7B5
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: AE6B0780ADB4F94B5CDB8062559BAB84
Requests: 2 HTTP requests in this frame

Frame: https://yandex.ru/ads/system/context.js
Frame ID: F5F6B6E2A514D184154102F3C99F069F
Requests: 8 HTTP requests in this frame

Frame: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js
Frame ID: 554DFD50BAF74CEA5464A2E0CFDE8C22
Requests: 6 HTTP requests in this frame

Frame: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js
Frame ID: 9E6896A5DF36515470BF6580E39B6559
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LiveInternet @ Статистика и дневники, почта и поиск

Page URL History Show full URLs

http://www.liveinternet.ru/click HTTP 302
https://www.liveinternet.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

212
Requests

80 %
HTTPS

34 %
IPv6

56
Domains

84
Subdomains

60
IPs

9
Countries

3161 kB
Transfer

9038 kB
Size

87
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://g.liveinternet.ru/login_page.html?new
Title: В почту

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html
Title: Популярные новости

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=423866275
Title: МИД Израиля вызвал российского посла

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=423783080
Title: ZDF: Венгрия и Словакия отозвали вето на нефтяное эмбарго ЕС в отношении России

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=92624049
Title: Слуцкий счёл популизмом проект резолюции в США о применении силы на Украине

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=423698104
Title: Российские летчики сбили украинский истребитель МиГ-29

Search URL Search Domain Scan URL

URL: https://mediametrics.ru/rating/ru/hour.html?article=92279940
Title: В пензенском УГИБДД прокомментировали смертельное ДТП в Кузнецке

Search URL Search Domain Scan URL

URL: http://blog-mastera.ru/post492139042/
Title: "Ажурные дорожки" для красивого кардигана - описание и схема вязания

Search URL Search Domain Scan URL

URL: http://blog-mastera.ru/

Search URL Search Domain Scan URL

URL: http://blog-mastera.ru/profile/
Title: Клуб_мастериц

Search URL Search Domain Scan URL

URL: https://smart-lab.ru/brokers-rating/
Title: Рейтинг брокеров

Search URL Search Domain Scan URL

URL: http://www.technohelp.ru/
Title: Ноутбуки

Search URL Search Domain Scan URL

URL: http://www.03.ru/
Title: Советы врачей

Search URL Search Domain Scan URL

URL: http://www.3dnews.ru/
Title: Гаджеты и железки

Search URL Search Domain Scan URL

URL: http://radio.mediametrics.ru/
Title: Радио Медиаметрикс

Search URL Search Domain Scan URL

URL: http://smart-lab.ru/
Title: Курсы валют

Search URL Search Domain Scan URL

URL: https://www.technohelp.ru/
Title: Ремонт ноутбуков

Search URL Search Domain Scan URL

URL: http://doctor.ru/
Title: Медицина и здоровье на Doctor.ru:

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/403
Title: Рак крови и беременность: Как работает фонд борьбы с лейкемией

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/401
Title: Артрозы

Search URL Search Domain Scan URL

URL: http://doctor.ru/read/400
Title: Новогодние опасности для детей

Search URL Search Domain Scan URL

URL: http://g.liveinternet.ru/login_page.html
Title: почта

Search URL Search Domain Scan URL

URL: http://chat.li.ru/
Title: чат

Search URL Search Domain Scan URL

URL: http://wiki.liveinternet.ru/
Title: помощь

Search URL Search Domain Scan URL

URL: http://www.li.ru/
Title: версия для pda

Search URL Search Domain Scan URL

URL: https://g.liveinternet.ru/recover.php
Title: Напомнить пароль

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.liveinternet.ru/click HTTP 302
https://www.liveinternet.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 41

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 62

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9626._WdD3OzBhGrpQeKwF5q6t8mvZkZVwIRsiq6USnVS-D7xS0ZI9Y3k5-x_n49fAWc5.pJxccX1C2CzgicRi8WY33G_ymGE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9626.X3u8h5rb6vWOml-3iVrzDxiAhbt71rZULQpyhwRZKhMoaQDaLk3F0Mb_Fbdu7NzVANFQ5NdFOGeqHZoxoc7BKcjhIlLSwch0zsF0XemKAmk%2C.iecZMZgNHWZv1YgRPc8GPqUYrz0%2C

Request Chain 73

https://mc.yandex.com/watch/125905?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486182%3Ac%3A1%3Arn%3A775687489%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651486180491%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486182%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486182%3Ac%3A1%3Arn%3A775687489%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651486180491%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486182%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym.t5.5rLOSRX8KMd1ZqawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1&google_hm=2

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOA3bt07i1lZ8lHzEwj7kZA&google_cver=1

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjkxODIxMjM3MTE0OTA3OA%3D%3D

Request Chain 95

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR48awB-KJJS-hI3IhjbTX27n_QrsC_Y5nMh1OP-DNyP2ixDCJI_34 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR48awB-KJJS-hI3IhjbTX27n_QrsC_Y5nMh1OP-DNyP2ixDCJI_34 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1VaclBHMjMxTkxzWlY1&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR48awB-KJJS-hI3IhjbTX27n_QrsC_Y5nMh1OP-DNyP2ixDCJI_34

Request Chain 96

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDBm95lWzffYcpUobfpCFNY&google_cver=1&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIHDg_x8SJ8WLk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIHDg_x8SJ8WLk

Request Chain 97

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOmoiHhrbNbgSUMGlW1TfLo&google_cver=1&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a8Qx6Z8sZgmU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ceB-B6aMS3-Eq6DBTzuzfg2&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a8Qx6Z8sZgmU

Request Chain 98

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO9vdfnoPGdYQDu9WycId50&google_cver=1&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4ppthEwj7pAGg58rNtZVJw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO9vdfnoPGdYQDu9WycId50&google_cver=1&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4ppthEwj7pAGg58rNtZVJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4NDM0Njk0NTkyMzA2ODI3NA&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4ppthEwj7pAGg58rNtZVJw

Request Chain 99

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKs1KD1ZtZf1Et102X5unNg&google_cver=1&google_push=AYg5qPISeJz3iSAeZwpCh39P1tkl3D_JYjs3OEKQ1tWKQLGc-TmIZA9urzJo0PrIiD649VAl00EQVmDxRryDda8Pz3qYaOdHmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym-t5-5rLOSRX8KMd1ZqawAABKgAAAIB&google_push=AYg5qPISeJz3iSAeZwpCh39P1tkl3D_JYjs3OEKQ1tWKQLGc-TmIZA9urzJo0PrIiD649VAl00EQVmDxRryDda8Pz3qYaOdHmg&google_gid=CAESEKs1KD1ZtZf1Et102X5unNg&google_cver=1

Request Chain 100

https://onetag-sys.com/sync/i,19/?google_gid=CAESEDhuqY3sazzMYJbtEYWxpFA&google_cver=1&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8

Request Chain 101

https://match.360yield.com/match/ebda?google_gid=CAESEOl9ywE4ugxPDYsG7yVG4Fc&google_cver=1&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKBU5vr4 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOl9ywE4ugxPDYsG7yVG4Fc&google_cver=1&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKBU5vr4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GPaBq2UjQ_yLbqUuToxJig&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKBU5vr4

Request Chain 133

https://gum.criteo.com/sid/json?origin=publishertag&domain=liveinternet.ru&sn=ChromeSyncframe&so=0&topUrl=www.liveinternet.ru&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0kz70XxNckVFZGgyNGliRm9rdGlpeDNvM2QrOXlGTy9GNHM4Qk1DZzFhVTFFTXBiOFVaNzhkcXEvSEVKUDZxdW9xOFB0U2Q5WGdIaXJRUzBYb2dmRkk2OWN3c2ZTN0xnQkZraVhsSmRvQUljRFRVN0M3Z201Q3VUd216NFZudFJWOGRtUFBra2tzQVJ1QTY1aEtPNXhHNFp6ZitFMjdZd2pVc3JmWXAyY3RtZ2xoa2dHbFN0cTdIeXJBRW4rOTljaHpwcUUzSHdyWTc5WjF1STZnRks1N2R4MnVGc0szSHE1QTRyOEpiMno1YVdwOFc1K3I1cTlTRElqUlZyUVEycFQ5SDI5bnhFWGt5RlprR3pybkxjZHI0MmpRdz09fA&cppv=2

Request Chain 152

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 163

https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F HTTP 302
https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F&ccheck=1

Request Chain 166

https://px.adhigh.net/p/cm/videonow?vn_dsp_id=3&event_id=54283c0ecd8b54d9419729ad262629ae HTTP 302
https://sync.videonow.ru/ssp?dsp=3&uuid=un5JqXisILE.AikABlGAhD9Mlg

Request Chain 167

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=1345372813 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=1345372813&tuid=-4329027222 HTTP 302
https://sync.videonow.ru/ssp?dsp=4&uuid=A90Rokr4y8o9WHlpfs9BwLQ

Request Chain 169

https://videonow-sync.rutarget.ru/sync?vn_dsp_id=7&event_id=54283c0ecd8b54d9419729ad262629ae HTTP 302
https://sync.videonow.ru/ssp?dsp=7&uuid=qwKEqwsQxEaJ

Request Chain 171

https://sync.bumlam.com/?src=vn2&uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjq276TBlIF_ubBnAJiKDBmYTIyMGI2ZmVlODI1YmYyYzkzZTIxMTY1MmIyZGZiMjlhNzc4Yjc* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjq276TBlIF_ubBnAJiKDBmYTIyMGI2ZmVlODI1YmYyYzkzZTIxMTY1MmIyZGZiMjlhNzc4YjeiARD-kZwMyf8R7IQ9ACWQyCQ3 HTTP 302
https://sync.bumlam.com/?src=vn2&s_data=CAIQABjq276TBmIoMGZhMjIwYjZmZWU4MjViZjJjOTNlMjExNjUyYjJkZmIyOWE3NzhiN6IBEP6RnAzJ_xHshD0AJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=vn2&s_data=CAIQARjq276TBmIoMGZhMjIwYjZmZWU4MjViZjJjOTNlMjExNjUyYjJkZmIyOWE3NzhiN6IBEP6RnAzJ_xHshD0AJZDIJDc* HTTP 302
https://sync.videonow.ru/ssp?dsp=14&uuid=fe919c0c-c9ff-11ec-843d-002590c82437

Request Chain 172

https://ut.rktch.com/matchspm?pi=31&pui=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3722808843 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=mj.8DZgVTdZig5KPAKoJWO&noredirect

Request Chain 174

https://sm.rtb.mts.ru/p?ssp=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=38&exu=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=4db82a96-aded-409f-809d-929fe097d2f3&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D38%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1 HTTP 302
https://sm.rtb.mts.ru/em?next=38&em=2&ssp=aidata&id=JLmKGD9KjtOdODuA9st88Q HTTP 301
https://sync.videonow.ru/ssp?dsp=28&uuid=4db82a96-aded-409f-809d-929fe097d2f3

Request Chain 175

https://ads.betweendigital.com/match?bidder_id=34557&callback_url=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D30%26uuid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.videonow.ru/ssp?dsp=30&uuid=2812f45f-b283-527a-b942-6560db2dc886

Request Chain 176

https://relap.io/partners/videonowcs?vn=889 HTTP 302
https://sync.videonow.ru/ssp?dsp=32&uuid=wOYd3vVi

Request Chain 177

https://mitdmp.whiteboxdigital.ru/pixel?source=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://an.yandex.ru/mapuid/qbitis/b510e33a-ff29-46e7-b7d2-c2ff8477c502

Request Chain 179

https://match.new-programmatic.com/userbind?src=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://sync.videonow.ru/ssp?dsp=39&uuid=

Request Chain 180

https://adx.com.ru/videonow-plazsync?uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://adx.com.ru/sync?sspKey=6&sspUserID=0fa220b6fee825bf2c93e211652b2dfb29a778b7 HTTP 302
https://dmp.redllama.ru/sync/yabbi?uid=626fadeaf0e015ca9390f4ec&redir=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D626fadeaf0e015ca9390f4ec%252526r%25253Dhttps%2525253A%2525252F%2525252Fsync.videonow.ru%2525252Fssp%2525253Fdsp%2525253D40%25252526uuid%2525253D626fadeaf0e015ca9390f4ec%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D626fadeaf0e015ca9390f4ec%2526r%253Dhttps%25253A%25252F%25252Fsync.videonow.ru%25252Fssp%25253Fdsp%25253D40%252526uuid%25253D626fadeaf0e015ca9390f4ec%26webouid%3D{WEBO_CID} HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D626fadeaf0e015ca9390f4ec%26r%3Dhttps%253A%252F%252Fsync.videonow.ru%252Fssp%253Fdsp%253D40%2526uuid%253D626fadeaf0e015ca9390f4ec&webouid=mj.8DZgVTdZig5KPAKoJWO HTTP 302
https://prodmp.ru/yabbi.gif?uid=626fadeaf0e015ca9390f4ec&r=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D40%26uuid%3D626fadeaf0e015ca9390f4ec HTTP 302
https://sync.videonow.ru/ssp?dsp=40&uuid=626fadeaf0e015ca9390f4ec

Request Chain 181

https://dmg.digitaltarget.ru/1/6323/i/i?a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281

Request Chain 183

https://videotarget-sync.rutarget.ru/sync?vn=542 HTTP 302
https://sync.dmp.otm-r.com/match/segmento?id=qwKEqwsQxEaJ

Request Chain 204

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029 HTTP 302
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029

Request Chain 205

https://www.tns-counter.ru/V13a****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487 HTTP 302
https://www.tns-counter.ru/V13b****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487

Request Chain 206

https://mc.yandex.ru/watch/66716692?page-url=31308%3Futm_source=%26utm_medium=%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru HTTP 302
https://mc.yandex.ru/watch/66716692/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Request Chain 207

https://mc.yandex.ru/watch/50061703?page-url=31308%3Futm_source=%26utm_medium=36302:1345372813:134537281%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru HTTP 302
https://mc.yandex.ru/watch/50061703/1?page-url=31308%3Futm_source%3D%26utm_medium%3D36302%3A1345372813%3A134537281%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Request Chain 209

https://ads.adfox.ru/226279/getCode?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b HTTP 302
https://ads.adfox.ru/226279/getCodeTest?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b

Request Chain 210

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044 HTTP 302
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044

Request Chain 211

https://mc.yandex.ru/watch/49969126?page-url=31308%3Futm_source=%26utm_medium=%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru HTTP 302
https://mc.yandex.ru/watch/49969126/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Request Chain 212

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832 HTTP 302
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832

212 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.liveinternet.ru/
Redirect Chain

http://www.liveinternet.ru/click
https://www.liveinternet.ru/

37 KB
37 KB

316ms
187ms

Document
text/html

88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: e51fe106b5bb36a39b8ef41aa4e7b91a674fe64e4a92bfce39c97df3f7d9ac3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

Accept-Ranges: bytes
Cache-control: no-cache
Connection: keep-alive
Content-Length: 38010
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2022 10:09:41 GMT
Expires: Sat, 01 May 2021 21:00:00 GMT
Pragma: no-cache
Server: nginx/1.14.2

Redirect headers

Cache-control: no-cache
Connection: keep-alive
Content-Length: 41
Content-Type: text/html; charset=utf-8
Date: Mon, 02 May 2022 10:09:41 GMT
Expires: Sun, 02 May 2021 00:05:01 GMT
Location: https://www.liveinternet.ru/
Pragma: no-cache
Server: nginx/1.14.2

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 68ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08210426af0053a4da68ee5733f3d7a55c46fc2b4b877481cac953f57576a121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56105
x-xss-protection: 0
server: cafe
etag: 3159808168645924109
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 May 2022 10:09:41 GMT

GET
H/1.1 200
OK main_new.css
i.li.ru/utf/ 13 KB
13 KB 255ms
79ms Stylesheet
text/css 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/utf/main_new.css
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 8b02ba8596b3e520cd06fc86d605cf133cd0ba2bf47a0ab48e25ab62b17abdc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:41 GMT
Last-Modified: Wed, 13 Mar 2019 18:52:25 GMT
Server: nginx/1.14.2
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13290
Expires: Mon, 02 May 2022 10:44:54 GMT

GET
H/1.1 200
OK global.js Show response
i.li.ru/utf/ 48 KB
12 KB 279ms
89ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/utf/global.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: b650768f2426d107f7d36df05c09a7220941cec1ea265d2a82bcb6fcea341f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Oct 2020 17:50:50 GMT
Server: nginx/1.14.2
Content-Type: application/x-javascript; charset=windows-1251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11538
Expires: Mon, 02 May 2022 10:45:27 GMT

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 125 KB
33 KB 182ms
62ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1f4f359199db0ca50d6a34ca0b8d74876bae227d0a29fdd82bdd22a835b44382

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1651486182143209-9945879972215067530-sas3-0999-700-sas-l7-balancer-8080-BAL-803
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:42 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 286 KB
78 KB 184ms
64ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ed66fd9ec9132c3e970027bd2f86053f4a0db2bb075a70d0565aa557140daec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1651486182143473-12114443803517798441-sas3-0999-700-sas-l7-balancer-8080-BAL-6786
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:42 GMT

GET
H2 200 widget.js Show response
an.yandex.ru/system/ 286 KB
78 KB 168ms
60ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/widget.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0b171ad819081daa759564555e65af7f113ac2d963fc9779c2d564916c166198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1651486182131382-1528868817282067216300184-production-app-host-vla-pcode-78
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:42 GMT

GET
H/1.1 200
OK ria.ru.ico
www.liveinternet.ru/favicon/ 2 KB
2 KB 140ms
44ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/ria.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: ba24376abde567d70f27a4d8ea9ee6ce5cb5ff1ee62639b59f8d0f2fd9af0643

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Sat, 30 Apr 2022 11:33:46 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 1841
Expires: Wed, 04 May 2022 14:44:36 GMT

GET
H/1.1 200
OK russian.rt.com.ico
www.liveinternet.ru/favicon/ 409 B
643 B 140ms
44ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/russian.rt.com.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 13f842223ca63dec893973e9b82faebd0e2e367195fb2e46f102c5682a360fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Sun, 01 May 2022 14:49:03 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 409
Expires: Wed, 04 May 2022 15:34:06 GMT

GET
H/1.1 200
OK penzavzglyad.ru.ico
www.liveinternet.ru/favicon/ 2 KB
2 KB 92ms
42ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.liveinternet.ru/favicon/penzavzglyad.ru.ico
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: b6c2a75d41df7dac39059ce3ea6ab11c5b41265f42bd3e9a1d95058b05230ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Sat, 30 Apr 2022 20:00:37 GMT
Server: nginx/1.14.2
Connection: keep-alive
Content-Type: image/png
Content-Length: 1854
Expires: Wed, 04 May 2022 10:53:19 GMT

GET
H/1.1 200
OK w2.gif
i.li.ru/images/ 2 KB
2 KB 140ms
40ms Image
image/gif 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/w2.gif
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 784df16a14e5dc3820fc1995f07b61712d8d2531e387d16eeecb7af8672ecc30

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 26 Dec 2017 17:10:25 GMT
Server: nginx/1.14.2
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1659
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK c2.gif
i.li.ru/images/ 2 KB
2 KB 171ms
39ms Image
image/gif 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/c2.gif
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 08889b48a61c5dfe9af1a58b34c8fd91fe80ad8bd54b21e25264a130beb95b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 26 Dec 2017 16:41:16 GMT
Server: nginx/1.14.2
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1650
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK radio.mediametrics.widget-eagle-07_09_21.js Show response
i.li.ru/static/radio/ 193 KB
193 KB 48ms
48ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/static/radio/radio.mediametrics.widget-eagle-07_09_21.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: de93aedb142be3848afd749d101218260df5f54c6f0d6a1ca67df06bea50e939

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:41 GMT
Last-Modified: Tue, 07 Sep 2021 15:24:26 GMT
Server: nginx/1.14.2
Content-Type: application/x-javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197211
Expires: Mon, 02 May 2022 11:49:01 GMT

GET
H/1.1 200
OK protoculous-effects-packer.js Show response
i.li.ru/static/js/ 62 KB
62 KB 59ms
58ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.li.ru/static/js/protoculous-effects-packer.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 0854ba4aeda95830ad5cf264c39b0effcc23cd187e621b791e0982f6d58bfaf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 13 Nov 2018 17:34:36 GMT
Server: nginx/1.14.2
Content-Type: application/x-javascript; charset=windows-1251
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63308
Expires: Mon, 02 May 2022 10:36:57 GMT

GET
H/1.1 200
OK lici.js Show response
www.liveinternet.ru/utf/ 14 KB
14 KB 53ms
52ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/lici.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: b2b0b35a72deb6d7c8abddc64d177588f6060c7a37f1f6b93fa5d2bdf6c90fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 20 Feb 2018 14:37:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14581
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK li.js Show response
www.liveinternet.ru/utf/ 152 KB
152 KB 249ms
155ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/li.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 7e6dbb0edae85e0f5e06f9a8024cd8ab08ee46844247f3a67a363c1c3484539f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 27 Apr 2021 14:30:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155335
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK main_new.js Show response
www.liveinternet.ru/utf/ 5 KB
6 KB 180ms
85ms Script
application/x-javascript 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.liveinternet.ru/utf/main_new.js?v=5
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: f8e75cfee116c03faa91b6a117e8a638cca62eb82dc132e82cc1dc6d6ed0e5ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Mon, 29 May 2017 21:41:05 GMT
Server: nginx/1.14.2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5387
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK /
counter.yadro.ru/logo;groups/li/ 372 B
645 B 135ms
41ms Image
image/gif 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo;groups/li/?52.1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

3a232fce36ba7b58ea5c46f008834ced5a7ea25b61f3aafc1198cf0e9cfbe1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:42 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 372
Expires: Sun, 02 May 2021 00:05:07 GMT

GET
H2 200 vq_starter.js Show response
cdn.viqeo.tv/js/ 51 KB
21 KB 195ms
7ms Script
application/javascript 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/js/vq_starter.js
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 68f3a3ca00a9b3f3336e1dcafedc5280d16b3d878f61ca3e72a883f0a7f91421

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 10:22:18 GMT
server: nginx
etag: W/"6266765a-cd32"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 02 May 2023 10:09:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 308 KB
110 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9165516179791802&plah=www.liveinternet.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6ed3b0c1292c477cb64a22ab24ec0e7a9a4233ff00638b90cc61b0e1338f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112581
x-xss-protection: 0
server: cafe
etag: 4921341541357426653
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 02 May 2022 10:09:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame 589D 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

age: 40248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 01 May 2022 22:58:53 GMT
etag: 3347421328414474149
expires: Sun, 15 May 2022 22:58:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK icons.png
i.li.ru/images/main_new/ 8 KB
8 KB 120ms
84ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/main_new/icons.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 3c4509da00ea790b9cd80646ad5bd0d2600c77888268abeeab96f89149018aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 26 Dec 2017 16:45:08 GMT
Server: nginx/1.14.2
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8130
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK hit;li_face
counter.yadro.ru/ 0
177 B 129ms
42ms Image
text/plain 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;li_face?r;s1600*1200*24;uhttps%3A//www.liveinternet.ru/;hLiveInternet%20@%20%u0421%u0442%u0430%u0442%u0438%u0441%u0442%u0438%u043A%u0430%20%u0438%20%u0434%u043D%u0435%u0432%u043D%u0438%u043A%u0438%2C%20%u043F%u043E%u0447%u0442%u0430%20%u0438%20%u043F%u043E%u0438%u0441%u043A;0.18679407603527287

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Transfer-Encoding: chunked
Server: nginx/1.17.9
Connection: keep-alive
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK logo2.png
i.li.ru/images/main_new/ 3 KB
3 KB 157ms
44ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/images/main_new/logo2.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: 8a21b7710d4ed040db83cefa915374b851d59f7267cb5c6d60f4ecae323195ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Tue, 26 Dec 2017 16:45:15 GMT
Server: nginx/1.14.2
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315
Expires: Thu, 30 Jun 2022 21:00:00 GMT

GET
H/1.1 200
OK technohelp-logo.png
i.li.ru/static/images/ 14 KB
15 KB 161ms
125ms Image
image/png 88.212.202.50
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.li.ru/static/images/technohelp-logo.png
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/main_new.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.212.202.50 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host150.rax.ru
Software: nginx/1.14.2 /
Resource Hash: ff95237b3ce4ecb3458a74b63182e31a2e963b1ee147095210b7f2c0cf3ac898

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Last-Modified: Mon, 30 Mar 2015 13:51:45 GMT
Server: nginx/1.14.2
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14838
Expires: Mon, 02 May 2022 10:47:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 76ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.liveinternet.ru&callback=_gfp_s_&client=ca-pub-9165516179791802

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9165516179791802&plah=www.liveinternet.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9aafaf8bca24f575e0bebf700e6eaae531d66d786c516ec23ac553734ca640ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA78 0
19 B 82ms
63ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9165516179791802&output=html&adk=1812271804&adf=3025194257&lmt=1651486181&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.liveinternet.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651486181081&bpp=187&bdt=142&idt=284&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6800782474106&frm=20&pv=2&ga_vid=175933928.1651486181&ga_sid=1651486181&ga_hid=604168834&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761043%2C21066429%2C31061828&oid=2&pvsid=1380397679045905&pem=456&tmod=1525808453&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=307

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:42 GMT
expires: Mon, 02 May 2022 10:09:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 60ms
29ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: i.li.ru
URL: https://i.li.ru/static/radio/radio.mediametrics.widget-eagle-07_09_21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27d53a48b059310ec13d93a98120f51c8431ae8ea241c5dff83b20e9c3e1c6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 02 May 2022 10:09:42 GMT

GET
H/1.1 200
OK radio_v2.json Show response
mediametrics.ru/data/ 7 KB
1 KB 146ms
44ms XHR
application/json 88.212.196.113
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediametrics.ru/data/radio_v2.json?random=0.04937242240052342
Requested by: Host: i.li.ru
URL: https://i.li.ru/static/radio/radio.mediametrics.widget-eagle-07_09_21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.196.113 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host13.rax.ru
Software: nginx/1.11.1 /
Resource Hash: 0f3b77f0e991eef1999f1261098a011df936a2bbe75d20dfd013693ca02ba4a0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin
Last-Modified: Mon, 02 May 2022 10:09:02 GMT
Server: nginx/1.11.1
ETag: W/"626fadbe-1dc1"
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9cdfefcf/www-widgetapi.vflset/ 154 KB
50 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9cdfefcf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 09:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51077
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 00:16:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 May 2023 09:03:39 GMT

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 323ms
51ms Preflight 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.liveinternet.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.liveinternet.ru
content-length: 0
date: Mon, 02 May 2022 10:09:42 GMT
timing-allow-origin: *
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 240 B
527 B 203ms
77ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

39aa39a2cfebf11b7a8054ddd0a1a08f5ada33c8ff3fde69ba6a8a1385dcdb69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 02 May 2022 10:09:42 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 240
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 fc00a78100875a8a056d.js Show response
yastatic.net/partner-code-bundles/575931/ 37 KB
10 KB 138ms
41ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/fc00a78100875a8a056d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5a1bacfda71f3f27975657786632aa27dd576e89c94b6ea6c762cecb9ff60718

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10149
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "e5154780be94265e55fd32f6196b78be"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:45 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 298ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:06 GMT
server: nginx
etag: W/"624c3cde-1feac"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 03 May 2022 10:09:42 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
342 B 178ms
71ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.liveinternet.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
924 B 69ms
21ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
307 B 280ms
59ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.liveinternet.ru
Pragma: no-cache
Date: Mon, 02 May 2022 10:09:42 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
213 B 51ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 02 May 2022 10:09:42 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
257 B 44ms
8ms XHR
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.liveinternet.ru
date: Mon, 02 May 2022 10:09:42 GMT
access-control-allow-credentials: true
server: nginx/1.17.10
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
321 B

45ms
44ms

XHR
application/json

194.190.76.38
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Server: 194.190.76.38 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp2.senders.matchtv.ru
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:42 GMT
server: nginx
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:42 GMT
server: nginx
access-control-allow-origin: https://www.liveinternet.ru
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
511 B

23ms
23ms

XHR
text/plain

144.76.118.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Server: 144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.200.118.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Mon, 02 May 2022 10:09:42 GMT
server: nginx
access-control-allow-origin: https://www.liveinternet.ru
etag: W/"c2fb20bd69fed2b3133a3cd479acb4936643164d8eb09fbc53b56e3f403caf0b"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 200
OK bid Show response
adfox-hb-bidder.rutarget.ru/ 11 B
730 B 181ms
57ms XHR
application/json 188.72.107.194
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-hb-bidder.rutarget.ru/bid
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.72.107.194 Paris, France, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 02 May 2022 10:09:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: https://www.liveinternet.ru
Rutarget-SameSite-Cookie: true
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name,Authorization
Content-Length: 11

GET
H2 200 953eadf0b1ddecfeb5be.js Show response
yastatic.net/partner-code-bundles/575931/ 13 KB
5 KB 128ms
61ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/953eadf0b1ddecfeb5be.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4468
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "8bfe6375420f5ddd290872d10aaad942"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:20 GMT

GET
H2 200 9c6a709e779e825bf49f.js Show response
yastatic.net/partner-code-bundles/575931/ 89 KB
19 KB 141ms
76ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/9c6a709e779e825bf49f.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18885
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "2af5080ab83da0cc0a0a8104e2076047"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 154ms
90ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:43:36 GMT

GET
H2 200 d764300e195c28c18d93.js Show response
yastatic.net/partner-code-bundles/575931/ 502 KB
104 KB 129ms
101ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/d764300e195c28c18d93.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 105415
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "78a41bd4749038af54167b0920f5fef2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H2 200 125905 Show response
an.yandex.ru/meta/ 36 KB
10 KB 189ms
189ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/125905?target-ref=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&pcode-test-ids=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&pcode-flags-map=eJyVV11v2zYU%2FSuDn4OBlChR6hsl0TYRilRJyo5bFETXZU%2FBMHRpMaDof9%2BlJNuR7NBpHvIFn3O%2Fz738seKKVZL7Wje8tn6%2FFY5LYd3q3ccfq%2B%2Bfn749rt6tnOn56m71%2FPjvs%2FgT%2FiZJibJy9fPT3aoRdsA3fM166bzb8pZ73nbu4JveMCe0uslF04Gr5Y1gfi2ArhIOsNx3RmgjgGvNaqfNjAn9jsIXvmAjA9tOyx5cqXrntPJMifbSmTH4CwI6EPRKrLUB1FsgYzbqLVMbSKYU9T2kwuh%2Bs%2FVSb0Q944BYwJOja8cYZ5xpQpNk4JwKtOvKqUjxdBJMS%2FwSeM4qlFe4rW8tD386bnyvGvjOqsZrJQ83iDOSTJllFoJSG88fOr%2BWDH5ZmvLu0F1Uz0M6oVGsMLw5Vjhuk6Y5Tl%2BxecPYjBgvWZP8xDr5vtWKHzrtIBPetkxK33FTcxWfhAyRJB3Tbfj7nlvndy0DD41u%2FYFBeh%2B86eMUCU2TMUi71XsvWcXl2YuxSeIMKcKoPAVke7PjB2gWteMGJlJ7xfeeNbXhMAE7Pn1gRrkTDddzTpwX%2BMR5gfbAbZfj9D0vcfkXBBMjCk4JC20n1Fp7KdR9PDjoujRbVmtyQssGGP3JN6GgqxWTvtVNL%2BPNlWUZSumJOOSoDgmHfE3z6fjDjeoDRUFeDluvbN912jjocKlZmC5bG9E5b03t98wooTY3OGlG6C%2F3PEzWVs6lAQd1nFHnKSXFibrVY5RMSEDXOnzvmOQOdFexdp49KTZb56vNjI%2BmiJ5LY90oVFcaI6MEQYfOsFlejFjWrPWDbyE%2FO2FFJWQICBwbVHRG8%2FjfP3PhpWmKjlo9pTtkgrXdS9zz12%2BPM1iRlhMMpNDa0IpLzKWtE%2BiqvxW4vFd8JjsfofPzhN4lGazLDH4URYHv0ozgorhL0jJLw48M0fwuyQkh6V2CEqja8SMpKvMc4BSVCAOcElJ8mglZiRGefPKWc%2BV1BZO1m7uxevz78x9Pj%2FP1kifl2GRrAbFA%2FFs%2BVFi5eBpIlk7r5QNXiQclBz3fKJ9g%2Fz6FFuCdT6MEWZKUo9p1MLW188ZVkH%2FQAR7F0aTMRo9r3atB1h62JgopaDFtrJMS%2B0a3TKgYDOqRpNN6CKoYmqPWbaX9upcSphnyHMVjkHN0ym1l9D0UBvLqN0Y0cSTNivyqwx7uLGdEFYVD7%2BRjvHvRbLgLnnfhZoiiUoIxPVc0BAl3QgOHAlxMmziWYFKgM%2FZ4DFbahFE0rBG9%2Fe2NDAcWoh3D9Ezu2cHGkenx0GnWHTSi7bSCcXai5bqf63ayFEJCUDpmashP2JV2ueov7GVA80IADA%2BKc7QXNDoOJ5Qml3CxDgtsH%2BTzVl%2B9wnB0YMdkP6tWiq6jTxd%2F6GmhOiiyZ6aN287xNLU3F%2FgSmiFERqGXHPYfrB0DS4IZwRYJT5awqbyLKTQc1mgD%2B%2FWN4xjW%2FFRrZmw4Uh07tws3BhYGnOgvObIZvkAETYI1bVsQ%2B53g%2B7Dno6Zzmk87w4oPsGm4smDsvDWiYIryDE0JgNtEwbau4YQX7SYOS8Doiy5BDwg6jHXhPoqXuCyLYgEcDqs57MvT4%2Bev8wTjfFJmuFjh4Gy1ZaIOBbNb1sBFCxJ2w2U8LaPZO2Jks3HJPGPDHml0P7T28P66NZGvmB1UL1wFbwRb28HhWG956KJrj4ZsNoc0wyWZ9piyohnmaJhBLuHprJwNmXPCDTraHF5rl4u7kcI5cfEI2DPh4OIcrqK1MPA8YcruwebVtznO5u1bkGmfGN5BI4xPm%2BM7h63d4LvRUt64aHE5Xcmssc398jwBzwuKFrGE%2FxyTBITD87HtpRMVU2q8qpd2vzw%2Fzd0nRfn6hRk7EFGe58V5PVxxuEzxwuFyegZuDKuSeOsQjMj5sz5ow6xfcIJin7%2By4XB2FfHzf1m0JP8%3D&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=vZNJ%2FuuJkuuHqkLfFN2WUa38%2Bgn4V0gfRQV%2Fpf4HpKhWLCO4%2Fd6IHYrZnbe4VixUcwST5blATjLfPzRRuyTkSmpNZdc%3D&imp-id=28&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=536870925&ad-session-id=7045081651486181599&target-id=5212845&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&pcode-version=575931&pcodever=575931&flash-ver=0&available-width=1280&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1280%2C%22h%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A160%2C%22top%22%3A15%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=3392&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyNDl9ClKmkrDkJuoBMVBHDUi1H8gP7dM4UkuWWldELVUkqlqBTjkJ-yPn5HJ4m0xgkze91ZeHUsnakG-qoEFLxPnzOSe5NdBHDHAFY4wQJ8wJZ9qq6s5JECOEITCMMUZOQNfCzuCpkyxVZ0kHam_YEWWLDyiJ5Atr4hb3JukNowmbtGEdtpQSlt6QmyAiWyID4UAXcxOz2hqEg0COKBpKRBwpmjAibdJ-fILjENRN_URxvhB1hgsbZj-ueICd6CH1hueb1xvwJ4_VpGW_r99wofg4RAcTNowPkDbRDAmXRKS9tIh5QIwWW3rDdPVG-FWKhrJtv1D8ASo67m-JiBc3bkQRKT6HtH9e_EKhRZT9RVN2h83lsIYjRF8lXMgv6tgpm-y9i2u5TA3yiWN8HfmUU1OJdmrBR550RFJTG3f4Kn2iSl0plaWzmmkTGo3JTJvlOpM50SaazASACKfZWfeYabIk7-qcJkPg1mVKfaqlTrQqtbvrVZ-oThC4_VOYexM_1RTfu9FB3cxsGrF2FdeETf5nnbTgAGURYErcsN7pI7WBOC7JwaQH9F44RHyVTXF3Tr8Tu53-wuFkMGGpUp0yWLuvzQ-QPQr3dhbvFpuAxTNvBfuC8MYcL1VEtmUfNsNfedAnWDxLjnmVx1u7swbDoNLBNJl1Wthdr8mVSgTuXKOhzukytyedVq3OUh9kKmWWGnJuOrgat4m1EbyRadbCalZS52pu3BqtGo7yGPOQQpnkidvUCLxbiCjMzjxIyqBR0Q0pXw59ZGlyraaSLX5WVju354O_nxDmb0KVJ3aHw1duqqWjTfQqDRWNuhtUIPmgqTNYWzet7TNMiL_Y2vqSSHLD2nlSQ5-kB9TNbsgNasPrh6N9efwi1_HuOKS3lnn3jcZulB8i6ppmveJalPwOHNfRu9A5e_g7AAcfyP9ZgnlOzDF14rEn7HHFXSGulILxhjJviWONCQvqc28eIhhPFfGU-OcD9O9V9jgqatuAath9LW03751Cn3GS3YvDb0LCrrNt-NdIvi2PST16hK9jfnrycwq0-TrR6eYafy8_uDF5tAPb3yKv47C2QIA2oj7J3VLKb4TNTsso-z5TI3D7wZOGk2bTHA537CUbExSeldU9st2yoCh4qwoJ1F5dY5qR1Xt95yT93i9p-Mw2ejYzxk22AbSFFd8XbRP4d2PCa0e8MM9Vj045Y6iKEhaU2p9oby-cUiJ2HOAbhEnjFeyHb0A25FwZdxYPchaXCdgpp4VqMrg-wy2mzEal8EzawDfQ9XOyzenz6ju9SsTgH7Y_rVUmWv2MawT7A-NdVnorOJxVJJHc5R82RyQtmkN4o3e4GJjA4TyxKM8ihqtkatIomBgO3tsX2SjrGBwOc7e7rLYgZlaOnKdvVP3fNFNd-Wi0UyFRVam18KUsFPhFb2BUDTUOffU-0j4pJxG86vaSWrgoIomIOQkDv25R3ZynpkOlPKYu5cQMde_ceyDUcdStYl2bkhMC7sQpWKpzqwlWgjv-hfy-oNW93rOhFP2hWB2_0mz4jUHCkNer_mxiDoiggcrESQJS4GhY9tx_Q5xEIa5YulFin-qgNMimPAgjTUr3-UpGJN6xxnm0ZfNmsRfEvZw96NKz93rsY4HhHX3s0fIKb8jg6-dvMu4HFKvBnzrM8GSCxAA8DqHgro29Vax8nqW9ghth292IV0zKLE_1tKeEq0pp_JCTDKSk3jnn3Io3FNgNd7k5vXgefv_7j6_JDZnGxC2UxhEIr3wgF_LecqyUT7oUVrtke5AqOlXtrIrmAwsISnwJHCnRmzuJNiSTCMy7w0QDMAJxEERtu7wJN_s6vm4oN82Ga-X_y7wFu2th7PRWhJ0BodVbLGDpDPZuY2D0kggYGa1-isGJulxvzJNxpbNrJHWyR0ReMk2lCchnmrfsrl4QcLxlmt0mu8PC6OivCV4HfK5OeqLqoN_z1AsaSGpt0m0Ou6MWFaajmt6q9Jvov8S4PGZDP9dGHCTHt0iOYQ6rxWrfYZVbk_-1144qy3xNTry1hcCqeCuYwCv6srOVZcUcqpMXj6S_8qK40o9OR5lud7mojyqoqljkXTVaXbJ52f2IKZ6RYYtvABnpEvlKC0LlMjfq_aeEMqI1yQhbCwLLewiUkcyWQ4uNy5dP58LKBiGmb_vEz31thD4quwgVITeDvq7iDnm_KkaOVIgVCiXiaf28yIHFI8gxr_5Crn1WnV4TFYEwDEQcjCzvQ_xl4s4HyYxLZJxFOnWRI65UJosVzF7VZLzS42AZUUM-SP_yEpL3O6XdeeMtEZmnPV0uF0ejYJwj0qgSIxgaKgNiurbZpmui6r1zVIULIZ94KEYnC4ZRvv-JJmMrW52DbhgWz0BE0KZm6BsIwm0IMTZsszDRT8dVxS-Tz627AmNBy3U5jRHUVKvWa6kROd7GZGGc8d1tR2i3reAB5U4K6WoI92DArikRnXbp8BqRezlfiIeGfREWkDyyBOdjcYYO2O6-ksE5EEAsxw_cGWjcAwc_5CE2Ane3AN07uQCrmqHqCmPDezbRwdrMt3BrD2VNzBHHJqvlsZu4bworS83C0T-8NDeCQptpMqUasDkcxA2zlZdsEPdvb_4jGFUeWjLPC30HhO-KtRY4cuTAiNfQxizJKn-1nz_gsmGfXsRe9F4i0LzTCalm2Hg9utjFNYtcbYxQfF2KWGQ_Tg2ZZnoVTabWZTqfQODjg69MFeVoFCEP_K8evjyeUK2Vy7iEpyCSn6TgLkl85h4CHjdfEO-4xLnKJQz62zzjRgQ1XCsezPJBLCcZAZe8shGekhH-WtGnlY0PNfp48bIbwRZ9KErwgMApF-1VCXqIVHZ60WxTDIqvnJfo5fqgh0LhRmLzi9qE7AUsJPktHihOcRRWlie0gwgaRBoGe6QhHu9UssrkcNkH6aUqRYY-kSM7KDtXG52Z2d80iNSpikZl1FOlaabWw_T1FaQqbXmi0VShki_9qdSJg-FsDh85hidf8sIEMijwewN4IyyCIYODhR7MJdhHUpe5AuEDCshA9BNiZGGwchBCkoen08JNlD4UfjYoILwUVSFD-Q_WJyazatBnuLFIOhU1XXoxx-wsEC50FPx-IYFb2st1sLP04lV20wkFPVqmgqQINqgQpZtj0D33Ol04Gn6e5N9BzTd8cRXD16TnHn-w0mI2e8HCarwRyV0Pd0gM-mzh3taaewRjDB2jD5XiLcvu8yvuramh7id_pyQ0B7OTetOvY9cq0R7vdIsW8hbAjL2wJiGCdZV0V7BdUVvIv_5QLMUYUYuzY-emNaC8_Swwp3EgaQAFVhBSBwC_AfQ%3D&uniformat=true&callback=Ya%5B3976265949652%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44f78273c09dcf1c979615b565330601d70bd6cc546f3c44f90d0cbce66153ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1651486182394971-5142098497216856000196-production-app-host-sas-pcode-371
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 02 May 2022 10:09:42 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
uniformat: true
expires: Mon, 02 May 2022 10:09:42 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 136ms
45ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.liveinternet.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.liveinternet.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 02 May 2022 10:09:42 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
297 B 52ms
51ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:42 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:42 GMT

GET
H2 200 33a5dc080364f2d34845.js Show response
yastatic.net/partner-code-bundles/575931/ 182 KB
40 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/33a5dc080364f2d34845.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3a5f2c8ec0734e983f19a5a8843230c516212eae6440d5286ca3c07a98156e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 39916
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "91779c8c9805f5555fea63356693aa9d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:21 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 211ms
102ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-c59f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50591
expires: Mon, 02 May 2022 11:09:42 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
221 B 223ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=122&profileId=184&cb=38675344577

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 wx150
avatars.mds.yandex.net/get-direct/3578559/u7kpxy3UjrjA-Kza30eh2g/ 3 KB
4 KB 155ms
49ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/3578559/u7kpxy3UjrjA-Kza30eh2g/wx150
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 57872fd25f4c257ab69a0652cdc7c0ae32c2874600c61a67621b6d67c1906bf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
last-modified: Mon, 21 Feb 2022 11:07:47 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3302
x-request-id: ef13a12feeccdf68

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 52ms
52ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.liveinternet.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.liveinternet.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 02 May 2022 10:09:42 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 61ms
60ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:42 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:42 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
220 B 16ms
13ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 16ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 27 Apr 2023 10:09:42 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 16ms
15ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 27 Apr 2023 10:09:42 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 3 KB
1 KB 99ms
98ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2022-05-02T10%3A09%3A42.090%2B00%3A00&pd=2&pdh=1200&pdw=1600&pr1=2175439385&pr=3653722545&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=www.liveinternet.ru&ylv=0.575931&ybv=0.575931&ytt=243543437344773&is-turbo=0&skip-token=yabs.NzIwNTc2MDU4MDc1OTM3NjU%3D&ad-session-id=7045081651486181599&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1280%2C%22h%22%3A0%2C%22width%22%3A1280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A160%2C%22top%22%3A358%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=575931&available-width=1280&pp=noj&ps=erxe&p2=y&puid1=&puid2=&puid3=&slotNumber=1&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6NTU1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1NSJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MTgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzYzMzQ0In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjoxMTUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyODY0MTAyIn0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjoyODcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfOTcweDI1MF9oZWFkbWFpbiJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTE1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiS0RoTXoxc1hqa1NqMlFZZnNkalkifSx7ImNhbXBhaWduX2lkIjoxNDYwODIyLCJyZXNwb25zZV90aW1lIjoxMDYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODA5In0seyJjYW1wYWlnbl9pZCI6OTU4NTAxLCJyZXNwb25zZV90aW1lIjozOTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzRfbGl2ZWludGVybmV0LnJ1X2Rlc2t0b3BfYWRmb3hfaGVhZG1haW5fOTcweDI1MCJ9LHsiY2FtcGFpZ25faWQiOjc2OTE2MCwicmVzcG9uc2VfdGltZSI6MTI5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTIyMTM4NyJ9LHsiY2FtcGFpZ25faWQiOjE0NTgxOTMsInJlc3BvbnNlX3RpbWUiOjE5MCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6Ijk4OSJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&pcode-flags-map=eJyVV11v2zYU%2FSuDn4OBlChR6hsl0TYRilRJyo5bFETXZU%2FBMHRpMaDof9%2BlJNuR7NBpHvIFn3O%2Fz738seKKVZL7Wje8tn6%2FFY5LYd3q3ccfq%2B%2Bfn749rt6tnOn56m71%2FPjvs%2FgT%2FiZJibJy9fPT3aoRdsA3fM166bzb8pZ73nbu4JveMCe0uslF04Gr5Y1gfi2ArhIOsNx3RmgjgGvNaqfNjAn9jsIXvmAjA9tOyx5cqXrntPJMifbSmTH4CwI6EPRKrLUB1FsgYzbqLVMbSKYU9T2kwuh%2Bs%2FVSb0Q944BYwJOja8cYZ5xpQpNk4JwKtOvKqUjxdBJMS%2FwSeM4qlFe4rW8tD386bnyvGvjOqsZrJQ83iDOSTJllFoJSG88fOr%2BWDH5ZmvLu0F1Uz0M6oVGsMLw5Vjhuk6Y5Tl%2BxecPYjBgvWZP8xDr5vtWKHzrtIBPetkxK33FTcxWfhAyRJB3Tbfj7nlvndy0DD41u%2FYFBeh%2B86eMUCU2TMUi71XsvWcXl2YuxSeIMKcKoPAVke7PjB2gWteMGJlJ7xfeeNbXhMAE7Pn1gRrkTDddzTpwX%2BMR5gfbAbZfj9D0vcfkXBBMjCk4JC20n1Fp7KdR9PDjoujRbVmtyQssGGP3JN6GgqxWTvtVNL%2BPNlWUZSumJOOSoDgmHfE3z6fjDjeoDRUFeDluvbN912jjocKlZmC5bG9E5b03t98wooTY3OGlG6C%2F3PEzWVs6lAQd1nFHnKSXFibrVY5RMSEDXOnzvmOQOdFexdp49KTZb56vNjI%2BmiJ5LY90oVFcaI6MEQYfOsFlejFjWrPWDbyE%2FO2FFJWQICBwbVHRG8%2FjfP3PhpWmKjlo9pTtkgrXdS9zz12%2BPM1iRlhMMpNDa0IpLzKWtE%2BiqvxW4vFd8JjsfofPzhN4lGazLDH4URYHv0ozgorhL0jJLw48M0fwuyQkh6V2CEqja8SMpKvMc4BSVCAOcElJ8mglZiRGefPKWc%2BV1BZO1m7uxevz78x9Pj%2FP1kifl2GRrAbFA%2FFs%2BVFi5eBpIlk7r5QNXiQclBz3fKJ9g%2Fz6FFuCdT6MEWZKUo9p1MLW188ZVkH%2FQAR7F0aTMRo9r3atB1h62JgopaDFtrJMS%2B0a3TKgYDOqRpNN6CKoYmqPWbaX9upcSphnyHMVjkHN0ym1l9D0UBvLqN0Y0cSTNivyqwx7uLGdEFYVD7%2BRjvHvRbLgLnnfhZoiiUoIxPVc0BAl3QgOHAlxMmziWYFKgM%2FZ4DFbahFE0rBG9%2Fe2NDAcWoh3D9Ezu2cHGkenx0GnWHTSi7bSCcXai5bqf63ayFEJCUDpmashP2JV2ueov7GVA80IADA%2BKc7QXNDoOJ5Qml3CxDgtsH%2BTzVl%2B9wnB0YMdkP6tWiq6jTxd%2F6GmhOiiyZ6aN287xNLU3F%2FgSmiFERqGXHPYfrB0DS4IZwRYJT5awqbyLKTQc1mgD%2B%2FWN4xjW%2FFRrZmw4Uh07tws3BhYGnOgvObIZvkAETYI1bVsQ%2B53g%2B7Dno6Zzmk87w4oPsGm4smDsvDWiYIryDE0JgNtEwbau4YQX7SYOS8Doiy5BDwg6jHXhPoqXuCyLYgEcDqs57MvT4%2Bev8wTjfFJmuFjh4Gy1ZaIOBbNb1sBFCxJ2w2U8LaPZO2Jks3HJPGPDHml0P7T28P66NZGvmB1UL1wFbwRb28HhWG956KJrj4ZsNoc0wyWZ9piyohnmaJhBLuHprJwNmXPCDTraHF5rl4u7kcI5cfEI2DPh4OIcrqK1MPA8YcruwebVtznO5u1bkGmfGN5BI4xPm%2BM7h63d4LvRUt64aHE5Xcmssc398jwBzwuKFrGE%2FxyTBITD87HtpRMVU2q8qpd2vzw%2Fzd0nRfn6hRk7EFGe58V5PVxxuEzxwuFyegZuDKuSeOsQjMj5sz5ow6xfcIJin7%2By4XB2FfHzf1m0JP8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=vZNJ%2FuuJkuuHqkLfFN2WUa38%2Bgn4V0gfRQV%2Fpf4HpKhWLCO4%2Fd6IHYrZnbe4VixUcwST5blATjLfPzRRuyTkSmpNZdc%3D&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&grab-orig-len=3392&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyNDl9ClKmkrDkJuoBMVBHDUi1H8gP7dM4UkuWWldELVUkqlqBTjkJ-yPn5HJ4m0xgkze91ZeHUsnakG-qoEFLxPnzOSe5NdBHDHAFY4wQJ8wJZ9qq6s5JECOEITCMMUZOQNfCzuCpkyxVZ0kHam_YEWWLDyiJ5Atr4hb3JukNowmbtGEdtpQSlt6QmyAiWyID4UAXcxOz2hqEg0COKBpKRBwpmjAibdJ-fILjENRN_URxvhB1hgsbZj-ueICd6CH1hueb1xvwJ4_VpGW_r99wofg4RAcTNowPkDbRDAmXRKS9tIh5QIwWW3rDdPVG-FWKhrJtv1D8ASo67m-JiBc3bkQRKT6HtH9e_EKhRZT9RVN2h83lsIYjRF8lXMgv6tgpm-y9i2u5TA3yiWN8HfmUU1OJdmrBR550RFJTG3f4Kn2iSl0plaWzmmkTGo3JTJvlOpM50SaazASACKfZWfeYabIk7-qcJkPg1mVKfaqlTrQqtbvrVZ-oThC4_VOYexM_1RTfu9FB3cxsGrF2FdeETf5nnbTgAGURYErcsN7pI7WBOC7JwaQH9F44RHyVTXF3Tr8Tu53-wuFkMGGpUp0yWLuvzQ-QPQr3dhbvFpuAxTNvBfuC8MYcL1VEtmUfNsNfedAnWDxLjnmVx1u7swbDoNLBNJl1Wthdr8mVSgTuXKOhzukytyedVq3OUh9kKmWWGnJuOrgat4m1EbyRadbCalZS52pu3BqtGo7yGPOQQpnkidvUCLxbiCjMzjxIyqBR0Q0pXw59ZGlyraaSLX5WVju354O_nxDmb0KVJ3aHw1duqqWjTfQqDRWNuhtUIPmgqTNYWzet7TNMiL_Y2vqSSHLD2nlSQ5-kB9TNbsgNasPrh6N9efwi1_HuOKS3lnn3jcZulB8i6ppmveJalPwOHNfRu9A5e_g7AAcfyP9ZgnlOzDF14rEn7HHFXSGulILxhjJviWONCQvqc28eIhhPFfGU-OcD9O9V9jgqatuAath9LW03751Cn3GS3YvDb0LCrrNt-NdIvi2PST16hK9jfnrycwq0-TrR6eYafy8_uDF5tAPb3yKv47C2QIA2oj7J3VLKb4TNTsso-z5TI3D7wZOGk2bTHA537CUbExSeldU9st2yoCh4qwoJ1F5dY5qR1Xt95yT93i9p-Mw2ejYzxk22AbSFFd8XbRP4d2PCa0e8MM9Vj045Y6iKEhaU2p9oby-cUiJ2HOAbhEnjFeyHb0A25FwZdxYPchaXCdgpp4VqMrg-wy2mzEal8EzawDfQ9XOyzenz6ju9SsTgH7Y_rVUmWv2MawT7A-NdVnorOJxVJJHc5R82RyQtmkN4o3e4GJjA4TyxKM8ihqtkatIomBgO3tsX2SjrGBwOc7e7rLYgZlaOnKdvVP3fNFNd-Wi0UyFRVam18KUsFPhFb2BUDTUOffU-0j4pJxG86vaSWrgoIomIOQkDv25R3ZynpkOlPKYu5cQMde_ceyDUcdStYl2bkhMC7sQpWKpzqwlWgjv-hfy-oNW93rOhFP2hWB2_0mz4jUHCkNer_mxiDoiggcrESQJS4GhY9tx_Q5xEIa5YulFin-qgNMimPAgjTUr3-UpGJN6xxnm0ZfNmsRfEvZw96NKz93rsY4HhHX3s0fIKb8jg6-dvMu4HFKvBnzrM8GSCxAA8DqHgro29Vax8nqW9ghth292IV0zKLE_1tKeEq0pp_JCTDKSk3jnn3Io3FNgNd7k5vXgefv_7j6_JDZnGxC2UxhEIr3wgF_LecqyUT7oUVrtke5AqOlXtrIrmAwsISnwJHCnRmzuJNiSTCMy7w0QDMAJxEERtu7wJN_s6vm4oN82Ga-X_y7wFu2th7PRWhJ0BodVbLGDpDPZuY2D0kggYGa1-isGJulxvzJNxpbNrJHWyR0ReMk2lCchnmrfsrl4QcLxlmt0mu8PC6OivCV4HfK5OeqLqoN_z1AsaSGpt0m0Ou6MWFaajmt6q9Jvov8S4PGZDP9dGHCTHt0iOYQ6rxWrfYZVbk_-1144qy3xNTry1hcCqeCuYwCv6srOVZcUcqpMXj6S_8qK40o9OR5lud7mojyqoqljkXTVaXbJ52f2IKZ6RYYtvABnpEvlKC0LlMjfq_aeEMqI1yQhbCwLLewiUkcyWQ4uNy5dP58LKBiGmb_vEz31thD4quwgVITeDvq7iDnm_KkaOVIgVCiXiaf28yIHFI8gxr_5Crn1WnV4TFYEwDEQcjCzvQ_xl4s4HyYxLZJxFOnWRI65UJosVzF7VZLzS42AZUUM-SP_yEpL3O6XdeeMtEZmnPV0uF0ejYJwj0qgSIxgaKgNiurbZpmui6r1zVIULIZ94KEYnC4ZRvv-JJmMrW52DbhgWz0BE0KZm6BsIwm0IMTZsszDRT8dVxS-Tz627AmNBy3U5jRHUVKvWa6kROd7GZGGc8d1tR2i3reAB5U4K6WoI92DArikRnXbp8BqRezlfiIeGfREWkDyyBOdjcYYO2O6-ksE5EEAsxw_cGWjcAwc_5CE2Ane3AN07uQCrmqHqCmPDezbRwdrMt3BrD2VNzBHHJqvlsZu4bworS83C0T-8NDeCQptpMqUasDkcxA2zlZdsEPdvb_4jGFUeWjLPC30HhO-KtRY4cuTAiNfQxizJKn-1nz_gsmGfXsRe9F4i0LzTCalm2Hg9utjFNYtcbYxQfF2KWGQ_Tg2ZZnoVTabWZTqfQODjg69MFeVoFCEP_K8evjyeUK2Vy7iEpyCSn6TgLkl85h4CHjdfEO-4xLnKJQz62zzjRgQ1XCsezPJBLCcZAZe8shGekhH-WtGnlY0PNfp48bIbwRZ9KErwgMApF-1VCXqIVHZ60WxTDIqvnJfo5fqgh0LhRmLzi9qE7AUsJPktHihOcRRWlie0gwgaRBoGe6QhHu9UssrkcNkH6aUqRYY-kSM7KDtXG52Z2d80iNSpikZl1FOlaabWw_T1FaQqbXmi0VShki_9qdSJg-FsDh85hidf8sIEMijwewN4IyyCIYODhR7MJdhHUpe5AuEDCshA9BNiZGGwchBCkoen08JNlD4UfjYoILwUVSFD-Q_WJyazatBnuLFIOhU1XXoxx-wsEC50FPx-IYFb2st1sLP04lV20wkFPVqmgqQINqgQpZtj0D33Ol04Gn6e5N9BzTd8cRXD16TnHn-w0mI2e8HCarwRyV0Pd0gM-mzh3taaewRjDB2jD5XiLcvu8yvuramh7id_pyQ0B7OTetOvY9cq0R7vdIsW8hbAjL2wJiGCdZV0V7BdUVvIv_5QLMUYUYuzY-emNaC8_Swwp3EgaQAFVhBSBwC_AfQ%3D&tga-with-creatives=1

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a2b53e53e3cfe0895eb0901ae8a791863c21afb67d57a34d745267b006ceeae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:42 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1651486182860279-994256738626649447700208-production-app-host-vla-pcode-326
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:42 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 69 KB
22 KB 285ms
284ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2022-05-02T10%3A09%3A42.099%2B00%3A00&pd=2&pdh=1200&pdw=1600&pr1=803019010&pr=3653722545&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=www.liveinternet.ru&ylv=0.575931&ybv=0.575931&ytt=243543437344773&is-turbo=0&skip-token=yabs.NzIwNTc2MDU4MDc1OTM3NjU%3D&ad-session-id=7045081651486181599&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A180%2C%22top%22%3A802%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=575931&available-width=300&pp=noj&ps=erxe&p2=ganf&puid1=&puid2=&puid3=&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6NTU1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1MiJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MTgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzI0MjY2In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjoxMTUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNjkzNzQzIn0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjoyODcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfMzAweDI1MF9ib3RfMSJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTE1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiZko1TWkyeEc2VHRMMEVVY1haNVIifSx7ImNhbXBhaWduX2lkIjoxNDYwODIyLCJyZXNwb25zZV90aW1lIjoxMDYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODE1In0seyJjYW1wYWlnbl9pZCI6OTU4NTAxLCJyZXNwb25zZV90aW1lIjozOTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzRfbGl2ZWludGVybmV0LnJ1X2Rlc2t0b3BfYWRmb3hfYm90MV8zMDB4MjUwIn0seyJjYW1wYWlnbl9pZCI6NzY5MTYwLCJyZXNwb25zZV90aW1lIjoxMjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjIxMzkzIn0seyJjYW1wYWlnbl9pZCI6MTQ1ODE5MywicmVzcG9uc2VfdGltZSI6MTkwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiOTk1In1d&utf8=%E2%9C%93&pcode-test-ids=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&pcode-flags-map=eJyVV11v2zYU%2FSuDn4OBlChR6hsl0TYRilRJyo5bFETXZU%2FBMHRpMaDof9%2BlJNuR7NBpHvIFn3O%2Fz738seKKVZL7Wje8tn6%2FFY5LYd3q3ccfq%2B%2Bfn749rt6tnOn56m71%2FPjvs%2FgT%2FiZJibJy9fPT3aoRdsA3fM166bzb8pZ73nbu4JveMCe0uslF04Gr5Y1gfi2ArhIOsNx3RmgjgGvNaqfNjAn9jsIXvmAjA9tOyx5cqXrntPJMifbSmTH4CwI6EPRKrLUB1FsgYzbqLVMbSKYU9T2kwuh%2Bs%2FVSb0Q944BYwJOja8cYZ5xpQpNk4JwKtOvKqUjxdBJMS%2FwSeM4qlFe4rW8tD386bnyvGvjOqsZrJQ83iDOSTJllFoJSG88fOr%2BWDH5ZmvLu0F1Uz0M6oVGsMLw5Vjhuk6Y5Tl%2BxecPYjBgvWZP8xDr5vtWKHzrtIBPetkxK33FTcxWfhAyRJB3Tbfj7nlvndy0DD41u%2FYFBeh%2B86eMUCU2TMUi71XsvWcXl2YuxSeIMKcKoPAVke7PjB2gWteMGJlJ7xfeeNbXhMAE7Pn1gRrkTDddzTpwX%2BMR5gfbAbZfj9D0vcfkXBBMjCk4JC20n1Fp7KdR9PDjoujRbVmtyQssGGP3JN6GgqxWTvtVNL%2BPNlWUZSumJOOSoDgmHfE3z6fjDjeoDRUFeDluvbN912jjocKlZmC5bG9E5b03t98wooTY3OGlG6C%2F3PEzWVs6lAQd1nFHnKSXFibrVY5RMSEDXOnzvmOQOdFexdp49KTZb56vNjI%2BmiJ5LY90oVFcaI6MEQYfOsFlejFjWrPWDbyE%2FO2FFJWQICBwbVHRG8%2FjfP3PhpWmKjlo9pTtkgrXdS9zz12%2BPM1iRlhMMpNDa0IpLzKWtE%2BiqvxW4vFd8JjsfofPzhN4lGazLDH4URYHv0ozgorhL0jJLw48M0fwuyQkh6V2CEqja8SMpKvMc4BSVCAOcElJ8mglZiRGefPKWc%2BV1BZO1m7uxevz78x9Pj%2FP1kifl2GRrAbFA%2FFs%2BVFi5eBpIlk7r5QNXiQclBz3fKJ9g%2Fz6FFuCdT6MEWZKUo9p1MLW188ZVkH%2FQAR7F0aTMRo9r3atB1h62JgopaDFtrJMS%2B0a3TKgYDOqRpNN6CKoYmqPWbaX9upcSphnyHMVjkHN0ym1l9D0UBvLqN0Y0cSTNivyqwx7uLGdEFYVD7%2BRjvHvRbLgLnnfhZoiiUoIxPVc0BAl3QgOHAlxMmziWYFKgM%2FZ4DFbahFE0rBG9%2Fe2NDAcWoh3D9Ezu2cHGkenx0GnWHTSi7bSCcXai5bqf63ayFEJCUDpmashP2JV2ueov7GVA80IADA%2BKc7QXNDoOJ5Qml3CxDgtsH%2BTzVl%2B9wnB0YMdkP6tWiq6jTxd%2F6GmhOiiyZ6aN287xNLU3F%2FgSmiFERqGXHPYfrB0DS4IZwRYJT5awqbyLKTQc1mgD%2B%2FWN4xjW%2FFRrZmw4Uh07tws3BhYGnOgvObIZvkAETYI1bVsQ%2B53g%2B7Dno6Zzmk87w4oPsGm4smDsvDWiYIryDE0JgNtEwbau4YQX7SYOS8Doiy5BDwg6jHXhPoqXuCyLYgEcDqs57MvT4%2Bev8wTjfFJmuFjh4Gy1ZaIOBbNb1sBFCxJ2w2U8LaPZO2Jks3HJPGPDHml0P7T28P66NZGvmB1UL1wFbwRb28HhWG956KJrj4ZsNoc0wyWZ9piyohnmaJhBLuHprJwNmXPCDTraHF5rl4u7kcI5cfEI2DPh4OIcrqK1MPA8YcruwebVtznO5u1bkGmfGN5BI4xPm%2BM7h63d4LvRUt64aHE5Xcmssc398jwBzwuKFrGE%2FxyTBITD87HtpRMVU2q8qpd2vzw%2Fzd0nRfn6hRk7EFGe58V5PVxxuEzxwuFyegZuDKuSeOsQjMj5sz5ow6xfcIJin7%2By4XB2FfHzf1m0JP8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=vZNJ%2FuuJkuuHqkLfFN2WUa38%2Bgn4V0gfRQV%2Fpf4HpKhWLCO4%2Fd6IHYrZnbe4VixUcwST5blATjLfPzRRuyTkSmpNZdc%3D&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&grab-orig-len=3392&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyNDl9ClKmkrDkJuoBMVBHDUi1H8gP7dM4UkuWWldELVUkqlqBTjkJ-yPn5HJ4m0xgkze91ZeHUsnakG-qoEFLxPnzOSe5NdBHDHAFY4wQJ8wJZ9qq6s5JECOEITCMMUZOQNfCzuCpkyxVZ0kHam_YEWWLDyiJ5Atr4hb3JukNowmbtGEdtpQSlt6QmyAiWyID4UAXcxOz2hqEg0COKBpKRBwpmjAibdJ-fILjENRN_URxvhB1hgsbZj-ueICd6CH1hueb1xvwJ4_VpGW_r99wofg4RAcTNowPkDbRDAmXRKS9tIh5QIwWW3rDdPVG-FWKhrJtv1D8ASo67m-JiBc3bkQRKT6HtH9e_EKhRZT9RVN2h83lsIYjRF8lXMgv6tgpm-y9i2u5TA3yiWN8HfmUU1OJdmrBR550RFJTG3f4Kn2iSl0plaWzmmkTGo3JTJvlOpM50SaazASACKfZWfeYabIk7-qcJkPg1mVKfaqlTrQqtbvrVZ-oThC4_VOYexM_1RTfu9FB3cxsGrF2FdeETf5nnbTgAGURYErcsN7pI7WBOC7JwaQH9F44RHyVTXF3Tr8Tu53-wuFkMGGpUp0yWLuvzQ-QPQr3dhbvFpuAxTNvBfuC8MYcL1VEtmUfNsNfedAnWDxLjnmVx1u7swbDoNLBNJl1Wthdr8mVSgTuXKOhzukytyedVq3OUh9kKmWWGnJuOrgat4m1EbyRadbCalZS52pu3BqtGo7yGPOQQpnkidvUCLxbiCjMzjxIyqBR0Q0pXw59ZGlyraaSLX5WVju354O_nxDmb0KVJ3aHw1duqqWjTfQqDRWNuhtUIPmgqTNYWzet7TNMiL_Y2vqSSHLD2nlSQ5-kB9TNbsgNasPrh6N9efwi1_HuOKS3lnn3jcZulB8i6ppmveJalPwOHNfRu9A5e_g7AAcfyP9ZgnlOzDF14rEn7HHFXSGulILxhjJviWONCQvqc28eIhhPFfGU-OcD9O9V9jgqatuAath9LW03751Cn3GS3YvDb0LCrrNt-NdIvi2PST16hK9jfnrycwq0-TrR6eYafy8_uDF5tAPb3yKv47C2QIA2oj7J3VLKb4TNTsso-z5TI3D7wZOGk2bTHA537CUbExSeldU9st2yoCh4qwoJ1F5dY5qR1Xt95yT93i9p-Mw2ejYzxk22AbSFFd8XbRP4d2PCa0e8MM9Vj045Y6iKEhaU2p9oby-cUiJ2HOAbhEnjFeyHb0A25FwZdxYPchaXCdgpp4VqMrg-wy2mzEal8EzawDfQ9XOyzenz6ju9SsTgH7Y_rVUmWv2MawT7A-NdVnorOJxVJJHc5R82RyQtmkN4o3e4GJjA4TyxKM8ihqtkatIomBgO3tsX2SjrGBwOc7e7rLYgZlaOnKdvVP3fNFNd-Wi0UyFRVam18KUsFPhFb2BUDTUOffU-0j4pJxG86vaSWrgoIomIOQkDv25R3ZynpkOlPKYu5cQMde_ceyDUcdStYl2bkhMC7sQpWKpzqwlWgjv-hfy-oNW93rOhFP2hWB2_0mz4jUHCkNer_mxiDoiggcrESQJS4GhY9tx_Q5xEIa5YulFin-qgNMimPAgjTUr3-UpGJN6xxnm0ZfNmsRfEvZw96NKz93rsY4HhHX3s0fIKb8jg6-dvMu4HFKvBnzrM8GSCxAA8DqHgro29Vax8nqW9ghth292IV0zKLE_1tKeEq0pp_JCTDKSk3jnn3Io3FNgNd7k5vXgefv_7j6_JDZnGxC2UxhEIr3wgF_LecqyUT7oUVrtke5AqOlXtrIrmAwsISnwJHCnRmzuJNiSTCMy7w0QDMAJxEERtu7wJN_s6vm4oN82Ga-X_y7wFu2th7PRWhJ0BodVbLGDpDPZuY2D0kggYGa1-isGJulxvzJNxpbNrJHWyR0ReMk2lCchnmrfsrl4QcLxlmt0mu8PC6OivCV4HfK5OeqLqoN_z1AsaSGpt0m0Ou6MWFaajmt6q9Jvov8S4PGZDP9dGHCTHt0iOYQ6rxWrfYZVbk_-1144qy3xNTry1hcCqeCuYwCv6srOVZcUcqpMXj6S_8qK40o9OR5lud7mojyqoqljkXTVaXbJ52f2IKZ6RYYtvABnpEvlKC0LlMjfq_aeEMqI1yQhbCwLLewiUkcyWQ4uNy5dP58LKBiGmb_vEz31thD4quwgVITeDvq7iDnm_KkaOVIgVCiXiaf28yIHFI8gxr_5Crn1WnV4TFYEwDEQcjCzvQ_xl4s4HyYxLZJxFOnWRI65UJosVzF7VZLzS42AZUUM-SP_yEpL3O6XdeeMtEZmnPV0uF0ejYJwj0qgSIxgaKgNiurbZpmui6r1zVIULIZ94KEYnC4ZRvv-JJmMrW52DbhgWz0BE0KZm6BsIwm0IMTZsszDRT8dVxS-Tz627AmNBy3U5jRHUVKvWa6kROd7GZGGc8d1tR2i3reAB5U4K6WoI92DArikRnXbp8BqRezlfiIeGfREWkDyyBOdjcYYO2O6-ksE5EEAsxw_cGWjcAwc_5CE2Ane3AN07uQCrmqHqCmPDezbRwdrMt3BrD2VNzBHHJqvlsZu4bworS83C0T-8NDeCQptpMqUasDkcxA2zlZdsEPdvb_4jGFUeWjLPC30HhO-KtRY4cuTAiNfQxizJKn-1nz_gsmGfXsRe9F4i0LzTCalm2Hg9utjFNYtcbYxQfF2KWGQ_Tg2ZZnoVTabWZTqfQODjg69MFeVoFCEP_K8evjyeUK2Vy7iEpyCSn6TgLkl85h4CHjdfEO-4xLnKJQz62zzjRgQ1XCsezPJBLCcZAZe8shGekhH-WtGnlY0PNfp48bIbwRZ9KErwgMApF-1VCXqIVHZ60WxTDIqvnJfo5fqgh0LhRmLzi9qE7AUsJPktHihOcRRWlie0gwgaRBoGe6QhHu9UssrkcNkH6aUqRYY-kSM7KDtXG52Z2d80iNSpikZl1FOlaabWw_T1FaQqbXmi0VShki_9qdSJg-FsDh85hidf8sIEMijwewN4IyyCIYODhR7MJdhHUpe5AuEDCshA9BNiZGGwchBCkoen08JNlD4UfjYoILwUVSFD-Q_WJyazatBnuLFIOhU1XXoxx-wsEC50FPx-IYFb2st1sLP04lV20wkFPVqmgqQINqgQpZtj0D33Ol04Gn6e5N9BzTd8cRXD16TnHn-w0mI2e8HCarwRyV0Pd0gM-mzh3taaewRjDB2jD5XiLcvu8yvuramh7id_pyQ0B7OTetOvY9cq0R7vdIsW8hbAjL2wJiGCdZV0V7BdUVvIv_5QLMUYUYuzY-emNaC8_Swwp3EgaQAFVhBSBwC_AfQ%3D&tga-with-creatives=1

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

00b9f964b6bd425d53575bc3d1fc8c34051c16b6a3ed78ddeccdc42c61c51880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1651486182909867-1177536087561785242800184-production-app-host-vla-pcode-255
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 02 May 2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 02 May 2022 10:09:43 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/254948/getBulk/ 68 KB
23 KB 311ms
311ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/254948/getBulk/v2?dl=https%3A%2F%2Fwww.liveinternet.ru%2F&date=2022-05-02T10%3A09%3A42.105%2B00%3A00&pd=2&pdh=1200&pdw=1600&pr1=1826146523&pr=3653722545&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=www.liveinternet.ru&ylv=0.575931&ybv=0.575931&ytt=243543437344773&is-turbo=0&skip-token=yabs.NzIwNTc2MDU4MDc1OTM3NjU%3D&ad-session-id=7045081651486181599&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A480%2C%22top%22%3A802%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=575931&available-width=300&pp=noj&ps=erxe&p2=ganf&puid1=&puid2=&puid3=&slotNumber=3&bids=W3siY2FtcGFpZ25faWQiOjcxNzc2NywicmVzcG9uc2VfdGltZSI6NTU1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMzNzg1MyJ9LHsiY2FtcGFpZ25faWQiOjc2MzEyOCwicmVzcG9uc2VfdGltZSI6MTgzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzI0MjY4In0seyJjYW1wYWlnbl9pZCI6NzkzNTM4LCJyZXNwb25zZV90aW1lIjoxMTUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNjkzNzQ0In0seyJjYW1wYWlnbl9pZCI6Nzc2NTg5LCJyZXNwb25zZV90aW1lIjoyODcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiIyMDpsaXZlaW50ZXJuZXRfMzAweDI1MF9ib3RfMiJ9LHsiY2FtcGFpZ25faWQiOjg1MTc2NSwicmVzcG9uc2VfdGltZSI6MTE1LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoieU8zUjJjRjZSZGQ5dlF5YU5UY0wifSx7ImNhbXBhaWduX2lkIjoxNDYwODIyLCJyZXNwb25zZV90aW1lIjoxMDYsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODE2In0seyJjYW1wYWlnbl9pZCI6OTU4NTAxLCJyZXNwb25zZV90aW1lIjozOTAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzRfbGl2ZWludGVybmV0LnJ1X2Rlc2t0b3BfYWRmb3hfYm90Ml8zMDB4MjUwIn0seyJjYW1wYWlnbl9pZCI6NzY5MTYwLCJyZXNwb25zZV90aW1lIjoxMjksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjIxMzk0In0seyJjYW1wYWlnbl9pZCI6MTQ1ODE5MywicmVzcG9uc2VfdGltZSI6MTkwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiOTk2In1d&utf8=%E2%9C%93&pcode-test-ids=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&pcode-flags-map=eJyVV11v2zYU%2FSuDn4OBlChR6hsl0TYRilRJyo5bFETXZU%2FBMHRpMaDof9%2BlJNuR7NBpHvIFn3O%2Fz738seKKVZL7Wje8tn6%2FFY5LYd3q3ccfq%2B%2Bfn749rt6tnOn56m71%2FPjvs%2FgT%2FiZJibJy9fPT3aoRdsA3fM166bzb8pZ73nbu4JveMCe0uslF04Gr5Y1gfi2ArhIOsNx3RmgjgGvNaqfNjAn9jsIXvmAjA9tOyx5cqXrntPJMifbSmTH4CwI6EPRKrLUB1FsgYzbqLVMbSKYU9T2kwuh%2Bs%2FVSb0Q944BYwJOja8cYZ5xpQpNk4JwKtOvKqUjxdBJMS%2FwSeM4qlFe4rW8tD386bnyvGvjOqsZrJQ83iDOSTJllFoJSG88fOr%2BWDH5ZmvLu0F1Uz0M6oVGsMLw5Vjhuk6Y5Tl%2BxecPYjBgvWZP8xDr5vtWKHzrtIBPetkxK33FTcxWfhAyRJB3Tbfj7nlvndy0DD41u%2FYFBeh%2B86eMUCU2TMUi71XsvWcXl2YuxSeIMKcKoPAVke7PjB2gWteMGJlJ7xfeeNbXhMAE7Pn1gRrkTDddzTpwX%2BMR5gfbAbZfj9D0vcfkXBBMjCk4JC20n1Fp7KdR9PDjoujRbVmtyQssGGP3JN6GgqxWTvtVNL%2BPNlWUZSumJOOSoDgmHfE3z6fjDjeoDRUFeDluvbN912jjocKlZmC5bG9E5b03t98wooTY3OGlG6C%2F3PEzWVs6lAQd1nFHnKSXFibrVY5RMSEDXOnzvmOQOdFexdp49KTZb56vNjI%2BmiJ5LY90oVFcaI6MEQYfOsFlejFjWrPWDbyE%2FO2FFJWQICBwbVHRG8%2FjfP3PhpWmKjlo9pTtkgrXdS9zz12%2BPM1iRlhMMpNDa0IpLzKWtE%2BiqvxW4vFd8JjsfofPzhN4lGazLDH4URYHv0ozgorhL0jJLw48M0fwuyQkh6V2CEqja8SMpKvMc4BSVCAOcElJ8mglZiRGefPKWc%2BV1BZO1m7uxevz78x9Pj%2FP1kifl2GRrAbFA%2FFs%2BVFi5eBpIlk7r5QNXiQclBz3fKJ9g%2Fz6FFuCdT6MEWZKUo9p1MLW188ZVkH%2FQAR7F0aTMRo9r3atB1h62JgopaDFtrJMS%2B0a3TKgYDOqRpNN6CKoYmqPWbaX9upcSphnyHMVjkHN0ym1l9D0UBvLqN0Y0cSTNivyqwx7uLGdEFYVD7%2BRjvHvRbLgLnnfhZoiiUoIxPVc0BAl3QgOHAlxMmziWYFKgM%2FZ4DFbahFE0rBG9%2Fe2NDAcWoh3D9Ezu2cHGkenx0GnWHTSi7bSCcXai5bqf63ayFEJCUDpmashP2JV2ueov7GVA80IADA%2BKc7QXNDoOJ5Qml3CxDgtsH%2BTzVl%2B9wnB0YMdkP6tWiq6jTxd%2F6GmhOiiyZ6aN287xNLU3F%2FgSmiFERqGXHPYfrB0DS4IZwRYJT5awqbyLKTQc1mgD%2B%2FWN4xjW%2FFRrZmw4Uh07tws3BhYGnOgvObIZvkAETYI1bVsQ%2B53g%2B7Dno6Zzmk87w4oPsGm4smDsvDWiYIryDE0JgNtEwbau4YQX7SYOS8Doiy5BDwg6jHXhPoqXuCyLYgEcDqs57MvT4%2Bev8wTjfFJmuFjh4Gy1ZaIOBbNb1sBFCxJ2w2U8LaPZO2Jks3HJPGPDHml0P7T28P66NZGvmB1UL1wFbwRb28HhWG956KJrj4ZsNoc0wyWZ9piyohnmaJhBLuHprJwNmXPCDTraHF5rl4u7kcI5cfEI2DPh4OIcrqK1MPA8YcruwebVtznO5u1bkGmfGN5BI4xPm%2BM7h63d4LvRUt64aHE5Xcmssc398jwBzwuKFrGE%2FxyTBITD87HtpRMVU2q8qpd2vzw%2Fzd0nRfn6hRk7EFGe58V5PVxxuEzxwuFyegZuDKuSeOsQjMj5sz5ow6xfcIJin7%2By4XB2FfHzf1m0JP8%3D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=vZNJ%2FuuJkuuHqkLfFN2WUa38%2Bgn4V0gfRQV%2Fpf4HpKhWLCO4%2Fd6IHYrZnbe4VixUcwST5blATjLfPzRRuyTkSmpNZdc%3D&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&grab-orig-len=3392&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyNDl9ClKmkrDkJuoBMVBHDUi1H8gP7dM4UkuWWldELVUkqlqBTjkJ-yPn5HJ4m0xgkze91ZeHUsnakG-qoEFLxPnzOSe5NdBHDHAFY4wQJ8wJZ9qq6s5JECOEITCMMUZOQNfCzuCpkyxVZ0kHam_YEWWLDyiJ5Atr4hb3JukNowmbtGEdtpQSlt6QmyAiWyID4UAXcxOz2hqEg0COKBpKRBwpmjAibdJ-fILjENRN_URxvhB1hgsbZj-ueICd6CH1hueb1xvwJ4_VpGW_r99wofg4RAcTNowPkDbRDAmXRKS9tIh5QIwWW3rDdPVG-FWKhrJtv1D8ASo67m-JiBc3bkQRKT6HtH9e_EKhRZT9RVN2h83lsIYjRF8lXMgv6tgpm-y9i2u5TA3yiWN8HfmUU1OJdmrBR550RFJTG3f4Kn2iSl0plaWzmmkTGo3JTJvlOpM50SaazASACKfZWfeYabIk7-qcJkPg1mVKfaqlTrQqtbvrVZ-oThC4_VOYexM_1RTfu9FB3cxsGrF2FdeETf5nnbTgAGURYErcsN7pI7WBOC7JwaQH9F44RHyVTXF3Tr8Tu53-wuFkMGGpUp0yWLuvzQ-QPQr3dhbvFpuAxTNvBfuC8MYcL1VEtmUfNsNfedAnWDxLjnmVx1u7swbDoNLBNJl1Wthdr8mVSgTuXKOhzukytyedVq3OUh9kKmWWGnJuOrgat4m1EbyRadbCalZS52pu3BqtGo7yGPOQQpnkidvUCLxbiCjMzjxIyqBR0Q0pXw59ZGlyraaSLX5WVju354O_nxDmb0KVJ3aHw1duqqWjTfQqDRWNuhtUIPmgqTNYWzet7TNMiL_Y2vqSSHLD2nlSQ5-kB9TNbsgNasPrh6N9efwi1_HuOKS3lnn3jcZulB8i6ppmveJalPwOHNfRu9A5e_g7AAcfyP9ZgnlOzDF14rEn7HHFXSGulILxhjJviWONCQvqc28eIhhPFfGU-OcD9O9V9jgqatuAath9LW03751Cn3GS3YvDb0LCrrNt-NdIvi2PST16hK9jfnrycwq0-TrR6eYafy8_uDF5tAPb3yKv47C2QIA2oj7J3VLKb4TNTsso-z5TI3D7wZOGk2bTHA537CUbExSeldU9st2yoCh4qwoJ1F5dY5qR1Xt95yT93i9p-Mw2ejYzxk22AbSFFd8XbRP4d2PCa0e8MM9Vj045Y6iKEhaU2p9oby-cUiJ2HOAbhEnjFeyHb0A25FwZdxYPchaXCdgpp4VqMrg-wy2mzEal8EzawDfQ9XOyzenz6ju9SsTgH7Y_rVUmWv2MawT7A-NdVnorOJxVJJHc5R82RyQtmkN4o3e4GJjA4TyxKM8ihqtkatIomBgO3tsX2SjrGBwOc7e7rLYgZlaOnKdvVP3fNFNd-Wi0UyFRVam18KUsFPhFb2BUDTUOffU-0j4pJxG86vaSWrgoIomIOQkDv25R3ZynpkOlPKYu5cQMde_ceyDUcdStYl2bkhMC7sQpWKpzqwlWgjv-hfy-oNW93rOhFP2hWB2_0mz4jUHCkNer_mxiDoiggcrESQJS4GhY9tx_Q5xEIa5YulFin-qgNMimPAgjTUr3-UpGJN6xxnm0ZfNmsRfEvZw96NKz93rsY4HhHX3s0fIKb8jg6-dvMu4HFKvBnzrM8GSCxAA8DqHgro29Vax8nqW9ghth292IV0zKLE_1tKeEq0pp_JCTDKSk3jnn3Io3FNgNd7k5vXgefv_7j6_JDZnGxC2UxhEIr3wgF_LecqyUT7oUVrtke5AqOlXtrIrmAwsISnwJHCnRmzuJNiSTCMy7w0QDMAJxEERtu7wJN_s6vm4oN82Ga-X_y7wFu2th7PRWhJ0BodVbLGDpDPZuY2D0kggYGa1-isGJulxvzJNxpbNrJHWyR0ReMk2lCchnmrfsrl4QcLxlmt0mu8PC6OivCV4HfK5OeqLqoN_z1AsaSGpt0m0Ou6MWFaajmt6q9Jvov8S4PGZDP9dGHCTHt0iOYQ6rxWrfYZVbk_-1144qy3xNTry1hcCqeCuYwCv6srOVZcUcqpMXj6S_8qK40o9OR5lud7mojyqoqljkXTVaXbJ52f2IKZ6RYYtvABnpEvlKC0LlMjfq_aeEMqI1yQhbCwLLewiUkcyWQ4uNy5dP58LKBiGmb_vEz31thD4quwgVITeDvq7iDnm_KkaOVIgVCiXiaf28yIHFI8gxr_5Crn1WnV4TFYEwDEQcjCzvQ_xl4s4HyYxLZJxFOnWRI65UJosVzF7VZLzS42AZUUM-SP_yEpL3O6XdeeMtEZmnPV0uF0ejYJwj0qgSIxgaKgNiurbZpmui6r1zVIULIZ94KEYnC4ZRvv-JJmMrW52DbhgWz0BE0KZm6BsIwm0IMTZsszDRT8dVxS-Tz627AmNBy3U5jRHUVKvWa6kROd7GZGGc8d1tR2i3reAB5U4K6WoI92DArikRnXbp8BqRezlfiIeGfREWkDyyBOdjcYYO2O6-ksE5EEAsxw_cGWjcAwc_5CE2Ane3AN07uQCrmqHqCmPDezbRwdrMt3BrD2VNzBHHJqvlsZu4bworS83C0T-8NDeCQptpMqUasDkcxA2zlZdsEPdvb_4jGFUeWjLPC30HhO-KtRY4cuTAiNfQxizJKn-1nz_gsmGfXsRe9F4i0LzTCalm2Hg9utjFNYtcbYxQfF2KWGQ_Tg2ZZnoVTabWZTqfQODjg69MFeVoFCEP_K8evjyeUK2Vy7iEpyCSn6TgLkl85h4CHjdfEO-4xLnKJQz62zzjRgQ1XCsezPJBLCcZAZe8shGekhH-WtGnlY0PNfp48bIbwRZ9KErwgMApF-1VCXqIVHZ60WxTDIqvnJfo5fqgh0LhRmLzi9qE7AUsJPktHihOcRRWlie0gwgaRBoGe6QhHu9UssrkcNkH6aUqRYY-kSM7KDtXG52Z2d80iNSpikZl1FOlaabWw_T1FaQqbXmi0VShki_9qdSJg-FsDh85hidf8sIEMijwewN4IyyCIYODhR7MJdhHUpe5AuEDCshA9BNiZGGwchBCkoen08JNlD4UfjYoILwUVSFD-Q_WJyazatBnuLFIOhU1XXoxx-wsEC50FPx-IYFb2st1sLP04lV20wkFPVqmgqQINqgQpZtj0D33Ol04Gn6e5N9BzTd8cRXD16TnHn-w0mI2e8HCarwRyV0Pd0gM-mzh3taaewRjDB2jD5XiLcvu8yvuramh7id_pyQ0B7OTetOvY9cq0R7vdIsW8hbAjL2wJiGCdZV0V7BdUVvIv_5QLMUYUYuzY-emNaC8_Swwp3EgaQAFVhBSBwC_AfQ%3D&tga-with-creatives=1

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

05875443595fb8a07f74fcaa1fc2f61b77dffaff2081e7a742631b37dc7bdb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1651486182916240-315771032926198419500184-production-app-host-vla-pcode-94
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 02 May 2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 02 May 2022 10:09:43 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9626._WdD3OzBhGrpQeKwF5q6t8mvZkZVwIRsiq6USnVS-D7xS0ZI9Y3k5-x_n49fAWc5.pJxccX1C2CzgicRi8WY33G_ymGE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9626.X3u8h5rb6vWOml-3iVrzDxiAhbt71rZULQpyhwRZKhMoaQDaLk3F0Mb_Fbdu7NzVANFQ5NdFOGeqHZoxoc7BKcjhIlLSwch0zsF0XemKAmk%2C.iecZMZgNHWZv1YgRPc8GPqUYrz0%2C

43 B
354 B

54ms
53ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9626.X3u8h5rb6vWOml-3iVrzDxiAhbt71rZULQpyhwRZKhMoaQDaLk3F0Mb_Fbdu7NzVANFQ5NdFOGeqHZoxoc7BKcjhIlLSwch0zsF0XemKAmk%2C.iecZMZgNHWZv1YgRPc8GPqUYrz0%2C

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9626.X3u8h5rb6vWOml-3iVrzDxiAhbt71rZULQpyhwRZKhMoaQDaLk3F0Mb_Fbdu7NzVANFQ5NdFOGeqHZoxoc7BKcjhIlLSwch0zsF0XemKAmk%2C.iecZMZgNHWZv1YgRPc8GPqUYrz0%2C
date: Mon, 02 May 2022 10:09:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 43ms
19ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/575931/d764300e195c28c18d93.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

1a2a973b315180e0c66fa0077f283830e37bfeba27f267dfdc2304c0bd944c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28529
x-xss-protection: 0
server: sffe
etag: "1202 / 825 of 1000 / last-modified: 1651480926"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 02 May 2022 10:09:42 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
230 B 187ms
64ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?hash=f27dae8d15cf44e9&pm=cyz&p5=jxahr&rand=jffdflo&sj=4tHojkaBi3NdHymf1nGMhX4sp4reiQsbJVtZNhoZDN5UpTNCE5Q7uV_XZmar9Q%3D%3D&ad-session-id=7045081651486181599&utg=oxum&lts=fizyoxi&ytt=243543437344773&ybv=0.575931&ylv=0.575931&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=lvnljaf&p1=consd&rqs=5hlriXQYhRnmrW9iaflDwbdyDgbgqipi&p2=y

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 10:09:43 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pubads_impl_2022042801.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
125 KB 34ms
10ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 09:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127788
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 08:38:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 02 May 2023 09:45:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 308 B
184 B 45ms
22ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

659266e1891081f45405f90065fbfd1849577a5c6a8df8c14f8680b61a4494c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159
x-xss-protection: 0
expires: Mon, 02 May 2022 10:09:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 39ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.liveinternet.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 295ms
295ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1380397679045905&correlator=1733639824368739&eid=31067354%2C31067356%2C31061828&output=ldjh&gdfp_req=1&vrg=2022042801&ptt=17&impl=fifs&iu_parts=22475160250%2Cca-pub-4174476502446320-tag&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=2177437627&didk=1715358549&sfv=1-0-38&ecs=20220502&fsapi=false&sc=1&cookie=ID%3D9d3269cc972834d4-22a8d22988cd00db%3AT%3D1651486182%3ART%3D1651486182%3AS%3DALNI_MbVmnGqtEOml29xLdEhwkihSvqP_Q&abxe=1&dt=1651486182382&lmt=1651486182&dlt=1651486180940&idt=1409&biw=1600&bih=1200&adxs=315&adys=358&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.liveinternet.ru%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1280x250&msz=1280x250&fws=0&ohw=0&ga_vid=175933928.1651486181&ga_sid=1651486181&ga_hid=604168834&ga_fc=false&btvi=0&topics=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4b188a156b53d268639aa5756e6436fec005bffc38f1138d12769671d6fd4912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10221
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4B1 6 KB
4 KB 107ms
19ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:43 GMT
expires: Tue, 02 May 2023 10:09:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/5260562/8XL_G3Hv71HVHDyX2GPZGg/ 14 KB
14 KB 68ms
67ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5260562/8XL_G3Hv71HVHDyX2GPZGg/x300
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 3e95b5d6251ce147bb21811f3711e2d10afba08a1cabbfb4ad97dd105d9661b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
last-modified: Thu, 17 Mar 2022 08:12:56 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14068
x-request-id: b1bfa7a254235cde

GET
H/1.1 200
Ok nataliedate.com
favicon.yandex.net/favicon/ 792 B
1005 B 156ms
52ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/nataliedate.com?size=32&stub=1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7e13a73480283ea7702a7c762a362c4da09447668a3113c8b90a216095b58785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.com/watch/125905/
Redirect Chain

https://mc.yandex.com/watch/125905?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%...
https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Ae...

319 B
692 B

55ms
55ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486182%3Ac%3A1%3Arn%3A775687489%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651486180491%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486182%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

60afeaa61c2e1f5d949f8515e902ea5cf9aa7427ffc27946979a47c66aac03d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 02-May-2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 319
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
last-modified: Mon, 02-May-2022 10:09:43 GMT
location: /watch/125905/1?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486182%3Ac%3A1%3Arn%3A775687489%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651486180491%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486182%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:43 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/125905/ 43 B
73 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905/1?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486183%3Ac%3A1%3Arn%3A955146918%3Arqn%3A1%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651486180491%3Ads%3A0%2C128%2C188%2C43%2C129%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486183&t=gdpr(14)mc(p-1-h-1)lt(18300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
last-modified: Mon, 02-May-2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:43 GMT

GET
H2 200 125905 Show response
mc.yandex.com/watch/ 43 B
73 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/125905?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A234993751379%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100942%3Aet%3A1651486183%3Ac%3A1%3Arn%3A847289267%3Arqn%3A2%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651486180491%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486183%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr(14)mc(p-1-h-1)lt(18300)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
last-modified: Mon, 02-May-2022 10:09:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:43 GMT

GET
H3 200 container.html Show response
bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C9E8 6 KB
3 KB 27ms
9ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042801.js?cb=31067354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:43 GMT
expires: Tue, 02 May 2023 10:09:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D485 624 B
297 B 19ms
18ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYx4-oxAEwAQ&v=APEucNVuBx3fpB_yW4shLUfg2Vl6Mfs1emnE4OMure_e_LB_ELZ-ADBdZusvqS7xXWHYfLD4-FmNo3x_WYQChUbOKruZQjNlCEAJwq1kAERLwLiV2hV4qdEVXVZJ_6mAKcvfmVQ2dMfzi3tHZd7_I92_aVZgK5euRS-cunc3MU_uAl924zod4D0

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C9E8 79 KB
32 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY9Coy9trHqnIaQ3MohtxJlSYN4fQfVJmF6rrrq7WBJ2w60C_EcljCBrEG_sQL12_vPMNfPlMV9GIRgbZPhy0rnaqat3W03ea-m88H7p8FbxiFDRlSDMPQqRO2GWfKNldFbeUicbGEEni4XoaSErjookJyjwVatMcUjyILsg954_tL0fw&cry=1&dbm_d=AKAmf-BTB8uuQVnEEo_1_q0bSTYqxPKH6ZYnJi3Z8QPgjgiFzFlcfSFvrYDGux9H_0lE2II7vlBnbFMiY6uqRN1KumhgpMhnC011YHcrmW0Y1rOSmmy6lI_PpPRltTStyoKCHjrL2H4cojOPr8V-QR0DQUS-99BJgU1WmMkKmnV8E3-tfXmSIm8cK51PD1GI78mk480RPo_88zkkxBinhiXL6reac_Sky6IamOPxpMHATbPDLX4rI_maaxccqrOx63ouP_7eyv5uxecYpuOExa6Yu_3F6Z7DfQEmUAWOcqMTlT7gsPtVmIjLgda_xEF8huBrwf-lvZGS8sD3QyA053cyz-ZX53IENCINP-SFKF1oSUDwNKmk1SA1WGHgCk9KBzBj2NI3AXptkRtNMeDr-mOMovQ20hFIt2ixwDNM_Jg5TsljzekgK3mpiPxChqFu981vZtuoT6UMcOedlkBTDU9YScvQnpSkr8KljA_qpJ2ANpZ6GlbtOa1w_oQaNLMGeoQCvX4DQ7CZ4GnagI4j90aTvWCDNxnsXsHH2u7PB8up-W-7Bt09hBV1-8foGCUYj3FKy4DEtsxAY1frTp_R3EZrlHWzzj7rf0mdo9AsqyEnYcmbtCdDhY9vQXVeIbOlJNLp2snX2goqairH7Y56VY2tY27nj_OMuhARQZP8mx-Ib7p6ZnwyG5HE5PSKNKFI0jIFJ_sYPPXsd4pBOur9NfO4aS1SOYqjCAFFHCse1rzcLXTgpeXYg0DqiDTJF4KfSKO_H5U-W_zSysBEwPoGVlwagf8ADuWLCefd8_cRoWBXJI1XXGp0vh9RpNLC3fJg3Q6caTUE3bD-v9UBu64NNkCVRUeEJ87_e1Y_0CcsAAo8kh5oYUpyHbi4Yk0ctBDSr9LwJXXmXjOiNAwlfxcKSYDwmZ69tvt1hwYTCCPsfgKYNEpsRmgIf1ujU0ieUAxXs_HFlkA_0xNcupFkv2v75xY4-oTqbrvkorSRvVU1pey1pAYRFxfZYjHlyhJjf2G_8jRWo-qg6aULUJZQBLLNGIPS6ETRIeNCD8F_Q4NMIBNZsgp-Lka5XrbUgIYbum3v9vpS_E4e6XD52hYzvJTu5rIRyiEfyNH1fQVutn2CT4yBCJU0WsyLJx8fpYUMr1rVxgrCICwz7WjHUCvm7SpNBKV7A_l4-Cpilmdj3lxlmWex-8C1rxgTpHl8QMz_kQF1No1gKPIhzr-5HAvuMhUGYPiJrCvrZKUaD2plwdtEoQkCp7WNq6kN95NsK5e1scWuCeBxqREEbRbj1cxaQiWk-elr8vJs-EFz-q6KJk0PnfrFlBH3rTv_CE2CnifgNgBt308d7wKQVMGC0ThF-UMKXTxRx0rEizP4ClPykTZQ5DvTJ21xPA_dzSJO9-afyfIohh4cZ20xbkEs1dmmyh_pZTIpL4XOyVMq-HMTfbadDzSsAYYYIx3ejJZUH5KmiZGwf-aiBPlY-DNqeR0iuaiozqbsMKLlc9L8Dz5VNkoOTNYfHV3Z4mWzzealnwnkh_2tZMdPYxOP7QoLDybtjgANNuDmN-Db4hNfY4atMgxcTAWLgNELvfgNjlHnd1eRii0nu_jFIn0l-Ty8PAr1gQ4I0MBLC1fw1wGLYggZ2mO16VGPJUp-peHkBARmYcWmVlTcXjCYIAut4VhTjQqJcm6rSYypC8Z5fl68rFqvFG8O4ambiN5-2vHFM9VVjcbs7IBYI5EX9PPfoKs4pYwxmlDf7O6tFLW7a4OqwyfT9FEsRTLV4HIVm_k8aNECwPmy6rthep9dp9RVVpoptNK4HK0RAgh0hoEYzywYmgvuFdRufWSaVy9V2FW5okkQjCtDuOi8Bm18q-BHr5cWB8tPLsMG_xtIAfL4Jt4u9HFtMvuckhuyHouP9TZwYPxUWcpYNLS0FN2If9WCZAAUG4CbtrKGVKEF3bwWRL7efsmpAK7iiPyOfEfUgl-oDRsyxWZ1UAw4QuQKNxcq0xlh5iuVv0K5oQAKW8iXHWGgHhoF4fegpN5BguTJhjrxQ6I7ofoDGqD3XXjUXE5CThy4CDeHI5_2rFoRZ9FcVd1oLNgfUoHw2O4rjMmSVJe6KoSmtX0gOFTiegl9RKHza7IxLq7Pu31fZspQYlDQCgRPBwNmUChoOPD3Ytcox7z_qSGfhoxuPY_luGFAYlK9q7RjEiyXQDH9aKY2KpvZnirRMx3rOicJgi1k4OXHyokNSF-_IiLkXG3cIlU_8xlaz_KaTsWtoMq-LrodgJPZkBez3_tNLAe2VIjal5LOf0qFazqTbrxjxlwKrJoYwQr0iB73hrdzpHhNHSfYeJBTiP0OPxND0PgZaM-QvCcR1I2xBvqwSGz2iLnqRs1bN9u2w99z5iQa-ews27WLzhTQtb7GRHigF7G73yUS-buRA266l6o0GBdjYhVu7SlXT-ob-9glrrTgNYKsO0s5zQHhUxmR8cRVHQ34tNVsFK14uJGCAsRf1nwHQcRhmnfaGGpw0jf2q0QHuIBOYQJgoZk7VS4c4uwU7HdVpa5RRHc49R2l6hDZeeLyxUT52wH2EdvMgrvj1uGaWHhW8n8HHj0QLcIBU9zWqCH-Bvge-5mNhn8PpB1Fm0HYXo0VmnNmy21X3utj_Lu5Wb3b7DEnGn3N-1ehQ9C2mqTrLzZi4rqkrLbUC9GNMsGTl7eggp0MWNq7x1Uqhg3dOjDCTQTi3BCV2GT8Ee3TEwRpqzQ5F8S8xRwQBWjpDWTZxdFI5oFgHjhcw0-N30-TLRhPiR-AUYIIkBXOB4fZJ9co_--wnx9DNFSjb5DIHG19zLgz-b9YiO-8czCWpHmgYHXUxNJTjBY3cmSJIRqJ5TEOLzS5H8BsOOI2U4lR0ph0CXLjIVz5ySSyRfaZwYlq11zs7N0dju8BPa9cAcvAY8BmRnMO2pzHp0Vw5E6QuYdw6-x59PsweadGKMVg3nCoNx0gqv1bHAJdrBygjjVrkcX-kDQbopT4I7nK45LqA2RToGLslIyPDCB3Kjp4z5l9PU5pgTRQ9Z8rl2DlTuumuJBNd729scE1hqPaP1PtOB1f2QtDsRQnaTVghyjfK_wJ534ogcB7GyNbUUFqS8DEdW49wRRD_GjUUg_6aUWqSgOZwitSQwioz34_xOmg_TXYzMO4IqwDxefmtix7sP9c0UvB0qQgAp80to7LmJxtPvRfwkIpK3-iFeELYTh6B-mMMm55PWxChgDHqLyz1543C8yR-YfXNK46QtkEorGLAijC1Zc02VGMfLb5qbxae74p5WJcO2X2i5038Ut2yK7rJ02w0-5TWdJF2abj1xJlJ-ZlORlg9leY5Hq3wCRyqnUaLSXDN1DdZmT_Ma7QU0Pq_2PgFVgQ1iFwHqRXPZnF8NDn3q2dhh4CYzSSjaRkEL4dYDMvmN2P6G6x9m65O_Sa1otZ0XrAcWz4UfyOz7rIigZ1PcUA7mU8WlYlXzdJLxgt2BNdyNYzuiHtmXxB-DHqp3NrAsYjyyu-zJo4UHFB2J8momZa32DuBlWHmpvpGbGYzMUDxdw2idpqYSVYriiwzfODcot3IKI4Eiki5FLwKhz6VYgCwtafxru_W-reDOYY4kH-0utXVvlG5HspO4BjSdJRiSa6DAPWGqdX1zBPT0naXOxahik2PSdBnfkALk_7hJYWJJkXNujP8AjT2mkLiVweXJbsoNmbs1TbOlyLzATCesKHu3P4Y0CXfFK9bL28IFMugSB5LV0g9E280FuxxKzMcWaTQg1oDiHdeqdV2sghQ27SmGGq5L3gPG4Elwdv7MdSjkFFJxtZRc-4HI0TmvqVfPcc2hjsPkFxxu77VCL9YgmtHKCTTr-cmb5IvU9zGuB4bzJr1_WayeyZ08iYN1VF1KpAWFWpIIAou-aVLibVZ-Y1mCVLLqBV1_GfjF6Tj11GCCmQYj-wZ6wdx5TXgm-9t4g_IjeRNLAL737rOU8Pxxx17oNqt7A0bia98rF-KF9JXACorEWDhpZyuthExDlYeqHQHDOlWXwFQVF7KB6L-OzK8oaNTrLqlaUw&cid=CAASJeRoM_dVDstTqmqmB9YOKjEfN6wnazMAqCQBhYrQ0fbTBYU7NCM&rfl=1%2Chttps%253A%252F%252Fwww.liveinternet.ru%252F%240

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f0cf355f9b9a7412740fa906bbe0e7c9b583c6b8edd8b559fbe5c0202883081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9E8 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DClNqkyDKUihh53RxInr6TUwwJwJlnF34yf3XMfF_9xGUo7IAHi8djpckepL_rLJI8c6hvoVFgofCKUi5DIsPWT9HHMgw-94ma9g03FlxLtSpxA_8

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C9E8 3 KB
1 KB 42ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 10:04:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9E8 120 KB
37 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 10:09:43 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C9E8 15 KB
7 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 10:08:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C9E8 0
0 42ms
17ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1AjuVA2sDPYlGMeYf9gL0_kTuxKQ0EoZfsP4PmcLnYsc87rGklD55UqAVgFs2Vn8zieObgioeuIwi_MHVuirwuEaTMA
Requested by: Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D485
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1

43 B
894 B

19ms
18ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYx4-oxAEwAQ&v=APEucNVuBx3fpB_yW4shLUfg2Vl6Mfs1emnE4OMure_e_LB_ELZ-ADBdZusvqS7xXWHYfLD4-FmNo3x_WYQChUbOKruZQjNlCEAJwq1kAERLwLiV2hV4qdEVXVZJ_6mAKcvfmVQ2dMfzi3tHZd7_I92_aVZgK5euRS-cunc3MU_uAl924zod4D0
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 10:09:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D485
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ym.t5.5rLOSRX8KMd1ZqawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1&google_hm=2

43 B
894 B

36ms
35ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYx4-oxAEwAQ&v=APEucNVuBx3fpB_yW4shLUfg2Vl6Mfs1emnE4OMure_e_LB_ELZ-ADBdZusvqS7xXWHYfLD4-FmNo3x_WYQChUbOKruZQjNlCEAJwq1kAERLwLiV2hV4qdEVXVZJ_6mAKcvfmVQ2dMfzi3tHZd7_I92_aVZgK5euRS-cunc3MU_uAl924zod4D0
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 May 2022 10:09:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPFnno63wTSoJKtiloemLhU&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D485
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOA3bt07i1lZ8lHzEwj7kZA&google_cver=1

43 B
1010 B

33ms
25ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOA3bt07i1lZ8lHzEwj7kZA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYx4-oxAEwAQ&v=APEucNVuBx3fpB_yW4shLUfg2Vl6Mfs1emnE4OMure_e_LB_ELZ-ADBdZusvqS7xXWHYfLD4-FmNo3x_WYQChUbOKruZQjNlCEAJwq1kAERLwLiV2hV4qdEVXVZJ_6mAKcvfmVQ2dMfzi3tHZd7_I92_aVZgK5euRS-cunc3MU_uAl924zod4D0

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8c1d76cf-6472-40cc-9eba-83fb99e3cd02
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOA3bt07i1lZ8lHzEwj7kZA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D485
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjkxODIxMjM3MTE0OTA3OA%3D%3D

170 B
188 B

32ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjkxODIxMjM3MTE0OTA3OA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc112d4e-275c-47e7-859a-38c8487d7e89
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk3NjkxODIxMjM3MTE0OTA3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C9E8 119 KB
42 KB 61ms
9ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 May 2022 07:49:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame C9E8 8 KB
3 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DY9Coy9trHqnIaQ3MohtxJlSYN4fQfVJmF6rrrq7WBJ2w60C_EcljCBrEG_sQL12_vPMNfPlMV9GIRgbZPhy0rnaqat3W03ea-m88H7p8FbxiFDRlSDMPQqRO2GWfKNldFbeUicbGEEni4XoaSErjookJyjwVatMcUjyILsg954_tL0fw&cry=1&dbm_d=AKAmf-BTB8uuQVnEEo_1_q0bSTYqxPKH6ZYnJi3Z8QPgjgiFzFlcfSFvrYDGux9H_0lE2II7vlBnbFMiY6uqRN1KumhgpMhnC011YHcrmW0Y1rOSmmy6lI_PpPRltTStyoKCHjrL2H4cojOPr8V-QR0DQUS-99BJgU1WmMkKmnV8E3-tfXmSIm8cK51PD1GI78mk480RPo_88zkkxBinhiXL6reac_Sky6IamOPxpMHATbPDLX4rI_maaxccqrOx63ouP_7eyv5uxecYpuOExa6Yu_3F6Z7DfQEmUAWOcqMTlT7gsPtVmIjLgda_xEF8huBrwf-lvZGS8sD3QyA053cyz-ZX53IENCINP-SFKF1oSUDwNKmk1SA1WGHgCk9KBzBj2NI3AXptkRtNMeDr-mOMovQ20hFIt2ixwDNM_Jg5TsljzekgK3mpiPxChqFu981vZtuoT6UMcOedlkBTDU9YScvQnpSkr8KljA_qpJ2ANpZ6GlbtOa1w_oQaNLMGeoQCvX4DQ7CZ4GnagI4j90aTvWCDNxnsXsHH2u7PB8up-W-7Bt09hBV1-8foGCUYj3FKy4DEtsxAY1frTp_R3EZrlHWzzj7rf0mdo9AsqyEnYcmbtCdDhY9vQXVeIbOlJNLp2snX2goqairH7Y56VY2tY27nj_OMuhARQZP8mx-Ib7p6ZnwyG5HE5PSKNKFI0jIFJ_sYPPXsd4pBOur9NfO4aS1SOYqjCAFFHCse1rzcLXTgpeXYg0DqiDTJF4KfSKO_H5U-W_zSysBEwPoGVlwagf8ADuWLCefd8_cRoWBXJI1XXGp0vh9RpNLC3fJg3Q6caTUE3bD-v9UBu64NNkCVRUeEJ87_e1Y_0CcsAAo8kh5oYUpyHbi4Yk0ctBDSr9LwJXXmXjOiNAwlfxcKSYDwmZ69tvt1hwYTCCPsfgKYNEpsRmgIf1ujU0ieUAxXs_HFlkA_0xNcupFkv2v75xY4-oTqbrvkorSRvVU1pey1pAYRFxfZYjHlyhJjf2G_8jRWo-qg6aULUJZQBLLNGIPS6ETRIeNCD8F_Q4NMIBNZsgp-Lka5XrbUgIYbum3v9vpS_E4e6XD52hYzvJTu5rIRyiEfyNH1fQVutn2CT4yBCJU0WsyLJx8fpYUMr1rVxgrCICwz7WjHUCvm7SpNBKV7A_l4-Cpilmdj3lxlmWex-8C1rxgTpHl8QMz_kQF1No1gKPIhzr-5HAvuMhUGYPiJrCvrZKUaD2plwdtEoQkCp7WNq6kN95NsK5e1scWuCeBxqREEbRbj1cxaQiWk-elr8vJs-EFz-q6KJk0PnfrFlBH3rTv_CE2CnifgNgBt308d7wKQVMGC0ThF-UMKXTxRx0rEizP4ClPykTZQ5DvTJ21xPA_dzSJO9-afyfIohh4cZ20xbkEs1dmmyh_pZTIpL4XOyVMq-HMTfbadDzSsAYYYIx3ejJZUH5KmiZGwf-aiBPlY-DNqeR0iuaiozqbsMKLlc9L8Dz5VNkoOTNYfHV3Z4mWzzealnwnkh_2tZMdPYxOP7QoLDybtjgANNuDmN-Db4hNfY4atMgxcTAWLgNELvfgNjlHnd1eRii0nu_jFIn0l-Ty8PAr1gQ4I0MBLC1fw1wGLYggZ2mO16VGPJUp-peHkBARmYcWmVlTcXjCYIAut4VhTjQqJcm6rSYypC8Z5fl68rFqvFG8O4ambiN5-2vHFM9VVjcbs7IBYI5EX9PPfoKs4pYwxmlDf7O6tFLW7a4OqwyfT9FEsRTLV4HIVm_k8aNECwPmy6rthep9dp9RVVpoptNK4HK0RAgh0hoEYzywYmgvuFdRufWSaVy9V2FW5okkQjCtDuOi8Bm18q-BHr5cWB8tPLsMG_xtIAfL4Jt4u9HFtMvuckhuyHouP9TZwYPxUWcpYNLS0FN2If9WCZAAUG4CbtrKGVKEF3bwWRL7efsmpAK7iiPyOfEfUgl-oDRsyxWZ1UAw4QuQKNxcq0xlh5iuVv0K5oQAKW8iXHWGgHhoF4fegpN5BguTJhjrxQ6I7ofoDGqD3XXjUXE5CThy4CDeHI5_2rFoRZ9FcVd1oLNgfUoHw2O4rjMmSVJe6KoSmtX0gOFTiegl9RKHza7IxLq7Pu31fZspQYlDQCgRPBwNmUChoOPD3Ytcox7z_qSGfhoxuPY_luGFAYlK9q7RjEiyXQDH9aKY2KpvZnirRMx3rOicJgi1k4OXHyokNSF-_IiLkXG3cIlU_8xlaz_KaTsWtoMq-LrodgJPZkBez3_tNLAe2VIjal5LOf0qFazqTbrxjxlwKrJoYwQr0iB73hrdzpHhNHSfYeJBTiP0OPxND0PgZaM-QvCcR1I2xBvqwSGz2iLnqRs1bN9u2w99z5iQa-ews27WLzhTQtb7GRHigF7G73yUS-buRA266l6o0GBdjYhVu7SlXT-ob-9glrrTgNYKsO0s5zQHhUxmR8cRVHQ34tNVsFK14uJGCAsRf1nwHQcRhmnfaGGpw0jf2q0QHuIBOYQJgoZk7VS4c4uwU7HdVpa5RRHc49R2l6hDZeeLyxUT52wH2EdvMgrvj1uGaWHhW8n8HHj0QLcIBU9zWqCH-Bvge-5mNhn8PpB1Fm0HYXo0VmnNmy21X3utj_Lu5Wb3b7DEnGn3N-1ehQ9C2mqTrLzZi4rqkrLbUC9GNMsGTl7eggp0MWNq7x1Uqhg3dOjDCTQTi3BCV2GT8Ee3TEwRpqzQ5F8S8xRwQBWjpDWTZxdFI5oFgHjhcw0-N30-TLRhPiR-AUYIIkBXOB4fZJ9co_--wnx9DNFSjb5DIHG19zLgz-b9YiO-8czCWpHmgYHXUxNJTjBY3cmSJIRqJ5TEOLzS5H8BsOOI2U4lR0ph0CXLjIVz5ySSyRfaZwYlq11zs7N0dju8BPa9cAcvAY8BmRnMO2pzHp0Vw5E6QuYdw6-x59PsweadGKMVg3nCoNx0gqv1bHAJdrBygjjVrkcX-kDQbopT4I7nK45LqA2RToGLslIyPDCB3Kjp4z5l9PU5pgTRQ9Z8rl2DlTuumuJBNd729scE1hqPaP1PtOB1f2QtDsRQnaTVghyjfK_wJ534ogcB7GyNbUUFqS8DEdW49wRRD_GjUUg_6aUWqSgOZwitSQwioz34_xOmg_TXYzMO4IqwDxefmtix7sP9c0UvB0qQgAp80to7LmJxtPvRfwkIpK3-iFeELYTh6B-mMMm55PWxChgDHqLyz1543C8yR-YfXNK46QtkEorGLAijC1Zc02VGMfLb5qbxae74p5WJcO2X2i5038Ut2yK7rJ02w0-5TWdJF2abj1xJlJ-ZlORlg9leY5Hq3wCRyqnUaLSXDN1DdZmT_Ma7QU0Pq_2PgFVgQ1iFwHqRXPZnF8NDn3q2dhh4CYzSSjaRkEL4dYDMvmN2P6G6x9m65O_Sa1otZ0XrAcWz4UfyOz7rIigZ1PcUA7mU8WlYlXzdJLxgt2BNdyNYzuiHtmXxB-DHqp3NrAsYjyyu-zJo4UHFB2J8momZa32DuBlWHmpvpGbGYzMUDxdw2idpqYSVYriiwzfODcot3IKI4Eiki5FLwKhz6VYgCwtafxru_W-reDOYY4kH-0utXVvlG5HspO4BjSdJRiSa6DAPWGqdX1zBPT0naXOxahik2PSdBnfkALk_7hJYWJJkXNujP8AjT2mkLiVweXJbsoNmbs1TbOlyLzATCesKHu3P4Y0CXfFK9bL28IFMugSB5LV0g9E280FuxxKzMcWaTQg1oDiHdeqdV2sghQ27SmGGq5L3gPG4Elwdv7MdSjkFFJxtZRc-4HI0TmvqVfPcc2hjsPkFxxu77VCL9YgmtHKCTTr-cmb5IvU9zGuB4bzJr1_WayeyZ08iYN1VF1KpAWFWpIIAou-aVLibVZ-Y1mCVLLqBV1_GfjF6Tj11GCCmQYj-wZ6wdx5TXgm-9t4g_IjeRNLAL737rOU8Pxxx17oNqt7A0bia98rF-KF9JXACorEWDhpZyuthExDlYeqHQHDOlWXwFQVF7KB6L-OzK8oaNTrLqlaUw&cid=CAASJeRoM_dVDstTqmqmB9YOKjEfN6wnazMAqCQBhYrQ0fbTBYU7NCM&rfl=1%2Chttps%253A%252F%252Fwww.liveinternet.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 10:07:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame C9E8 25 KB
10 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9783
x-xss-protection: 0
server: cafe
etag: 9821519945299111448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 10:07:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C9E8 41 KB
15 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 16:41:06 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F288 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

age: 15359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Tue, 03 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C9E8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ef0e5b472be2bd0da52e8f15c55a0d2241f27b655d86c0e1259796c13185840

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5005 22 KB
8 KB 9ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

accept-ranges: bytes
age: 360313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 06:04:30 GMT
expires: Fri, 28 Apr 2023 06:04:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1VaclBHMjMxTkxzWlY1&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1VaclBHMjMxTkxzWlY1&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR48awB-KJJS-hI3IhjbTX27n_QrsC_Y5nMh1OP-DNyP2ixDCJI_34

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T1VaclBHMjMxTkxzWlY1&google_gid=CAESEGGqtM7ToEH2rjbRkkO5qy0&google_cver=1&google_push=AYg5qPL2SxMRVVadIetF9yJxhjUeu3IeYGdhPgyKQ8bfIDR48awB-KJJS-hI3IhjbTX27n_QrsC_Y5nMh1OP-DNyP2ixDCJI_34
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDBm95lWzffYcpUobfpCFNY&google_cver=1&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIH...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIHDg_x8SJ8WLk

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIHDg_x8SJ8WLk

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 02 May 2022 10:09:44 GMT
Server: MT3 4379 fe37bbe master pao-pixel-x19 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPI7n-UJYvDfaHj0Dmohjtn6FBq8IMEgKRW2ZHbTgEKei80bBNVt38sl8RSxT1wHJ5j9iomeVtBxn2AWhJIHDg_x8SJ8WLk
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 02 May 2022 10:09:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOmoiHhrbNbgSUMGlW1TfLo&google_cver=1&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ceB-B6aMS3-Eq6DBTzuzfg2&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a8Qx6Z8sZgmU

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ceB-B6aMS3-Eq6DBTzuzfg2&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a8Qx6Z8sZgmU

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 02 May 2022 10:09:43 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ceB-B6aMS3-Eq6DBTzuzfg2&google_push=AYg5qPKLjQRoq1pGTliCrlzcZCcmSdiIOGPKmQR5B9HlY5OXMQLEuW04jNmXXINhUdQesINXrGj1SrqajiuZ_53a8Qx6Z8sZgmU
x-host: tde-deliveryengine-production-6ff4b889bb-szn66
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO9vdfnoPGdYQDu9WycId50&google_cver=1&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4pp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO9vdfnoPGdYQDu9WycId50&google_cver=1&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4NDM0Njk0NTkyMzA2ODI3NA&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4...

170 B
188 B

22ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4NDM0Njk0NTkyMzA2ODI3NA&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4ppthEwj7pAGg58rNtZVJw

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4NDM0Njk0NTkyMzA2ODI3NA&google_push=AYg5qPKXYnVyUrkyVPssafHac4g9-Gc98-P7eGV6OZ8hRmvPcVkLVJr06UVSORcri9VJPczjRw3fj4ppthEwj7pAGg58rNtZVJw
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKs1KD1ZtZf1Et102X5unNg&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym-t5-5rLOSRX8KMd1ZqawAABKgAAAIB&google_push=AYg5qPISeJz3iSAeZwpCh39P1tkl3D_JYjs3OEKQ1tWKQLGc-TmIZA9urzJo0PrIiD649VAl00EQVmDxRryDda8Pz3...

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym-t5-5rLOSRX8KMd1ZqawAABKgAAAIB&google_push=AYg5qPISeJz3iSAeZwpCh39P1tkl3D_JYjs3OEKQ1tWKQLGc-TmIZA9urzJo0PrIiD649VAl00EQVmDxRryDda8Pz3qYaOdHmg&google_gid=CAESEKs1KD1ZtZf1Et102X5unNg&google_cver=1

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ym-t5-5rLOSRX8KMd1ZqawAABKgAAAIB&google_push=AYg5qPISeJz3iSAeZwpCh39P1tkl3D_JYjs3OEKQ1tWKQLGc-TmIZA9urzJo0PrIiD649VAl00EQVmDxRryDda8Pz3qYaOdHmg&google_gid=CAESEKs1KD1ZtZf1Et102X5unNg&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Mon, 02 May 2022 10:09:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEDhuqY3sazzMYJbtEYWxpFA&google_cver=1&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8

170 B
188 B

22ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPLl7g3mTx9TnPUxiLgMU9fNgwmovxpHMAUA_y0DYIgHz4imrLCixkJzYODX3jYMqRZByDMkOs5ZZQcYbyvCNbEFJQYCdi8
strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F288
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEOl9ywE4ugxPDYsG7yVG4Fc&google_cver=1&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKB...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEOl9ywE4ugxPDYsG7yVG4Fc&google_cver=1&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKK...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GPaBq2UjQ_yLbqUuToxJig&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MK...

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GPaBq2UjQ_yLbqUuToxJig&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKBU5vr4

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=GPaBq2UjQ_yLbqUuToxJig&google_push=AYg5qPKZNVmA51fAG57Fp22jhjBBsfXZlWr5ButpF29SwqNO8kUk1G_fSGqHLU3C-T99LduqdaQNiawecHcK4MKKrTHDKBU5vr4
date: Mon, 02 May 2022 10:09:43 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F288 0
12 B 19ms
18ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMRXAQxZKKMPv4uIWdU8teLXTKgC2RulD2Q_b947f9VfKOKSQR_STXRiXXFyK0wGepsiqq

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html Show response
s0.2mdn.net/sadbundle/1337995899757920256/ Frame 2CC4 73 KB
18 KB 34ms
12ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1337995899757920256/CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4bfd88eb224b8ddd06b4449dddf8ceed5632d498409b0a0458378a8e165412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 545968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18758
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 02:30:15 GMT
expires: Wed, 26 Apr 2023 02:30:15 GMT
last-modified: Mon, 07 Mar 2022 09:37:28 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9E8 0
622 B 256ms
51ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0LsWOevyecX_IWXwdQlRrKNfauiI0k9WZ4sxzAzczHL1x7NTksLnJaW5O75Auiopd-5skXNUApqrehlADH5Z1nVkSuZNmJJfauSeRyORZTRHGT9Y0bG4crSMK9YpBt9NEf1sqwi-l8hRRbQgknZCXnWIbaZUXx8v5-OaREt3aOTPZmJBmzox8YRCfPxcgnia8bhZ9vfJ1E7I8H6UnnAZCJ9HhpSRXXqKnXzLxImO5ccFmJxrioHQYCk4bF-Vl0MlOvXiJCTefyvPsVTnWvTctYyn8YgPnCj1FRgJByRe10YB9HVsv35BOoJUED1JOp9VbXaHo-t6HoUuLZlrImpMxkO3XpY_aXNbUiYZu8BKOoNC3I0DZ0zRiFy9w5t9cRwsdyBj87YEXdl4qOVN_oGiKlq2z2eDKI_cw5xnbqpmv4tvJ2p8L8bG19l6u8RSzQxy0VgBZjBqElelD8g5uAbENmrEU_sQ4Krw3_oy0tJ7Zd3A5u3Z9xJ70NwVJlrsdb73AJQ82MkabBRZVS_qatpHLdWGjX624kkla-VSMUeufZC4wcA2Po6jj3zJJERX34wKf0YDrRoKdDC3VmjfaWXRJoucZHrRoaF_14E11EbQMJY_N6yRA-r4KAKJfasl5l7Xg7BBKd_7HOGLKILx5B7p5zz1p1WwaK-6glnInWD4lPNVbRMu37YBCgL5K47-5dDpfLDUcoE4Ejr36I1TG3GdgzrKv9Tu9mdhgdWCCGX2SFCFqa1FS7Uqe9V4KkHcH_Qf-MgFSEy9DS66kudEeauAKY-GEBqOwMJ9VR9erxFJwj-t_CDTs0hQwCnZbzqv-khn3TOaKHs28NDMuMAXhVdweK7RhdCmptDaw105X2wqurBXmnR07r509ZjgZT1ckdWgX2rWgaUp9zajqi05Aonx8R8MF5WQjqD8wnDgoGGbCRuUMCXVr5q6G4vb31-HA_7jgGpZnM1B3XiUFTCf28WnS1mxPBTbvVnlHBSVW9cY8sV01x2ElACeGNgi1Rb2XURQCMpX5Ni1qN5xM48MpMzA28qmEr4xGsIY5P3oE2YnISHcKUvFvv9HECQ0CZUvFcJjk_zzZQxC4NiJQYTOyeyAs_24Q0l5bVHqZBlkO2gZn-hT7wtJCz930_zcBCIUpb8zEDqi5-9bjd0EG_aEq65ClCgFF-HJdY_qa6x4Pn4hSwHNh6YS-Kjjk6Q-162MUIE5pHfuGuGfFfNpEIxWXiBMXxyweA5okC9oZdMRDa0YYHsqhEdziIxDuNb07DWU&sai=AMfl-YRH5pcbGbmUCo7gnNXnQhB6pwDw9mc51Weqcx9vqcvrDruILzQCIWs1I0paq0bb07lUzToK-t47JmJTgHBM32aZSTwyW9sH-VcmUxc8rrCGkXR6MRnpJNdOW_EUHVCCnJwLD6tkn4JoWnBaYGoAJq_NaXdyH3rw7Pe19anA0twHfDZHiKXpaBcu0tRcmFBZx-LtmEdzjR193rauvAmjz083&sig=Cg0ArKJSzNQt8wyqIacbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=112&cbvp=1&cstd=108&cisv=r20220427.69176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 02 May 2022 10:09:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5005 35 KB
13 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 07:56:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2CC4 12 KB
1 KB 58ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1337995899757920256/CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2617adf8f5cb83097f156dbab8a660f1c336a6b7c7eb94218574ea37a57c8272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 May 2022 08:28:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 02 May 2022 10:09:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 May 2022 10:09:43 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2CC4 29 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1337995899757920256/CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 May 2022 12:53:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5005 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY2Al561vYoOMHoyS7_UP-p2QIAAAAAA4AeAEAg&bg=!cHOlczfNAAZNIUvJbSE7ACkAdvg8Wu07cPbJvfgKIgobc0lTkFcp8uHx72vZHjvPfrtbG-vlb-cZQgIAAACoUgAAAAJoAQeZAzo4gyOlnge6japn2vb385b3dAF-zh07YoRt0-oGqNNZTjpsLXEAjKoOJcRZ7EOBahfar7l64i7tX5Pxg6NQ7-kvqAb6yroSuIhwWRbgCYtI6-KwRK7C6sM6QYnSli2mLCpFSsPA0p1z_kNFCY9Ma3jALR8uukmRbWib4KKfZuYeDO4gawmr2mxY0Rf-dWSHG-mGk-qOyFOEt214hhZVj6-BDOXQn3y4uX_Vm4naC2uibCq4CBM361iaOlhDLebugfSqPSCOAjbl9ROB3VpHIYMCtMhXwnFIOYkYd-slkm8fg0NvqYY_lqHDsoI-Kn_lMVk1rnt4ZO36dU4EuRwov-TkXIOEIna3YOSPwA9cHDxgJnPmrHA8Uldvh_22h3Iaki-YNG0DIGHy9i_eMYWGPXOnQtbAgRK1_xIb1pNSnshLX5BFFUlc71EHFvacNmmDhQdSudnWNUzrPEbFJCFNfRmVGcO4fqzM-xl0Wd8Umcsv9Qp-6yVKQAN3A2x2mJxEk515xFjtAJd6pRittnKBUuBbWPCg45wKsGye18DQCLUahcl6Rsq7xUBXxWUjSK7aEwMesxEx0pcmqCLoBTiRzTWyq84nSblCO1za8kQ8WJd4zZnIeNo9wM97DkAJQVUNKlkv8Tj9RTcwnoAp9SEOVh7YFhan3UsODRN0ekQfCl9JnI35O-0733pleV6wHaWFkOgv2rruKKzQqwgnJAAWeQEES1SAXhBWAfYhwAZSrdpKkrS6k0MIb03LuBPCEwTqyoRPtCT_01yiD0DZBib_r7qE9WcQONus2iYD7A2wbYcWrTt6RzObuXkz9C_YSW33hxbrfmA1w2Kki4RIKh6mn0v-o3H7WgawcAgQK-w9xmjJeHhllFgO98lF-0YjgkRmzgfJSDyuguyBXIfX3YBsXbnLkNgTuyHOFp-2AsH22ZbPmAmdBrOKtuo4MTsx1okWYjhW2tWL0gunpBD_qFFqKjXmfa6mWpwguDHWjiTh7-P3-1VyZJxXfE1GN4ZuQV0R5qj0QoTAAnX8T1UCr8KZL41zao7ELEZ6LJNjyTV3caRDoBx2yenqHMkrqzbEE7PWEbELj_CW9HjQe6jm

Requested by

Host: bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
URL: https://bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 2CC4 15 KB
15 KB 49ms
18ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:15:45 GMT
x-content-type-options: nosniff
age: 474838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:15:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2CC4 15 KB
16 KB 41ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 289402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Apr 2023 01:46:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2CC4 15 KB
16 KB 42ms
12ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 404004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:56:19 GMT

GET
H3 200 80941459-70cc-49e3-b0bc-9e6dda75cd13.jpg
s0.2mdn.net/sadbundle/1337995899757920256/ Frame 2CC4 56 KB
56 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1337995899757920256/80941459-70cc-49e3-b0bc-9e6dda75cd13.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1337995899757920256/CR_popcornews.com_BL_DE_PC_Nongoogle_creative.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcfb9a79f788c9f877ade57fab270c05003ab6d5c22d7fee9c5fe34aa2d391f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 21:02:37 GMT
x-content-type-options: nosniff
age: 565626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56842
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 09:37:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 25 Apr 2023 21:02:37 GMT

GET
DATA 200
OK truncated
/ Frame 2CC4 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C9E8 0
26 B 69ms
44ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0LsWOevyecX_IWXwdQlRrKNfauiI0k9WZ4sxzAzczHL1x7NTksLnJaW5O75Auiopd-5skXNUApqrehlADH5Z1nVkSuZNmJJfauSeRyORZTRHGT9Y0bG4crSMK9YpBt9NEf1sqwi-l8hRRbQgknZCXnWIbaZUXx8v5-OaREt3aOTPZmJBmzox8YRCfPxcgnia8bhZ9vfJ1E7I8H6UnnAZCJ9HhpSRXXqKnXzLxImO5ccFmJxrioHQYCk4bF-Vl0MlOvXiJCTefyvPsVTnWvTctYyn8YgPnCj1FRgJByRe10YB9HVsv35BOoJUED1JOp9VbXaHo-t6HoUuLZlrImpMxkO3XpY_aXNbUiYZu8BKOoNC3I0DZ0zRiFy9w5t9cRwsdyBj87YEXdl4qOVN_oGiKlq2z2eDKI_cw5xnbqpmv4tvJ2p8L8bG19l6u8RSzQxy0VgBZjBqElelD8g5uAbENmrEU_sQ4Krw3_oy0tJ7Zd3A5u3Z9xJ70NwVJlrsdb73AJQ82MkabBRZVS_qatpHLdWGjX624kkla-VSMUeufZC4wcA2Po6jj3zJJERX34wKf0YDrRoKdDC3VmjfaWXRJoucZHrRoaF_14E11EbQMJY_N6yRA-r4KAKJfasl5l7Xg7BBKd_7HOGLKILx5B7p5zz1p1WwaK-6glnInWD4lPNVbRMu37YBCgL5K47-5dDpfLDUcoE4Ejr36I1TG3GdgzrKv9Tu9mdhgdWCCGX2SFCFqa1FS7Uqe9V4KkHcH_Qf-MgFSEy9DS66kudEeauAKY-GEBqOwMJ9VR9erxFJwj-t_CDTs0hQwCnZbzqv-khn3TOaKHs28NDMuMAXhVdweK7RhdCmptDaw105X2wqurBXmnR07r509ZjgZT1ckdWgX2rWgaUp9zajqi05Aonx8R8MF5WQjqD8wnDgoGGbCRuUMCXVr5q6G4vb31-HA_7jgGpZnM1B3XiUFTCf28WnS1mxPBTbvVnlHBSVW9cY8sV01x2ElACeGNgi1Rb2XURQCMpX5Ni1qN5xM48MpMzA28qmEr4xGsIY5P3oE2YnISHcKUvFvv9HECQ0CZUvFcJjk_zzZQxC4NiJQYTOyeyAs_24Q0l5bVHqZBlkO2gZn-hT7wtJCz930_zcBCIUpb8zEDqi5-9bjd0EG_aEq65ClCgFF-HJdY_qa6x4Pn4hSwHNh6YS-Kjjk6Q-162MUIE5pHfuGuGfFfNpEIxWXiBMXxyweA5okC9oZdMRDa0YYHsqhEdziIxDuNb07DWU&sai=AMfl-YRH5pcbGbmUCo7gnNXnQhB6pwDw9mc51Weqcx9vqcvrDruILzQCIWs1I0paq0bb07lUzToK-t47JmJTgHBM32aZSTwyW9sH-VcmUxc8rrCGkXR6MRnpJNdOW_EUHVCCnJwLD6tkn4JoWnBaYGoAJq_NaXdyH3rw7Pe19anA0twHfDZHiKXpaBcu0tRcmFBZx-LtmEdzjR193rauvAmjz083&sig=Cg0ArKJSzNQt8wyqIacbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=461&vt=11&dtpt=349&dett=3&cstd=108&cisv=r20220427.69176&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C9E8 7 KB
5 KB 41ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87af2c69f74516250827853ff4f672d58c00160dc51697c41973f52e9c60e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5570
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C9E8 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 10:09:44 GMT

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DB9 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 07:56:09 GMT

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 79ms
79ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?hash=12f4b07701b9f183&pm=cza&p5=jxahr&rand=bsevofa&sj=4tHojkaBi3NdHymf1nGMhX4sp4reiQsbJVtZNhoZDN5UpTNCE5Q7uV_XZmar9Q%3D%3D&ad-session-id=7045081651486181599&utg=oxum&lts=fizyoxi&ytt=243543437344773&ybv=0.575931&ylv=0.575931&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=lvnljaf&p1=consd&rqs=5hlriXQYhRnmrW9iaflDwbdyDgbgqipi&p2=y

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 10:09:44 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C9E8 42 B
64 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPXL7IpxfmprIpzWck4MtnB-6pshzZHOtIEJQE0aoeFucnUuqtXuXVi1lOoKmkYhx8yGoWwMNx1YYWt94sEj0dFfkEf5kic1yN-qx1M0HjXVZxCZrT2Z1trvDq&sai=AMfl-YTVCD5DBgKaC0xv9YiErm06dDR3HEW4Q1TzyhEl1ikNg1mjZHmcDClilP0ZATs4LAFj0F-BowdTztPBeYuU4qBUfpDoFymN0EHg-7axzQ8pSN41SzFq-L2XHQm4&sig=Cg0ArKJSzCXMdsdmgPUcEAE&cid=CAASJeRoM_dVDstTqmqmB9YOKjEfN6wnazMAqCQBhYrQ0fbTBYU7NCM&id=lidar2&mcvt=1000&p=358,315,608,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2177437627&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651486182700&rpt=169&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1MxkzJUE0T0100000000U9nJVEQxMgQckzRUq7uBnnlTXOOAbi_MvYSn084dJ2HKU-OZXTYBhnaPKXc1ufdsMoOy0ucNoW1vjGb0efKHH7Q2P860YM4cOuSlXBEGiM0cH7GbeqGNXBKH9FM15KZiPPHOniTm52npbX4aV1LCtcLaa65W-iiuYuc1OIuJI6Gfqobc1... Show response
an.yandex.ru/rtbcount/ 43 B
163 B 51ms
50ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1MxkzJUE0T0100000000U9nJVEQxMgQckzRUq7uBnnlTXOOAbi_MvYSn084dJ2HKU-OZXTYBhnaPKXc1ufdsMoOy0ucNoW1vjGb0efKHH7Q2P860YM4cOuSlXBEGiM0cH7GbeqGNXBKH9FM15KZiPPHOniTm52npbX4aV1LCtcLaa65W-iiuYuc1OIuJI6Gfqobc1eQrJB-0xBDC_u7W5PF0gl9D9-otC30K_t2OpdAFbU4l4oV8CSmWetkP5O7aL6QGvhdCJ20704abaFqi6vdldoXfojSucdYI-TdLRw4x9x2sNGMhl0icVp8xEF63dRg2fMCswmOMnXqiJ0TOc6woG3pmmVuXozap8F36_YqBoF4BM7bFiXfdSu2bRx8-4rNON9jS9lwL5UJI3hO6bXbiLmu7Bs1xyhopUyUNjG_oLhB133Z0vd62ZVaH6wzFkOMLUqcmhvbFHQJvIpQOLJ_Xh8diFTyVVpkz_8tzB7OsKtDJIsF37UoC9zX57h0_F73rPEUBTnEp0Dpxa2i0?test-tag=536870941&rnd=5806821471695&confirmRatio=1000000&banner-sizes=eyI3MjA1NzYwNTgwNzU5Mzc2NSI6IjEyODB4MjYifQ%3D%3D&confirmTime=2101000&width=1280&height=34&banner-test-tags=eyI3MjA1NzYwNTgwNzU5Mzc2NSI6IjQwOTc2In0%3D&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:44 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:44 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 56ms
55ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:44 GMT
content-encoding: br
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-c59f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50591
expires: Mon, 02 May 2022 11:09:44 GMT

GET
H2 200 vq_init_internal_player.js Show response
cdn.viqeo.tv/js/ 145 KB
47 KB 9ms
8ms Script
application/javascript 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_starter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0f715f75ad3a0e5995fbe9d2ba6cc733f7d5466d19e9c4183b767e60bc3727a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:44 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 10:22:18 GMT
server: nginx
etag: W/"6266765a-244ef"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 02 May 2023 10:09:44 GMT

GET
H/1.1 200
OK main.js Show response
static-mon.yandex.net/static/ 84 KB
85 KB 513ms
80ms XHR
application/javascript 2a02:6b8::402
YNDX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/main.js?pid=liveinternet
Requested by: Host: i.li.ru
URL: https://i.li.ru/utf/global.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: 9df81ff4267230f88d9c5be5ee5561882d6d2ba2b505a688cd1b2744352c5d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:45 GMT
Nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
X-Amz-Request-Id: 2b7ae8a77e7a186a
Transfer-Encoding: chunked
X-Consumed-Content-Encoding: gzip
Last-Modified: Mon, 02 May 2022 10:09:45 GMT
X-Robots-Tag: noindex, noarchive, nofollow
Vary: Accept-Encoding, Origin
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
X-Amz-Version-Id: null
Access-Control-Allow-Origin: https://www.liveinternet.ru
Access-Control-Expose-Headers: Content-Lenght
Cache-Control: max-age=600,private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript
Content-Lenght: 86073

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D330 14 KB
6 KB 126ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.liveinternet.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5883
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:44 GMT
server-processing-duration-in-ticks: 2520
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 vn_player.js Show response
cdn.viqeo.tv/js/ 442 KB
135 KB 8ms
8ms Script
application/javascript 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/js/vn_player.js?v=1650882126235
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4dfb29cbea54c47528ebc618efae492c82cca913e9ca20f9a43939bf07bf4ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 10:22:18 GMT
server: nginx
etag: W/"6266765a-6e649"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 02 May 2023 10:09:45 GMT

GET
H2 200 WOKejI_zOFm0tGi0f1CWufahewdNYmK0_04GW8200J7chMzY000003YYhm-80Xov0iPD-eJk667Qy0AOYElF0lW2ZO20W0Bm1G6W1i01oGRcJQiSV8jzFmK_j93cBQ4n8C07mD3Si0dG1mBuEAeB4AftiiW_j000S_X0bmJUy0i6u0s2W8Y1W820Y0IO3kQhsw-Lb... Show response
an.yandex.ru/count/ 43 B
338 B 67ms
66ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WOKejI_zOFm0tGi0f1CWufahewdNYmK0_04GW8200J7chMzY000003YYhm-80Xov0iPD-eJk667Qy0AOYElF0lW2ZO20W0Bm1G6W1i01oGRcJQiSV8jzFmK_j93cBQ4n8C07mD3Si0dG1mBuEAeB4AftiiW_j000S_X0bmJUy0i6u0s2W8Y1W820Y0IO3kQhsw-Lb-I2XW6e3x_eek3UfUYO890Gc_Rox8wGvQJU0QYks0G4u1G1s1N1YlRieu-y_6Fmc1RmWOIJ1g395l0_s1Q15wWN3PaOq1WX-1ZZsiUxtTgAiiK1W1c96JDhk1d___y1m1dcgu2Ps--OknVI6H9vOM9pNtDbSdPbSYzoDZKvBJJe6O0Ay1c0mWEO6jJ3Kx0RIBWR0u8S3KntE3f7T5DDDanuMJVf700000000F0_W1t_VuWW0HG0r1PoD246pc4ro16N1PFe788PRnDsOc2LmRbi5N12i_cH_Hm1WdF9aA-T4roYcjWS_YWUapI6mMMAmZEmA000~1=WoOejI_zODC2vHW0b2fAeJ3cqmEQ-9MEpkQOYf41W041Y076fwkyY06G0ShajjZNW8200fW1okIss5UW0SYe0SYu0TYvqlqZs06irSkZ0U01YgkZ5kW1wWFu0PwOthu1e0BGgy01m08Bi0C2Zoc81Ttc3f05xQ4Ri0MWzmQu1Q3t1i05YhOHo0NyjWJG1PFH0k05bAW6m06u1u05q0SMs0SGu0U62l470032We06u0ZebM3e2GV92dc5hAxH9_a_-0g0jHZP2p-qaEOjeJ4Ww0lTvWw839wOthu1gGoWi1tQa_3CF-WCamAO3ScPD3-W3i24FTaFW13Mg8uYeQ82q12tbAzVc17fz2AXkG00083Oz43bAaBPZll6FvWJ1E0JeFS6Y1IW5A3t1gWKxQ4R1zxTnv46w1IC0j0Ltjt7aGRO5S6AzkoZZxpyOvWMy864amQWi1QG1iaMq1QUcDw-0TWMc_Rox8wGvQJU0O4N0F0_c1Uth5Yu5m705xMM0T0Nq8O3s1Vhg3pW5wpChEK5w1S1-1UwtyUH1faOe1W1i1ZNnBwJ1hWO0lWOuzh7kztQYhB50O0PYHapQw0Pm06u6V___m7W6GBe6O0Ay1c0mWE16l__lu4_W4GWY1h0X3sO6jJ3Kw0QWyEXsPojhz0rzHe10000c1k6_JUm6qYu6mFO6u0GwHi0001W6lroGV0Rwugi9VWR_zUn8w4S0000m4T2pZ-f70002C2n77iKhaVXUeI_kK3O7Dtc3k0SxQ4RwV0_yHm0002WQL36lu0T_t-P7U0TeS85aHwe7W7G7h72xF31_Bl6yG7O7lhQ7eWV____0Q0VrgYE8h0V0SWVrkhbKT8V1ZKtDJapCTaV0000G2BaSa7W7uN4aoNe7xIMdYI8806m88I08DWW__y1u201w22wl3qa8C64Ha751DROrBO1F213UQET4YEQ42cpsfpSgPg6-796yMayo18eev99nxrIIk2KWG0fm9ke4SWbCFiHgqwsoa2MwCj8dLKSBM76QsaEtuJ03Ue2NbA898o0OsxMMEka30B8JifWkwKxEDM93hOvS000~1?test-tag=536870941&rnd=3093312995121&confirmRatio=1000000&banner-sizes=eyI3MjA1NzYwNTgwNzU5Mzc2NSI6IjEyODB4MjYifQ%3D%3D&confirmTime=2137000&width=1280&height=34&wmode=0&banner-test-tags=eyI3MjA1NzYwNTgwNzU5Mzc2NSI6IjQwOTc2In0%3D&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H2 200 vq_fly_widget.js Show response
cdn.viqeo.tv/js/ 7 KB
8 KB 8ms
7ms Script
application/javascript 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/js/vq_fly_widget.js?v=1650882126235
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f317800b8d9a747c44522bb71a55a0efba2592f5b4f2a239a0a5df12107fb856

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
last-modified: Mon, 25 Apr 2022 10:22:18 GMT
server: nginx
etag: "6266765a-1d3e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 7486
expires: Tue, 02 May 2023 10:09:45 GMT

GET
H2 200 11963701 Show response
mc.yandex.com/watch/ 357 B
488 B 52ms
51ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/11963701?wmode=7&page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afp%3A795%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A1%3Als%3A1380216784094%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100944%3Aet%3A1651486184%3Ac%3A1%3Arn%3A657854056%3Arqn%3A1%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651486180491%3Ads%3A0%2C128%2C188%2C43%2C129%2C0%2C%2C3278%2C23%2C%2C%2C%2C3766%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651486184%3At%3ALiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA&t=gdpr(14)mc(p-1-h-1)lt(25400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

881f7d0336a20545a8409dedf81449d35a2ba006ca34617ad4c9000fe042d3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 02-May-2022 10:09:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:45 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
124 B 56ms
55ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 02 May 2022 11:09:45 GMT

GET
H2 200 nextvideoblock Show response
api.viqeo.tv/v1/profile/1614/ 3 KB
3 KB 291ms
75ms XHR
application/json 2a02:878:2:9:0:1:2:21
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viqeo.tv/v1/profile/1614/nextvideoblock?player_id=512&block_length=1&referer=https://www.liveinternet.ru/
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:878:2:9:0:1:2:21 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc54c62a4a0ac6993bb5793321e866b32f74eb741eafa94ed816062b4379d51e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type,Locale
content-length: 2787

GET
H2 204 event
ads.adfox.ru/254948/ 0
66 B 74ms
74ms Image
text/plain 2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/254948/event?hash=1f1ec962b2fced48&pm=bmn&p5=jxahr&rand=kkbrjar&sj=4tHojkaBi3NdHymf1nGMhX4sp4reiQsbJVtZNhoZDN5UpTNCE5Q7uV_XZmar9Q%3D%3D&ad-session-id=7045081651486181599&utg=oxum&lts=fizyoxi&ytt=243543437344773&ybv=0.575931&ylv=0.575931&dl=https%3A%2F%2Fwww.liveinternet.ru%2F&pr=lvnljaf&p1=consd&rqs=5hlriXQYhRnmrW9iaflDwbdyDgbgqipi&p2=y

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 May 2022 10:09:45 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1RjF0GBN0Ha200000000U9nJV2QPtLaYqIffwF-gnDLleQ62vREr-KaCGE094mbbUpR7EFRYQqQ6L4QWUAR_goKE8F5IMI2lDW58j3A2o4wGB10mCSna_D03uInax127i5OoJlaDaT_BoF28W-4ec7-M4IHx5KpUPMIGOM3wopYBYO5XBXD8P2cJ3f1Q2oRFClq7W... Show response
an.yandex.ru/rtbcount/ 43 B
99 B 51ms
51ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1RjF0GBN0Ha200000000U9nJV2QPtLaYqIffwF-gnDLleQ62vREr-KaCGE094mbbUpR7EFRYQqQ6L4QWUAR_goKE8F5IMI2lDW58j3A2o4wGB10mCSna_D03uInax127i5OoJlaDaT_BoF28W-4ec7-M4IHx5KpUPMIGOM3wopYBYO5XBXD8P2cJ3f1Q2oRFClq7WgTCBvWP65un2SnNkYlY_ug18PZVSphBFLQ6lqoS88SmimB9NcP583cL6MJ4N6OcaEL0KW5aDyj6vlidIfhoDOucdcH-TlLRwCu9h6rNmIhlWicVp0vE_61dpc9HCCt8ASgC28pC2ChBBGgtpAnm3AXq3t4FJmtsJ0jtzKrVoB93j06iU0NBO-ODB8mxM9WEi33TP85uz8FzGvQpPq3WZVrR5f1t9x2sDfneQDjWle2LyoIhSJO7MDq5reQ61fQRhCz45JRN9fU9VsK5URM3hO5b0jkppMjEd-WxTaXo1jkLmy4Bs7PlUlYcwyMdF-iPLxB1p3x0vd62ZVaH6s-meRDLH6wwlvbFHQJvIpQOAtx2MHFPUxu__dPw-HlxMUnifkQcbiQ6AzWPDx0hx61dFC4kye1zVVE_nyjVpDt5300hlAoB?confirmTime=2100000&confirmRatio=950000&test-tag=243593365164034&format-type=95&actual-format=3&rnd=3448064533682&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43&pcode-test-ids-from-count=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjMwMHgyOTAifQ%3D%3D&width=300&height=290

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D330
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=liveinternet.ru&sn=ChromeSyncframe&so=0&topUrl=www.liveinternet.ru&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=0kz70XxNckVFZGgyNGliRm9rdGlpeDNvM2QrOXlGTy9GNHM4Qk1DZzFhVTFFTXBiOFVaNzhkcXEvSEVKUDZxdW9xOFB0U2Q5WGdIaXJRUzBYb2dmRkk2OWN3c2ZTN0xnQkZraVhsSmRvQUljRFRVN0M3Z201Q3VUd216NF...

436 B
636 B

68ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0kz70XxNckVFZGgyNGliRm9rdGlpeDNvM2QrOXlGTy9GNHM4Qk1DZzFhVTFFTXBiOFVaNzhkcXEvSEVKUDZxdW9xOFB0U2Q5WGdIaXJRUzBYb2dmRkk2OWN3c2ZTN0xnQkZraVhsSmRvQUljRFRVN0M3Z201Q3VUd216NFZudFJWOGRtUFBra2tzQVJ1QTY1aEtPNXhHNFp6ZitFMjdZd2pVc3JmWXAyY3RtZ2xoa2dHbFN0cTdIeXJBRW4rOTljaHpwcUUzSHdyWTc5WjF1STZnRks1N2R4MnVGc0szSHE1QTRyOEpiMno1YVdwOFc1K3I1cTlTRElqUlZyUVEycFQ5SDI5bnhFWGt5RlprR3pybkxjZHI0MmpRdz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8eed52d69e57e5292be8b972b338ad137ceec4f78b727376df819da9f528763d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4367
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=0kz70XxNckVFZGgyNGliRm9rdGlpeDNvM2QrOXlGTy9GNHM4Qk1DZzFhVTFFTXBiOFVaNzhkcXEvSEVKUDZxdW9xOFB0U2Q5WGdIaXJRUzBYb2dmRkk2OWN3c2ZTN0xnQkZraVhsSmRvQUljRFRVN0M3Z201Q3VUd216NFZudFJWOGRtUFBra2tzQVJ1QTY1aEtPNXhHNFp6ZitFMjdZd2pVc3JmWXAyY3RtZ2xoa2dHbFN0cTdIeXJBRW4rOTljaHpwcUUzSHdyWTc5WjF1STZnRks1N2R4MnVGc0szSHE1QTRyOEpiMno1YVdwOFc1K3I1cTlTRElqUlZyUVEycFQ5SDI5bnhFWGt5RlprR3pybkxjZHI0MmpRdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1439
content-length: 541
expires: 0

GET
H2 200 1OeVHNtN0Ha200000000U9nJV2QPtLaYqIffwFygvwZVGaC5osThyvCOWC0J9XAw-csBIUp5rumCgOn0yKp_Lt_sWyHBPO6ysWGWqSe88Zj1ia30n32JaQiDmbd8k448mbh9QF4T8h-NaU4H1yDHCFyi8qZsAfYyoyWWmy3qbt4M4mF3N2QGo58c7I2r5aoUPVeF1... Show response
an.yandex.ru/rtbcount/ 43 B
82 B 56ms
55ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1OeVHNtN0Ha200000000U9nJV2QPtLaYqIffwFygvwZVGaC5osThyvCOWC0J9XAw-csBIUp5rumCgOn0yKp_Lt_sWyHBPO6ysWGWqSe88Zj1ia30n32JaQiDmbd8k448mbh9QF4T8h-NaU4H1yDHCFyi8qZsAfYyoyWWmy3qbt4M4mF3N2QGo58c7I2r5aoUPVeF14-PNZ0pCBnY4X0lUIpf_ug1uOAUvtIMUwmCVvauGGvXPWMIlSoAG78gCyY8kSnC8Ck1f0B8RfQDpFTFb3JbQnnDFCdyxEgtq9qJMDkkWbNU1PC_cHsS-C7EdCMYO9gHKvGP4HYP4PINMnHkcHcSvrFbbkSRaLUfQ-nMdb--a6M7Q0DOyGgMkymRM1Xti30TO66woGBnw0VxXondpu306_ktB23lJc1jRJZHqBR1V04hvqbMusmEiBeBh0qD3ImtMP-9AcokJIuJ_yeAyce7MmFB1BPdczUSFj5tx93a3BOhXuCNiEtUzF1DrujFVzOphcI3cNs0pUC46_CZDjvWGsUhof9CVpEVYaZpbsmmL_o4ioQoztn__EtqyZVsizZPJCrDBOqDLx0pRc1NsC7EU89Tv07x-kP_ZvU_cBkB6G3Hvwth?confirmTime=2105000&confirmRatio=950000&test-tag=243593365164034&format-type=95&actual-format=3&rnd=5184299170745&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43&pcode-test-ids-from-count=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjMwMHgyOTAifQ%3D%3D&width=300&height=290

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 20ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8f5f8cf91d19e22455d6e2246b407dda5728a8334df70afb9b57f760235cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10573
x-xss-protection: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/11963701/ 43 B
73 B 60ms
59ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/11963701/1?page-url=https%3A%2F%2Fwww.liveinternet.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2p1huow64gxzxg8w%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A1%3Als%3A1380216784094%3Ahid%3A123351464%3Az%3A0%3Ai%3A20220502100944%3Aet%3A1651486185%3Ac%3A1%3Arn%3A916756084%3Arqn%3A2%3Au%3A1651486182881230651%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651486180491%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4206%2C4206%2C1%2C%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1651486185&t=gdpr(14)mc(p-2-h-1)lt(25400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
last-modified: Mon, 02-May-2022 10:09:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7309 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

accept-ranges: bytes
age: 297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:04:48 GMT
expires: Tue, 02 May 2023 10:04:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0D0 783 B
534 B 40ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c55a2c57e1f47380bbdbb8c307cd7a041c0ea2fa1c9d3411e796d8bc1dbcefa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F8VtLyt8I1tXSRlxN5coyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-F8VtLyt8I1tXSRlxN5coyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 10:09:45 GMT
expires: Mon, 02 May 2022 10:09:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 embed Show response
cdn.viqeo.tv/ Frame 8F69 36 KB
9 KB 8ms
7ms Document
text/html 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/embed?vid=8064ac7d578a1db6e548&presetId=7023&playerId=512
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 22b2ca8aa5b6a0bd607683e9bbb638369150a334709db273306fa5f478fa56f2

Request headers

Referer: https://www.liveinternet.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9
referer: http://ukrline.com.ua/?ref=22805

Response headers

access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type,Locale
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin: *
cache-control: max-age=600
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 02 May 2022 10:09:45 GMT
expires: Mon, 02 May 2022 10:19:45 GMT
last-modified: Tue, 29 Sep 2020 07:50:30 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding Origin

GET
H2 200 startup Show response
api.viqeo.tv/v1/data/ 2 KB
2 KB 75ms
74ms XHR
application/json 2a02:878:2:9:0:1:2:21
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viqeo.tv/v1/data/startup?video%5B%5D=8064ac7d578a1db6e548&profile=1614&referer=https%3A%2F%2Fwww.liveinternet.ru%2F&title=LiveInternet%20%40%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%D0%B8%20%D0%B4%D0%BD%D0%B5%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D0%B8%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:878:2:9:0:1:2:21 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: b4a55f32f8e3c8c7c42227b75ba85d71cf261825cba511d4d6b55d0e63ca93ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.liveinternet.ru
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type,Locale
content-length: 1536

GET
H2 200 stats
stats.viqeo.tv/ 35 B
290 B 156ms
42ms Image
image/gif 83.222.109.36
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.viqeo.tv/stats?referer=https%3A%2F%2Fwww.liveinternet.ru%2F&user_key=de929271ac17212ccc804cf2400aa1e4f05fd10a&rand=bd97efa8c03ed6c29994e9dcb9fec48a&profile_id=1614&site_id=1250&story_id=0&video_id=pageload&event=init&container=default&ab_segment=&page_type=web
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.109.36 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin
content-length: 35

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7309 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 07:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 May 2023 07:56:09 GMT

GET
H2 200 40169-preview.webp
cdn.viqeo.tv/poster/ Frame 8F69 21 KB
22 KB 8ms
7ms Image
image/jpeg 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viqeo.tv/poster/40169-preview.webp
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/embed?vid=8064ac7d578a1db6e548&presetId=7023&playerId=512
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 224fe0bbdbd3d99dca9fd08322fedee0730c737602a550a4810912986c7d06a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
last-modified: Mon, 02 May 2022 10:04:35 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type,Locale
content-length: 21700
expires: Fri, 06 May 2022 10:09:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0D0 0
0 72ms
71ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=1380397679045905&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 / Show response
cdn.viqeo.tv/v1/proxy/ 508 KB
160 KB 8ms
8ms Script
application/javascript 151.236.71.1
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viqeo.tv/v1/proxy/?url=https://static.videonow.ru/v2/d374b1a5/vn_module.js
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/js/vq_init_internal_player.js?_=27524769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.1 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 997a461d81c1c2ea9687c9b62cf7d9ee8da7791c551b6b9d16f4b8d06c37a6cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:25:29 GMT
server: nginx
etag: W/"62693639-7f059"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true, true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type,Locale
expires: Tue, 02 May 2023 10:09:45 GMT

GET
H2 200 stats
stats.viqeo.tv/ 35 B
289 B 74ms
42ms Image
image/gif 83.222.109.36
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.viqeo.tv/stats?referer=https%3A%2F%2Fwww.liveinternet.ru%2F&page_type=web&user_key=de929271ac17212ccc804cf2400aa1e4f05fd10a&rand=38ba2cfb7100532939b4f4c04c6bd807&profile_id=1614&site_id=1250&story_id=0&video_id=pageload&event=init&container=default&ab_segment=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.109.36 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin
content-length: 35

GET
DATA 200
OK truncated
/ Frame AE6B 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d6554b5de7e10dddfbe428cb4cac47bdec89851fd64932aca9c18398e3699c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AE6B 866 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e56958ad5b74d0b2647d89d31f6d497a97a063d59a4a5e0d4109e5d566f85be4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 stats
stats.viqeo.tv/ 35 B
289 B 42ms
42ms Image
image/gif 83.222.109.36
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.viqeo.tv/stats?referer=https%3A%2F%2Fwww.liveinternet.ru%2F&page_type=web&user_key=de929271ac17212ccc804cf2400aa1e4f05fd10a&rand=38ba2cfb7100532939b4f4c04c6bd807&profile_id=1614&site_id=1250&story_id=40169&video_id=8064ac7d578a1db6e548&event=init&container=default&ab_segment=&custom_tag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.109.36 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin
content-length: 35

HEAD
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.39/ 0
542 B 31ms
31ms XHR
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.39/host.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7306
last-modified: Wed, 22 May 2019 10:50:14 GMT
server: nginx/1.17.9
etag: "fb20ac226b37ae25c7039cf3e4afd1b2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:04 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/ Frame F5F6
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

286 KB
78 KB

66ms
66ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

01a6abb845acb6c7d42e864c32a5fb74480ff50f30d88d6e071176e0de2f9f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1651486185834140-14991968919822138164-sas3-0999-700-sas-l7-balancer-8080-BAL-5265
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:45 GMT

Redirect headers

date: Mon, 02 May 2022 10:09:45 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 WPKejI_zO081NGm051KpdEO6kMFhImK00W8GW8200J7chMzY000003YYhm-80Xsv0iPD-eJk667Qy0ALzlt01l050Q06m0791kOPQubq68KPgGTFwgH0Jg4n8C07mD3Si0dG1mBuW0e1Y0eDg0he1uWBEgeB49yYtHHFwW00Kmz9bmJUy0i6u0s2W821W820Y0IO3... Show response
an.yandex.ru/count/ 43 B
82 B 57ms
57ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WPKejI_zO081NGm051KpdEO6kMFhImK00W8GW8200J7chMzY000003YYhm-80Xsv0iPD-eJk667Qy0ALzlt01l050Q06m0791kOPQubq68KPgGTFwgH0Jg4n8C07mD3Si0dG1mBuW0e1Y0eDg0he1uWBEgeB49yYtHHFwW00Kmz9bmJUy0i6u0s2W821W820Y0IO3kQhsw-Lb-I2XW6e3y_KqwlagUYO890Gc_Rox8wGvQJU0QYks0G4u1G1s1N1YlRieu-y_6FmW1Q5WCY0Xh0te1RmWOIJ1iaMy3_O5e4Ng1S9cHZG627u6EFQnxlTsegonG606OaPCskm6UQphCl8ZiR26RWP____0S0Pvgk0cTllcBiNqXaIUM5YSrzpPN9sPN8lSZOrEIqqw1ci0l0PWC83c1hKmrEm6qYu6mE270rJCKCwM6rdJpPCU5atwHo07Vz_-1y1W20WY2014G1RoAWe5EGq8SPtOJN84fS5a-WSWXrl4-7425ss2ZW1sFoeVLG2H0LPXiRQEGw5FuetuSvXd040~1=Wm0ejI_zOA42jHS0n2UjekfWeGE8wvlJuP27huy1W06BlmY80Sg9ckM90P01f8MpcTY0W802c06aXREPMA01dgW1dhW1yFNUZIJO0Tgy_QC1u06wYDSMw06E0Q02h9tm5u03fREogWc80y6LfAm3c0F4uGAm0uIC0OW5ePKDa0Nuwm-m1VRL1RW5zjK5m0N0dGhrmm7W1Lge1i01k0U01V470024WSA0W0RW2DQE-0le2G3mFyaACe-poUGp-J_P2q_gf41EeJ4Ww0kXbGsf3B0-VFOmwk0_w0oR1fWDp9G_e0x0X3tP3mnMX9aun_W_W12jdASYu16ugu04w17DdRlooPQYrcCmVa1PFgy6Cn2-FvWJ1E0Jhk85W1I0W804Y1JanDkJgCNWkCK1e1IkuWMe5DUE49-Jfv46w1IC0j0LdvEdaGRO5S6AzkoZZxpyOw0My864amQm5f06oHRG5kB6thu1s1QRzlBiZf3bfDu1WHS0y3-O5uMGpncu5m705xMM0TWNm8Gzw1S1cHYW60Qm6CYslfC6k1W4-1ZZsiUxtTgAiiK1W1c96JDhe1d00RWP____0U0P4UWPh0Bm6O320u4Q___7ZMJtO6A86i24FP0QW820W820Y42O6jJ3Kw0Q_AgRuShGi8lF0RWQ0_KQ0G0009WRcUKri1j8k1i3eHm00030376mlwaS0008mB4SUnIkH-5wXB-vGDWSaR8Du1pNZX3f7F4S0000P0bbaR-07Vz_cHtW7TMkdWM97f4Ug1u1q1xrluZwveQBcH7O7llQ7eWV____0Q0VhPod8h0V0SWVhTx-KT8V1ZKtDJapCVWV0O0W88WW0R0WX84Ws23__m7W804b8944ZM5CMK6f2h83d9hBeOmhbRGPYUOckNDE61Jv3bGrXqXHHnbfCCXvonW0uNmlY4XeilfFhUn-xd6wa9ndzN1VRh1wZLbS2xGmV-goOXKAz50amSPwCh2VX3EXUiOWBKno8RIFPZUobES1_5dYjeu5qS6s6Wu0~1?stat-id=29&test-tag=243593365716497&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjMwMHgyOTAifQ%3D%3D&format-type=95&actual-format=3&pcodever=575931&pcode-test-ids-from-count=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&banner-test-tags=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjQyOTUwMTY0NjUifQ%3D%3D&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43&width=300&height=290&confirmTime=2165000&confirmRatio=950000&wmode=0

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H2 200 WPCejI_zO041JGm011KqXEshKpG9OGK00G8GW8200J7chMzY000003YYhm-80Xsv0iPD-eJk667Qy0B_rRbvy0K1e0R00Sa6vXbhYNGOXHcf1q_g_BzEeJ4Wm0V0qDom2T070lY02W682Wse2kW7Y0iwgWiG5tJZ6K_g003GBacN1Dxm2mRW3OA0W860W82819WEv... Show response
an.yandex.ru/count/ 43 B
82 B 63ms
62ms XHR
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WPCejI_zO041JGm011KqXEshKpG9OGK00G8GW8200J7chMzY000003YYhm-80Xsv0iPD-eJk667Qy0B_rRbvy0K1e0R00Sa6vXbhYNGOXHcf1q_g_BzEeJ4Wm0V0qDom2T070lY02W682Wse2kW7Y0iwgWiG5tJZ6K_g003GBacN1Dxm2mRW3OA0W860W82819WEvglRhvMNv8A60QWFpzIpg-ofw9WWa12RzlBiZf3bfDu1gAxO10JW507O5S6AzkoZZxpyO_205eM0o826i3UW5l21X9C6oHRmFzWMWHUe5mcP6D0O8VWOuzh7kztQYhB50O0PYHapQx0PvhEioyYEni8Pk1d___y1m1dcgu2Ps--OknVI6H9vOM9pNtDbSdPbSYzoDZKvBJJe6Qm2y1c0mWEO6jJ3Kx0RIBWR0u8S3LCnGpfvT6bFDanuMJVf780T_t_u7m608228804H05l8g2GKv2mXnczXDSWIbmMJw1o27MyJuCG8NROAEE7N_8Xz5072aSfGM3l7dV17SGRSEOmp~1=Wm4ejI_zOA42lHS092Y1OaYQeGE8wvlJuP27huy1W06BlmY80Sg9ckM90P01f8MpcTY0W802c06aXREPMA01dgW1dhW1yFNUZIJO0Tgy_QC1u06wYDSMw06E0Q02h9tm5u03fREogWc80y6LfAm3c0F4uGAm0z-70OW5yumDa0NSuG-m1QBI1RW5ej85m0N0dGhtmW7W1Lge1i01i0U0W90yk0U01V470024WSA0W0RW2DQE-0le2G3mFyaAXwwWYLqJ-J_P2q_g_BzEeJ4Ww0lpZ0sf3F3n4XB9mE0_w0oR1fWDp9G_e0x0X3tP3zSk3vmzf_W_W12jdASYu16ugu04w17DdRlooPQYrcFGVK2xyr8MQoc-FvWJ1E0Jqju5W1I0W804Y1JanDkJgCNWkCK1e1JItWMe5AM449-Jfv46w1IC0j0LdvEdaGRO5S6AzkoZZxpyOw0My864amQm5f06oHRG5kB6thu1s1QRzlBiZf3bfDu1WHS0y3-O5uMGpncu5m705xMM0TWNm8Gzw1S1cHYW60Qm6CYslfC6k1W5-1ZZsiUxtTgAiiK1W1c96JDhe1d00RWP____0U0P4-WPh0Bm6O320u4Q__-ZXPS4pLY86i24FP0QW820W820Y42O6jJ3Kw0Q_AgRuShGi8lF0RWQ0_KQ0G0009WRcUKri1j8k1i3eHm00030376mlwaS0008mB4SUnIkH-5wXB-vGDWSqAaDu1obX13f7F4S0000P0bbaR-07Vz_cHtW7TMkdWM97f4Ug1u1q1xrluZwveQBcH7O7llQ7eWV____0Q0VhPod8h0V0SWVhTx-KT8V1ZKtDJapCVWV0O0W88WW0R0WX84Ws23__m7W804a8A44pJ2ciA2gWdMSpUK0nvLAsen4iv3SQKuOY7ntgjeXKiHHHXeFSivb34XutmiY4fgi_bChsvzxd2uavrazsfURha9Z5jS8MfW_SXcn2WLmA99mOpqRc9-aisfXdGkXVJIxaQKy3-0F4wzrB8WEjebm~1?stat-id=29&test-tag=243593365716497&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjMwMHgyOTAifQ%3D%3D&format-type=95&actual-format=3&pcodever=575931&pcode-test-ids-from-count=568464%2C0%2C6%3B551984%2C0%2C5%3B575870%2C0%2C91%3B564895%2C0%2C37%3B406668%2C0%2C43%3B575931%2C0%2C93%3B574104%2C0%2C-1&banner-test-tags=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjQyOTUwMTY0NjUifQ%3D%3D&pcode-active-testids=574104%2C0%2C-1%3B406668%2C0%2C43&width=300&height=290&confirmTime=2166000&confirmRatio=950000&wmode=0

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 286 KB
78 KB 56ms
56ms XHR
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ac629b4b64121aeecf52e81c55120c0fd7d0cd2849a19e158979c499ec5e1467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1651486185775690-251631115816183651600226-production-app-host-vla-pcode-169
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7309 0
9 B 17ms
17ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?azDpog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 953eadf0b1ddecfeb5be.js Show response
yastatic.net/partner-code-bundles/575931/ Frame F5F6 13 KB
5 KB 32ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/953eadf0b1ddecfeb5be.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4468
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "8bfe6375420f5ddd290872d10aaad942"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:20 GMT

GET
H2 200 9c6a709e779e825bf49f.js Show response
yastatic.net/partner-code-bundles/575931/ Frame F5F6 89 KB
19 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/9c6a709e779e825bf49f.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18885
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "2af5080ab83da0cc0a0a8104e2076047"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame F5F6 33 KB
9 KB 33ms
33ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:43:36 GMT

GET
H2 200 d764300e195c28c18d93.js Show response
yastatic.net/partner-code-bundles/575931/ Frame F5F6 502 KB
104 KB 33ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/d764300e195c28c18d93.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 105415
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "78a41bd4749038af54167b0920f5fef2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H2 200 /
an.yandex.ru/mapuid/yandex/ Frame F5F6 43 B
99 B 57ms
55ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/yandex/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:45 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:45 GMT

GET
H2 200 stats
stats.viqeo.tv/ 35 B
289 B 42ms
41ms Image
image/gif 83.222.109.36
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.viqeo.tv/stats?referer=https%3A%2F%2Fwww.liveinternet.ru%2F&page_type=web&user_key=de929271ac17212ccc804cf2400aa1e4f05fd10a&site_id=1250&event=visible&container=recommend_player&custom_tag&profile_id=1614&rand=38ba2cfb7100532939b4f4c04c6bd807&content_id=0&channel_id=0&owner_id=0&owner=&ab_segment=&story_id=40169&video_id=8064ac7d578a1db6e548&user_id=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.109.36 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:45 GMT
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Origin
content-length: 35

GET
H/1.1

200
OK

/ Show response
data.videonow.ru/
Redirect Chain

https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F
https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F&ccheck=1

21 KB
4 KB

134ms
134ms

XHR
text/xml

83.222.115.14
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F&ccheck=1
Protocol: HTTP/1.1
Server: 83.222.115.14 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx / PHP/7.2.34
Resource Hash: ceafbbe919daa9db377a9f62a27e5163f6fa717109da55d131c7eb515642e9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: https://www.liveinternet.ru
Cache-Control: private, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.liveinternet.ru
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Content-Type: text/xml; charset=utf-8
Location: https://data.videonow.ru/?profile_id=5015393&format=vast&vpaid=0&multi=1&flash=0&w=400&h=225&location=https%3A%2F%2Fwww.liveinternet.ru%2F&ccheck=1
Cache-Control: private, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1 Show response
an.yandex.ru/jserr/ Frame F5F6 0
121 B 51ms
50ms Script
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jserr/1

Requested by

Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:46 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:46 GMT

POST click
yandex.ru/clck/ Frame F5F6 0
0

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://px.adhigh.net/p/cm/videonow?vn_dsp_id=3&event_id=54283c0ecd8b54d9419729ad262629ae
https://sync.videonow.ru/ssp?dsp=3&uuid=un5JqXisILE.AikABlGAhD9Mlg

35 B
457 B

247ms
48ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=3&uuid=un5JqXisILE.AikABlGAhD9Mlg
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974710
content-length: 35

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.videonow.ru/ssp?dsp=3&uuid=un5JqXisILE.AikABlGAhD9Mlg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=1345372813
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5097839&bn=5097839&rnd=1345372813&tuid=-4329027222
https://sync.videonow.ru/ssp?dsp=4&uuid=A90Rokr4y8o9WHlpfs9BwLQ

35 B
455 B

41ms
41ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=4&uuid=A90Rokr4y8o9WHlpfs9BwLQ
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974856
content-length: 35

Redirect headers

Pragma: no-cache
Date: Mon, 02 May 2022 10:09:46 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: //sync.videonow.ru/ssp?dsp=4&uuid=A90Rokr4y8o9WHlpfs9BwLQ
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 299ms
49ms Image
text/plain 37.18.16.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=115

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.16 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 126
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://videonow-sync.rutarget.ru/sync?vn_dsp_id=7&event_id=54283c0ecd8b54d9419729ad262629ae
https://sync.videonow.ru/ssp?dsp=7&uuid=qwKEqwsQxEaJ

35 B
447 B

42ms
41ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=7&uuid=qwKEqwsQxEaJ
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974777
content-length: 35

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
Location: https://sync.videonow.ru/ssp?dsp=7&uuid=qwKEqwsQxEaJ
Vary: Origin
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin: null
Connection: close
Content-Length: 0

GET
H/1.1 204
No Content videonow-sync
rtb.com.ru/ 0
240 B 282ms
40ms Image
text/plain 83.222.114.188
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/videonow-sync?uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://sync.bumlam.com/?src=vn2&uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjq276TBlIF_ubBnAJiKDBmYTIyMGI2ZmVlODI1YmYyYzkzZTIxMTY1MmIyZGZiMjlhNzc4Yjc*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjq276TBlIF_ubBnAJiKDBmYTIyMGI2ZmVlODI1YmYyYzkzZTIxMTY1MmIyZGZiMjlhNzc4YjeiARD-kZwMyf8R7IQ9ACWQyCQ3
https://sync.bumlam.com/?src=vn2&s_data=CAIQABjq276TBmIoMGZhMjIwYjZmZWU4MjViZjJjOTNlMjExNjUyYjJkZmIyOWE3NzhiN6IBEP6RnAzJ_xHshD0AJZDIJDc*
https://sync.bumlam.com/?src=vn2&s_data=CAIQARjq276TBmIoMGZhMjIwYjZmZWU4MjViZjJjOTNlMjExNjUyYjJkZmIyOWE3NzhiN6IBEP6RnAzJ_xHshD0AJZDIJDc*
https://sync.videonow.ru/ssp?dsp=14&uuid=fe919c0c-c9ff-11ec-843d-002590c82437

35 B
463 B

55ms
55ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=14&uuid=fe919c0c-c9ff-11ec-843d-002590c82437
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974888
content-length: 35

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.videonow.ru/ssp?dsp=14&uuid=fe919c0c-c9ff-11ec-843d-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H/1.1

200
OK

matchspm
ut.rktch.com/
Redirect Chain

https://ut.rktch.com/matchspm?pi=31&pui=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3722808843
https://ut.rktch.com/matchspm?pi=1000006&pui=mj.8DZgVTdZig5KPAKoJWO&noredirect

88 B
88 B

43ms
43ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=mj.8DZgVTdZig5KPAKoJWO&noredirect
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
via: 1.1 google
last-modified: Mon, 02 May 2022 10:09:46 GMT
server: Weborama Collect Frontend
location: https://ut.rktch.com/matchspm?pi=1000006&pui=mj.8DZgVTdZig5KPAKoJWO&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 204 videonow
sync.dmp.otm-r.com/match/ 0
69 B 256ms
6ms Image
text/plain 195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/videonow?id=0fa220b6fee825bf2c93e211652b2dfb29a778b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.108.196 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 10:09:46 GMT
server: nginx/1.15.9

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://sm.rtb.mts.ru/match/second?ssp=38&exu=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://tech.rtb.mts.ru/?dsp_uid=4db82a96-aded-409f-809d-929fe097d2f3&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D38%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1
https://sm.rtb.mts.ru/em?next=38&em=2&ssp=aidata&id=JLmKGD9KjtOdODuA9st88Q
https://sync.videonow.ru/ssp?dsp=28&uuid=4db82a96-aded-409f-809d-929fe097d2f3

35 B
462 B

46ms
46ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=28&uuid=4db82a96-aded-409f-809d-929fe097d2f3
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3975321
content-length: 35

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://sync.videonow.ru/ssp?dsp=28&uuid=4db82a96-aded-409f-809d-929fe097d2f3
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=34557&callback_url=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D30%26uuid%3D%24%7BUSER_ID%7D
https://sync.videonow.ru/ssp?dsp=30&uuid=2812f45f-b283-527a-b942-6560db2dc886

35 B
464 B

269ms
48ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=30&uuid=2812f45f-b283-527a-b942-6560db2dc886
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974709
content-length: 35

Redirect headers

location: https://sync.videonow.ru/ssp?dsp=30&uuid=2812f45f-b283-527a-b942-6560db2dc886
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://relap.io/partners/videonowcs?vn=889
https://sync.videonow.ru/ssp?dsp=32&uuid=wOYd3vVi

35 B
444 B

59ms
59ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=32&uuid=wOYd3vVi
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974815
content-length: 35

Redirect headers

location: https://sync.videonow.ru/ssp?dsp=32&uuid=wOYd3vVi
date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=5184000; includeSubdomains;

GET
H2

200

b510e33a-ff29-46e7-b7d2-c2ff8477c502
an.yandex.ru/mapuid/qbitis/
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?source=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://an.yandex.ru/mapuid/qbitis/b510e33a-ff29-46e7-b7d2-c2ff8477c502

43 B
80 B

51ms
50ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/b510e33a-ff29-46e7-b7d2-c2ff8477c502

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:46 GMT

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/b510e33a-ff29-46e7-b7d2-c2ff8477c502
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2 204 sync
a.utraff.com/ 0
867 B 67ms
34ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=videonow&uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8xiwAZbUU7Zp5hvrzWSNsQdrpK7gI%2FyD48igTCObc8rvrL3EM2kcaYZ%2Bagw9EU%2BQXD5uoPrWYOp1Zs7GB1XKpEG%2FHBfAylGqyG2pZKRCV3vmwkGmrKUA6%2Beq4mOOAbXSvAGl5%2BQySU63Zk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 704ff69a4a2b9b7a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://match.new-programmatic.com/userbind?src=videonow&id=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://sync.videonow.ru/ssp?dsp=39&uuid=

35 B
320 B

41ms
41ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=39&uuid=
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:46 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3974964
x-error: http://sync.videonow.ru/ssp?dsp=39&uuid=: empty user dsp
content-length: 35

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://sync.videonow.ru/ssp?dsp=39&uuid=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

ssp
sync.videonow.ru/
Redirect Chain

https://adx.com.ru/videonow-plazsync?uid=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://adx.com.ru/sync?sspKey=6&sspUserID=0fa220b6fee825bf2c93e211652b2dfb29a778b7
https://dmp.redllama.ru/sync/yabbi?uid=626fadeaf0e015ca9390f4ec&redir=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%252...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D626fadeaf0e015ca9390f4ec%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D626fadeaf0e015ca9390f4ec%26r%3Dhttps%253A%252F%252Fsync.videonow.ru%252Fssp%253Fdsp%253D40%2526uuid%253D626fadeaf0e0...
https://prodmp.ru/yabbi.gif?uid=626fadeaf0e015ca9390f4ec&r=https%3A%2F%2Fsync.videonow.ru%2Fssp%3Fdsp%3D40%26uuid%3D626fadeaf0e015ca9390f4ec
https://sync.videonow.ru/ssp?dsp=40&uuid=626fadeaf0e015ca9390f4ec

35 B
453 B

42ms
41ms

Image
image/gif

212.76.131.50
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.videonow.ru/ssp?dsp=40&uuid=626fadeaf0e015ca9390f4ec
Protocol: H2
Server: 212.76.131.50 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs25.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:52 GMT
server: nginx
x-conn-req: 1
vary: Origin
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-conn-id: 3982990
content-length: 35

Redirect headers

location: https://sync.videonow.ru/ssp?dsp=40&uuid=626fadeaf0e015ca9390f4ec
date: Mon, 02 May 2022 10:09:52 GMT
access-control-allow-credentials: true
server: nginx
content-type: image/gif
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6323/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6323/i/i?a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281
https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281

49 B
603 B

62ms
62ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281

Protocol

HTTP/1.1

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 12
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 02 May 2022 10:09:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/6323/i/i?call_source=awg&a=622&e=0fa220b6fee825bf2c93e211652b2dfb29a778b7&i=134537281
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 0fa220b6fee825bf2c93e211652b2dfb29a778b7
an.yandex.ru/mapuid/adfox/ 43 B
80 B 55ms
50ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adfox/0fa220b6fee825bf2c93e211652b2dfb29a778b7?jsredir=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:46 GMT
content-encoding: gzip
last-modified: Mon, 02 May 2022 10:09:46 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:46 GMT

GET
H2

204

segmento
sync.dmp.otm-r.com/match/
Redirect Chain

https://videotarget-sync.rutarget.ru/sync?vn=542
https://sync.dmp.otm-r.com/match/segmento?id=qwKEqwsQxEaJ

0
68 B

8ms
8ms

Image
text/plain

195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/segmento?id=qwKEqwsQxEaJ
Protocol: H2
Server: 195.201.108.196 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 10:09:46 GMT
server: nginx/1.15.9

Redirect headers

Location: https://sync.dmp.otm-r.com/match/segmento?id=qwKEqwsQxEaJ
Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 204
No Content / Show response
rtb.videonow.ru/ 0
323 B 463ms
221ms XHR
text/plain 212.76.131.55
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.videonow.ru/?profile_id=5015393&location=https%3A%2F%2Fwww.liveinternet.ru%2F&pb=1&link_key=b180560fe23bd12de2631824a6f5c306&w=0&h=0&container=
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/v1/proxy/?url=https://static.videonow.ru/v2/d374b1a5/vn_module.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.76.131.55 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
X-Conn-Req: 7
Vary: Origin
Connection: keep-alive
Access-Control-Allow-Origin: https://www.liveinternet.ru
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Conn-Id: 16073223
X-Error: no winner

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=1380397679045905&bg=!i4iliMzNAAZNIUvJbSE7ACkAdvg8Wq2Eopx6bGcQ7f2CojYzoWAgsEudLIQXky35RmpK_cG_5lbeVQIAAADyUgAAAAJoAQeZAtOsC1wOsOOT-UhdOENzHUwyHSbfVQtWuaqnQFl171tZj9ZS6HOpVuJUHDS_mX4iZkVKINRT63HNcWdRHjza5XQZpI8dn0a6K8FjPs92arLsmKtLOEIyJB-CJZ8vGUhAopTFVG0i3kdiQYyoXN_ypfEoBMkoU7TzJgE-FGYhStHaNewovF_WpfYz73xct9-sqt6m5pTwWBRQY3DH3yRaB7CjWMgrQSjaSAUvtw0bgsnRdYpmc0Y46fQTqI72URW8QftlGTjJJVBTdv1sLTjID5tJPg0cWlaye74RgGvedi4R_mioX3F4RAH85md-a-kKZsUN29GM2Oev_oWAJwOw7BJb3EL2XJIphbIH3L81KljfNpYB2uQ05mE8mQnP0UowMNmJymw3KlROEZGcSPCo_heQLzGs-AVrDCbp2Z1mfZeVrer-6gqVgio1XPWVT2V6kttoyOEAsDMPahKvBAdT6bEGcuFr-SW6xkAZi9CTMa7uCAgALOTfXAfEKBJtblHHHyVOoN0-kZUKBylP4W3UL1MIxZslpsSn3Bgd7UbD841Qy6cvxC6dW-1nx5OVhX-9bBDcaUzhsj6RquYkObgasqroYnQaehwCH5ioXKbI50h0wT_A_Ip5vowK2-YUuGAARJOa58PpdSvDeaTNjxD-SKdGxZxe6GQ1cga8bimd33BLnkcpcTBL2veMYoge13ljelIgCMsOctNvtnqpaAKks8uOLibJazQ1UCoeSEOXffXrLqq_UO-80T7catHrqKK3R0RitwGdVEpQuhr_no-yorlGdvn2lsg19z4q4QUJ5zWbVmXhLP4_tUSYOnUWU_LwtbtknpAf1TOLfmMS5KuTtD9fOE1k1fMq37QVF8lo6akimPWvAGhDELeWenterzE591c6q-2Q1seDsjTXbXZUFAsJGq44t_FODaDKlSEpYh2AErn6P99SmRzHmbUHY7uJcmaOxLs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H/1.1 200
OK stats
stats2.videonow.ru/ 35 B
454 B 169ms
68ms Image
image/gif 212.76.131.35
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats2.videonow.ru/stats?profile_id=5015393&category_id=0&user_id=0fa220b6fee825bf2c93e211652b2dfb29a778b7&link_key=b180560fe23bd12de2631824a6f5c306&predictor=dead&location=https%3A%2F%2Fwww.liveinternet.ru%2F&event=pass&adv_id=7430&seq=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.76.131.35 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs14.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:46 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://ukrline.com.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,Authorization,Origin
Content-Length: 35

GET
H2 200 vn_providers_vpaid.js Show response
cdn.videonow.ru/v2/d374b1a5/ Frame 554D 135 KB
39 KB 295ms
63ms Script
application/javascript 151.236.67.192
CDNVIDEO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/v1/proxy/?url=https://static.videonow.ru/v2/d374b1a5/vn_module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.67.192 Moscow, Russian Federation, ASN57363 (CDNVIDEO-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3c8af798c8ecf72de20a400bb2e578c2ee1e8faefa984e117b9f0bd91a0773c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:25:29 GMT
server: nginx
etag: W/"62693639-21b27"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
expires: Mon, 02 May 2022 12:25:39 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ Frame 554D 286 KB
78 KB 66ms
66ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1a68a27453d8e033799e97fd27c595db04a88bc96ef588574bc11a213bc4216e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1651486187148153-3437764250455702123-sas3-0999-700-sas-l7-balancer-8080-BAL-1056
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:47 GMT

GET
H2 200 953eadf0b1ddecfeb5be.js Show response
yastatic.net/partner-code-bundles/575931/ Frame 554D 13 KB
5 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/953eadf0b1ddecfeb5be.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4468
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "8bfe6375420f5ddd290872d10aaad942"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:20 GMT

GET
H2 200 9c6a709e779e825bf49f.js Show response
yastatic.net/partner-code-bundles/575931/ Frame 554D 89 KB
19 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/9c6a709e779e825bf49f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18885
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "2af5080ab83da0cc0a0a8104e2076047"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame 554D 33 KB
9 KB 33ms
33ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:43:36 GMT

GET
H2 200 d764300e195c28c18d93.js Show response
yastatic.net/partner-code-bundles/575931/ Frame 554D 502 KB
104 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/575931/d764300e195c28c18d93.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 105415
last-modified: Fri, 29 Apr 2022 09:04:06 GMT
server: nginx/1.17.9
etag: "78a41bd4749038af54167b0920f5fef2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:44:15 GMT

GET
H/1.1 200
OK stats
stats2.videonow.ru/ 35 B
454 B 60ms
60ms Image
image/gif 212.76.131.35
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats2.videonow.ru/stats?profile_id=5015393&category_id=0&user_id=0fa220b6fee825bf2c93e211652b2dfb29a778b7&link_key=b180560fe23bd12de2631824a6f5c306&predictor=dead&location=https%3A%2F%2Fwww.liveinternet.ru%2F&event=pass&adv_id=7374&seq=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.76.131.35 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs14.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:47 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://ukrline.com.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,Authorization,Origin
Content-Length: 35

GET
H2 200 vn_providers_vpaid.js Show response
cdn.videonow.ru/v2/d374b1a5/ Frame 9E68 135 KB
39 KB 68ms
68ms Script
application/javascript 151.236.67.192
CDNVIDEO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js
Requested by: Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/v1/proxy/?url=https://static.videonow.ru/v2/d374b1a5/vn_module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.67.192 Moscow, Russian Federation, ASN57363 (CDNVIDEO-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3c8af798c8ecf72de20a400bb2e578c2ee1e8faefa984e117b9f0bd91a0773c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:25:29 GMT
server: nginx
etag: W/"62693639-21b27"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
expires: Mon, 02 May 2022 12:25:39 GMT

GET
H2 200 adsdk.js Show response
yandex.ru/ads/system/ Frame 9E68 72 KB
24 KB 60ms
60ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/adsdk.js

Requested by

Host: cdn.videonow.ru
URL: https://cdn.videonow.ru/v2/d374b1a5/vn_providers_vpaid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f220f8fdc81e9f517755d81ee853ce2d4a6edc37a7143e297f5663f88cb5b778

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1651486187376411-8965546203399923360-sas3-0999-700-sas-l7-balancer-8080-BAL-5487
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 02 May 2022 11:09:47 GMT

POST
H2 200 log
log.strm.yandex.ru/ Frame 9E68 0
216 B 177ms
56ms Ping
text/plain 2a02:6b8::28d
YNDX

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?VAS=576269&values=CreateLoader&bundleName=AdSDKLoader
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/adsdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ukrline.com.ua/?ref=22805
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.liveinternet.ru
access-control-expose-headers: Date
access-control-allow-credentials: true
timing-allow-origin: https://www.liveinternet.ru
date: Mon, 02 May 2022 10:09:47 GMT
content-length: 0
x-request-id: 1651486187581928-4217303742179290924

GET
H2 200 loader.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-576269/bundles-es2017/ Frame 9E68 562 KB
144 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-576269/bundles-es2017/loader.bundle.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/adsdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

efb93ddceb7b07882057789b9cdce4b13c68832989f9d95f617696134804064f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ukrline.com.ua/?ref=22805
Origin: https://www.liveinternet.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 146695
x-nginx-request-id: f1ec6c73417f5e68
last-modified: Fri, 29 Apr 2022 13:29:12 GMT
server: nginx/1.17.9
etag: "2753ebcd65fba86635cdef23ebb92089"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 May 2052 16:41:22 GMT

GET
H2 200 734464 Show response
yandex.ru/an/vmap/ Frame 9E68 2 KB
1 KB 63ms
63ms XHR
text/xml 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/vmap/734464?video-content-id=0&ad-session-id=7045081651486181599&pcode-icookie=HY7gizcvm66g1OsZz%2Fo1UWGdLYXwhyjQ1c%2FEEYJ0RgCOHC0CPQNppE2AelFZGprKskoIa7Jgrd%2BGgx8y%2FyOfkyFSL8g%3D&pcode-test-ids=568465%2C0%2C71%3B551983%2C0%2C23%3B576269%2C0%2C73&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22REQUEST_ADFOX_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22SHOW_LABEL_ON_SMALL_BUTTON%22%3A%22TRUE%22%2C%22VAS_SURVEY_CONVERT_TO_NEW_ADCREATIVE_SURVEY%22%3A%22VIDEO%22%2C%22VAS_ADCREATIVE_SURVEY_VERSION%22%3A%22v6919f23%22%2C%22VAS_ADVERTISER_INFO_LINK%22%3A%22TRUE%22%2C%22VAS_ENABLE_SURVEY_OLD_AD_CREATIVE_INTERNAL_MODULE%22%3A%22TRUE%22%2C%22VAS_NEW_CALL_TO_ACTION_TEXT%22%3A%22TRUE%22%2C%22ENABLE_UNSUPPORTED_LOADER_SCRIPT_SRC_WARNING%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FOR_HLS%22%3A%2210000%22%2C%22VAS_MOTION_TAILOR_COLOR_PALETTE_NAME%22%3A%22LIGHT_BG%22%2C%22VAS_STABLE_VERSION%22%3A%22574009%22%2C%22VAS_SURVEY_WAITING_FOR_FIRST_ANSWER_DURATION%22%3A%2220%22%2C%22REPEAT_VMAP_REQUEST_AFTER_INROLL%22%3A%22CTL%22%2C%22ADSDKVER%22%3A%22576269%22%7D&uniformat=true&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=576269&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=12045&vsid=b63947c93b83846729792aededb5b11c8db82abff132xVASx6269x1651486186&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&client-ts=1651486186785&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=576269%2C0%2C73&document-has-focus=true&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-576269/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5e675f7d7f73d5730d9951dddbcc4196764c7113d99957c1d6e094f6d1a95cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 02 May 2022 10:09:47 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:47 GMT

GET
H2 403 734464
yandex.ru/ads/meta/ Frame 9E68 27 B
0 65ms
65ms XHR
text/html 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/734464?imp-id=1&vmap-request-id=2319813851021634127&video-category-id=0&vsid=b63947c93b83846729792aededb5b11c8db82abff132xVASx6269x1651486186&client-timezone-offset=0&uniformat=true&video-content-id=0&ad-session-id=7045081651486181599&pcode-icookie=HY7gizcvm66g1OsZz%2Fo1UWGdLYXwhyjQ1c%2FEEYJ0RgCOHC0CPQNppE2AelFZGprKskoIa7Jgrd%2BGgx8y%2FyOfkyFSL8g%3D&pcode-test-ids=568465%2C0%2C71%3B551983%2C0%2C23%3B576269%2C0%2C73&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22REQUEST_ADFOX_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22SHOW_LABEL_ON_SMALL_BUTTON%22%3A%22TRUE%22%2C%22VAS_SURVEY_CONVERT_TO_NEW_ADCREATIVE_SURVEY%22%3A%22VIDEO%22%2C%22VAS_ADCREATIVE_SURVEY_VERSION%22%3A%22v6919f23%22%2C%22VAS_ADVERTISER_INFO_LINK%22%3A%22TRUE%22%2C%22VAS_ENABLE_SURVEY_OLD_AD_CREATIVE_INTERNAL_MODULE%22%3A%22TRUE%22%2C%22VAS_NEW_CALL_TO_ACTION_TEXT%22%3A%22TRUE%22%2C%22ENABLE_UNSUPPORTED_LOADER_SCRIPT_SRC_WARNING%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FOR_HLS%22%3A%2210000%22%2C%22VAS_MOTION_TAILOR_COLOR_PALETTE_NAME%22%3A%22LIGHT_BG%22%2C%22VAS_STABLE_VERSION%22%3A%22574009%22%2C%22VAS_SURVEY_WAITING_FOR_FIRST_ANSWER_DURATION%22%3A%2220%22%2C%22REPEAT_VMAP_REQUEST_AFTER_INROLL%22%3A%22CTL%22%2C%22ADSDKVER%22%3A%22576269%22%7D&target-ref=https%3A%2F%2Fwww.liveinternet.ru%2F&page-ref=&charset=UTF-8&video-session-id=2319813849619950159&enable-page-options=65536&rnd=0.3137380584574234&adsdk-bundle-version=576269&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=12045&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&client-ts=1651486186855&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=576269%2C0%2C73&document-has-focus=true&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-576269/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1651486187625523-6141874297943431014-sas3-0999-700-sas-l7-balancer-8080-BAL-2643
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/html; charset=windows-1251
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Mon, 02 May 2022 10:09:47 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 02 May 2022 10:09:47 GMT

POST log
log.strm.yandex.ru/ Frame 9E68 0
0

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/226279/ 2 KB
2 KB 104ms
103ms XHR
text/xml 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/226279/getCode?pp=eez&ps=buie&p2=eyit&pfc=a&pfb=a&plp=a&pli=a&pop=a&pct=d&puid5=1&puid6=1&puid30=36302&pr=134537281&eid1=36302:1345372813:134537281&extid_tag=adfox&extid=0fa220b6fee825bf2c93e211652b2dfb29a778b7&dl=http://videonow/lowcost/:liveinternet.ru

Requested by

Host: cdn.viqeo.tv
URL: https://cdn.viqeo.tv/v1/proxy/?url=https://static.videonow.ru/v2/d374b1a5/vn_module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1f36ccaed8e8af8aebe3d0ebae53a2fa637bbafeec9e5a505ada0c4e951c7a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 10:09:47 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1255307, "code_type":"unrepeatable_campaigns"}
x-yandex-req-id: 1651486187720585-18305457442378965753-sas3-0999-700-sas-l7-balancer-8080-BAL-6470
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 02 May 2022 10:09:47 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.liveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 02 May 2022 10:09:47 GMT

GET
H/1.1 200
OK stats
stats2.videonow.ru/ 35 B
454 B 48ms
46ms Image
image/gif 212.76.131.35
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats2.videonow.ru/stats?profile_id=5015393&category_id=0&user_id=0fa220b6fee825bf2c93e211652b2dfb29a778b7&link_key=b180560fe23bd12de2631824a6f5c306&predictor=dead&location=https%3A%2F%2Fwww.liveinternet.ru%2F&event=pass&adv_id=7938&seq=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.76.131.35 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS: vs14.videonow.ru
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 02 May 2022 10:09:47 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: http://ukrline.com.ua
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,Authorization,Origin
Content-Length: 35

GET
H2

200

1651486187
www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/
Redirect Chain

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029

43 B
297 B

56ms
56ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=029
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

1651486187
www.tns-counter.ru/V13b****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/
Redirect Chain

https://www.tns-counter.ru/V13a****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487
https://www.tns-counter.ru/V13b****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487

43 B
297 B

57ms
56ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****idsh_vid/ru/CP1251/tmsec=idsh_sid31308-vitid1/1651486187?vn=487
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

1
mc.yandex.ru/watch/66716692/
Redirect Chain

https://mc.yandex.ru/watch/66716692?page-url=31308%3Futm_source=%26utm_medium=%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru
https://mc.yandex.ru/watch/66716692/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

43 B
74 B

60ms
60ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/66716692/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
location: /watch/66716692/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

GET
H2

200

1
mc.yandex.ru/watch/50061703/
Redirect Chain

https://mc.yandex.ru/watch/50061703?page-url=31308%3Futm_source=%26utm_medium=36302:1345372813:134537281%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliv...
https://mc.yandex.ru/watch/50061703/1?page-url=31308%3Futm_source%3D%26utm_medium%3D36302%3A1345372813%3A134537281%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2F...

43 B
352 B

53ms
53ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/50061703/1?page-url=31308%3Futm_source%3D%26utm_medium%3D36302%3A1345372813%3A134537281%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
location: /watch/50061703/1?page-url=31308%3Futm_source%3D%26utm_medium%3D36302%3A1345372813%3A134537281%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

GET
H2 200 s.gif
px130.mediahills.ru/ 43 B
184 B 187ms
46ms Image
image/gif 89.108.82.15
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px130.mediahills.ru/s.gif?sid=31308&nocache=1651486187
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.82.15 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d52892.azlk.regrucolo.ru
Software: nginx /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
server: nginx
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

204

getCodeTest
ads.adfox.ru/226279/
Redirect Chain

https://ads.adfox.ru/226279/getCode?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b
https://ads.adfox.ru/226279/getCodeTest?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b

0
188 B

90ms
90ms

Image
text/plain

2a02:6b8::1be
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/226279/getCodeTest?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b

Protocol

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 02 May 2022 10:09:47 GMT
x-content-type-options: nosniff
timing-allow-origin: *

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
x-content-type-options: nosniff
location: /226279/getCodeTest?p1=cqozm&p2=fwbn&pfc=dsxjk&pfb=kbyrx&pr=1651486187&ptrc=b
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

1651486187
www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/
Redirect Chain

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044

43 B
297 B

57ms
55ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=044
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

1
mc.yandex.ru/watch/49969126/
Redirect Chain

https://mc.yandex.ru/watch/49969126?page-url=31308%3Futm_source=%26utm_medium=%26utm_campaign=%26utm_content=%26utm_term=&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru
https://mc.yandex.ru/watch/49969126/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

43 B
74 B

53ms
53ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/49969126/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
last-modified: Mon, 02-May-2022 10:09:47 GMT
strict-transport-security: max-age=31536000
location: /watch/49969126/1?page-url=31308%3Futm_source%3D%26utm_medium%3D%26utm_campaign%3D%26utm_content%3D%26utm_term%3D&page-ref=http%3A%2F%2Fvideonow%2Flowcost%2F%3Aliveinternet.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Mon, 02-May-2022 10:09:47 GMT

GET
H2

200

1651486187
www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/
Redirect Chain

https://www.tns-counter.ru/V13a****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832
https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832

43 B
297 B

56ms
55ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:48 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:47 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****idsh_vmon/ru/CP1251/tmsec=idsh_vtotal/1651486187?vn=832
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK optional.js Show response
static-mon.yandex.net/static/ 44 B
272 B 156ms
53ms XHR
text/html 2a02:6b8::402
YNDX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/optional.js?pid=liveinternet&script_key=4b2496pylwkv2wunSIImTHqrAM-Tc&reasure=false
Requested by: Host: www.liveinternet.ru
URL: https://www.liveinternet.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: /
Resource Hash: 1c070534736f94b07c57489a92e0e8d9091b2c9190faa6662a26acde04c0236b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.liveinternet.ru
Date: Mon, 02 May 2022 10:09:48 GMT
Access-Control-Allow-Credentials: true
Content-Length: 44
Vary: Origin
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_oe=ChMIw5vGusnA9wIVDMm7CB36DgQEEAAYACDypItQQhMI6YyyusnA9wIVial3Ch1yJAdE;met=1;&timestamp=1651486193275;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C9E8 42 B
494 B 80ms
42ms Image
image/gif 142.250.185.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw5vGusnA9wIVDMm7CB36DgQEEAAYACDypItQQhMI6YyyusnA9wIVial3Ch1yJAdE;met=1;&timestamp=1651486193275;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ukrline.com.ua/?ref=22805
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 May 2022 10:09:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yandex.ru
URL: https://yandex.ru/clck/click

Domain: log.strm.yandex.ru
URL: https://log.strm.yandex.ru/log?VAS=576269&error=BAD_PARTNER_OR_DOMAIN_FOR_VAST_REQUEST

Domain: log.strm.yandex.ru
URL: https://log.strm.yandex.ru/log?VAS=576269&error=BAD_PARTNER_OR_DOMAIN_FOR_VAST_REQUEST

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.liveinternet.ru/	1970-01-20 04:05:24	Name: chbx Value: guest
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -eEyHCk_WrI
.youtube.com/	1970-01-20 07:03:58	Name: VISITOR_INFO1_LIVE Value: UHXCX9Uc5do
.exchange.buzzoola.com/	1970-01-20 03:27:58	Name: uuid Value: a4b836f0-e74e-4d0f-408f-52eb39901b98
.otm-r.com/	1970-01-20 11:30:22	Name: mpid Value: NjI2ZmFkZTYwOTVhZDJmNg==
.betweendigital.com/	1970-01-20 11:30:22	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 11:30:22	Name: tuuid Value: 2812f45f-b283-527a-b942-6560db2dc886
.betweendigital.com/	1970-01-20 11:30:22	Name: ss Value: 1
.betweendigital.com/	1970-01-20 11:30:22	Name: unm Value: 1
.exchange.buzzoola.com/	1970-01-20 03:04:55	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.rutarget.ru/	1970-01-20 07:03:58	Name: userId Value: qwKEqwsQxEaJ
.an.yandex.ru/	1970-01-20 02:54:50	Name: yabs-vdrf Value: A0
.adhigh.net/	1970-01-20 11:30:22	Name: gi_u Value: un5JqXisILE.AikABlGAhD9Mlg
.yandex.ru/	1970-01-20 11:30:22	Name: yandexuid Value: 1838902911651486182
.mc.yandex.com/	1970-01-20 02:44:46	Name: sync_cookie_csrf Value: 3711411351fake
.mc.yandex.ru/	1970-01-20 02:44:46	Name: sync_cookie_csrf Value: 3003832156fake
.yandex.com/	1970-01-20 11:30:22	Name: yandexuid Value: 1838902911651486182
.yandex.com/	1970-01-20 11:30:22	Name: yuidss Value: 1838902911651486182
.mc.yandex.com/	1970-01-20 02:46:12	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 434620951651486183
.yandex.com/	1970-01-23 18:20:46	Name: i Value: rQizEe8Lc8mtyWyf6EDvNuUzQVYAjcffmD2vbegpq7lByNCkDPt4uPqQ0huztvQsxAtUw+XcZWu80mKAUgZvM0/HDVw=
.yandex.com/	1970-01-20 11:30:22	Name: ymex Value: 1683022183.yrts.1651486183#1683022183.yrtsi.1651486183
.doubleclick.net/	1970-01-20 12:06:22	Name: IDE Value: AHWqTUklVvvMelHihWlr2NUih6HmaQx2C5E55KaG457QHQmRL9fzWaBJHIULruNOgOU
.liveinternet.ru/	1970-01-20 12:06:22	Name: __gads Value: ID=9d3269cc972834d4:T=1651486182:S=ALNI_Mb37iwDqTsK7rjUwp82eUw3ehz7Dw
.adnxs.com/	1970-01-20 04:54:22	Name: uuid2 Value: 4976918212371149078
.casalemedia.com/	1970-01-20 11:30:22	Name: CMID Value: Ym.t5.5rLOSRX8KMd1ZqawAA
.casalemedia.com/	1970-01-20 04:54:22	Name: CMPS Value: 5183
.casalemedia.com/	1970-01-20 04:54:22	Name: CMPRO Value: 1192
.casalemedia.com/	1970-01-20 02:46:12	Name: CMST Value: Ym+t52JvrecA
.casalemedia.com/	1970-01-20 11:30:22	Name: CMRUM3 Value: 2d626fade72760CAESEPFnno63wTSoJKtiloemLhU
.adnxs.com/	1970-01-20 04:54:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?vvpxM!]tbPl1M>e)ZlrFUfJ+tGXxpWYR)4lNY./%>9a50<!Vp<UCi^@YZUOYvc2]D3If)y3KL9D3I?+Sg<1+]
.travelaudience.com/	1970-01-20 12:15:00	Name: _tracker Value: %7B%22UUID%22%3A%2271E07E07-A68C-4B7F-84AB-A0C14F3BB37E%22%7D
.w55c.net/	1970-01-20 12:15:00	Name: wfivefivec Value: OUZrPG231NLsZV5
.w55c.net/	1970-01-20 03:27:58	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 03:29:24	Name: C Value: 1
.360yield.com/	1970-01-20 04:54:22	Name: tuuid Value: 18f681ab-6523-43fc-8b6e-a52e4e8c498a
.360yield.com/	1970-01-20 04:54:22	Name: tuuid_lu Value: 1651486183
.adform.net/	1970-01-20 04:11:10	Name: uid Value: 3584346945923068274
.mathtag.com/	1970-01-20 12:10:41	Name: uuid Value: b36c626f-ade8-4d00-9d55-9daa7916254b
.mathtag.com/	1970-01-20 03:27:58	Name: mt_mop Value: 4:1651486184
.liveinternet.ru/	1970-01-20 11:30:22	Name: _ym_uid Value: 1651486182881230651
.liveinternet.ru/	1970-01-20 11:30:22	Name: _ym_d Value: 1651486184
.criteo.com/	1970-01-20 12:06:22	Name: uid Value: a457f3bc-b43e-4e23-8fab-e5e8c00e60ee
.yandex.ru/	1970-01-20 11:30:22	Name: yuidss Value: 1838902911651486182
.liveinternet.ru/	1970-01-20 02:45:58	Name: _ym_isad Value: 2
.viqeo.tv/	1970-01-20 03:29:24	Name: user_key Value: de929271ac17212ccc804cf2400aa1e4f05fd10a
.liveinternet.ru/	1970-01-20 12:06:22	Name: cto_bundle Value: S5tNFV8wd1NGd0FHNTNyeDUxbmtqRTlzOHF3Skk0bGNFJTJCVE4xUEFtVnFydUhOaGZRMFJVYmFFU0thaFdjeHprSjUlMkZROHNaSGx6TTI5THBJbVolMkJGbnR2VXU5VmxpJTJGZFRpTE1mNSUyQkgwd1N4RFpWNGVjbjJMalBYNXVnUEhRJTJGeDEyJTJGM3JJdUxRU0MzU2QzcVIwOVk0U0tVZ1BDUSUzRCUzRA
.yandex.ru/	1970-01-20 20:15:58	Name: i Value: 0/sQH1XIubqnKacUEwzK7Uo/0zUqqc51AhdOy3nTA8swshIbx7rCLdo+BZg8y1+qOIg4JaNVFbcB5t0M/QoWr+zWuXw=
.videonow.ru/	1970-01-20 11:30:22	Name: vn_user_key Value: 0fa220b6fee825bf2c93e211652b2dfb29a778b7
.videonow.ru/	1970-01-20 02:45:25	Name: ud Value: a%2Cs4663%2Cp5015393
.videonow.ru/	1970-01-20 02:54:03	Name: uw Value: a%2Cs4663%2Cp5015393
.videonow.ru/	1970-01-20 03:27:10	Name: um Value: a%2Cs4663%2Cp5015393
.betweendigital.com/	1970-01-20 11:30:22	Name: ut Value: Ym-t6gAFBSgzM_34uPv8Zs92vhP5G2N8Q4dACg==
.adhigh.net/	1970-01-20 11:30:22	Name: videonow_sync Value: jlE
.mts.ru/	1970-01-20 11:17:24	Name: dspid Value: 4db82a96-aded-409f-809d-929fe097d2f3
.rktch.com/	1970-01-20 03:27:58	Name: b_uid Value: 58afeb03220dd67635fdea25e488de40945f
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_30 Value: 2812f45f-b283-527a-b942-6560db2dc886
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_3 Value: un5JqXisILE.AikABlGAhD9Mlg
.relap.io/	1970-01-23 18:20:46	Name: unique Value: wOYd3vVi
.relap.io/	1970-01-23 18:20:46	Name: fsts Value: 1651486186
.relap.io/	1970-01-23 18:20:46	Name: lsts Value: 1651486186
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 2189447065aca63558081716ee01e4bbecc24faa--1af70ec230332b3bb791ff81963b42f8564ed0e678c78778d7a5339e0590b1cc
.relap.io/	1970-01-20 02:46:12	Name: hllc Value: 1
.whiteboxdigital.ru/	1970-01-20 20:16:47	Name: MiId Value: b510e33a-ff29-46e7-b7d2-c2ff8477c502
.utraff.com/	1970-01-20 03:28:08	Name: preutid Value: 1
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_7 Value: qwKEqwsQxEaJ
.adsniper.ru/	1970-01-27 09:56:46	Name: uuid3 Value: IiRmZTkxOWMwYy1jOWZmLTExZWMtODQzZC0wMDI1OTBjODI0Mzc*
.weborama.fr/	1970-01-20 12:10:41	Name: AFFICHE_W Value: rHXStlaV1cOs37
.adriver.ru/	1970-01-20 20:15:58	Name: cid Value: A90Rokr4y8o9WHlpfs9BwLQ
adx.com.ru/	1970-01-20 11:30:22	Name: yabbi-user Value: 626fadeaf0e015ca9390f4ec
.bumlam.com/	1970-01-27 09:56:46	Name: suuid3 Value: IiRmZTkxOWMwYy1jOWZmLTExZWMtODQzZC0wMDI1OTBjODI0Mzc*
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_32 Value: wOYd3vVi
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_4 Value: A90Rokr4y8o9WHlpfs9BwLQ
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_14 Value: fe919c0c-c9ff-11ec-843d-002590c82437
.dmg.digitaltarget.ru/	1970-01-21 04:39:58	Name: viuserid Value: 2qyDnsp4vvuQK0O7x6-f
.mts.ru/	1970-01-23 17:08:46	Name: mts_id Value: 9753149c-a7b0-4ccd-9731-a01479cd7c9d
.mts.ru/	1970-01-23 17:08:46	Name: mts_id_last_sync Value: 1651486186
.aidata.io/	1970-01-20 20:15:58	Name: __upin Value: JLmKGD9KjtOdODuA9st88Q
.aidata.io/	1970-01-20 20:15:58	Name: __upints Value: 1651486186
.videonow.ru/	1970-01-20 03:29:24	Name: dsp_28 Value: 4db82a96-aded-409f-809d-929fe097d2f3
.yandex.ru/	1970-01-20 20:15:58	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 20:15:58	Name: is_gdpr_b Value: CK2NTBDNcBgB
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2139890701651486187
.yandex.ru/	1970-01-20 11:30:22	Name: ymex Value: 1683022187.yrts.1651486187
.adfox.ru/	1970-01-20 11:31:48	Name: luid1 Value: cmvg:pfc:cmvg:pfc:a
.adfox.ru/	1970-01-20 11:31:48	Name: luid1_ts Value: fizyoxn:fizyoxn
.tns-counter.ru/	1970-01-20 11:30:22	Name: guid Value: 6F39691C626FADEBX1651486187

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yandex.ru/ads/meta/734464?imp-id=1&vmap-request-id=2319813851021634127&video-category-id=0&vsid=b63947c93b83846729792aededb5b11c8db82abff132xVASx6269x1651486186&client-timezone-offset=0&uniformat=true&video-content-id=0&ad-session-id=7045081651486181599&pcode-icookie=HY7gizcvm66g1OsZz%2Fo1UWGdLYXwhyjQ1c%2FEEYJ0RgCOHC0CPQNppE2AelFZGprKskoIa7Jgrd%2BGgx8y%2FyOfkyFSL8g%3D&pcode-test-ids=568465%2C0%2C71%3B551983%2C0%2C23%3B576269%2C0%2C73&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22REQUEST_ADFOX_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%22TRUE%22%2C%22SHOW_LABEL_ON_SMALL_BUTTON%22%3A%22TRUE%22%2C%22VAS_SURVEY_CONVERT_TO_NEW_ADCREATIVE_SURVEY%22%3A%22VIDEO%22%2C%22VAS_ADCREATIVE_SURVEY_VERSION%22%3A%22v6919f23%22%2C%22VAS_ADVERTISER_INFO_LINK%22%3A%22TRUE%22%2C%22VAS_ENABLE_SURVEY_OLD_AD_CREATIVE_INTERNAL_MODULE%22%3A%22TRUE%22%2C%22VAS_NEW_CALL_TO_ACTION_TEXT%22%3A%22TRUE%22%2C%22ENABLE_UNSUPPORTED_LOADER_SCRIPT_SRC_WARNING%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FOR_HLS%22%3A%2210000%22%2C%22VAS_MOTION_TAILOR_COLOR_PALETTE_NAME%22%3A%22LIGHT_BG%22%2C%22VAS_STABLE_VERSION%22%3A%22574009%22%2C%22VAS_SURVEY_WAITING_FOR_FIRST_ANSWER_DURATION%22%3A%2220%22%2C%22REPEAT_VMAP_REQUEST_AFTER_INROLL%22%3A%22CTL%22%2C%22ADSDKVER%22%3A%22576269%22%7D&target-ref=https%3A%2F%2Fwww.liveinternet.ru%2F&page-ref=&charset=UTF-8&video-session-id=2319813849619950159&enable-page-options=65536&rnd=0.3137380584574234&adsdk-bundle-version=576269&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=12045&top-ancestor=https%3A%2F%2Fwww.liveinternet.ru&top-ancestor-undetermined=0&client-ts=1651486186855&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=576269%2C0%2C73&document-has-focus=true&is-fullscreen=unknown&ad-pod-id=unknown Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.utraff.com
ad.adriver.ru
ad.mail.ru
ade.googlesyndication.com
adfox-c2s-ams.creativecdn.com
adfox-hb-bidder.rutarget.ru
ads.adfox.ru
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.viqeo.tv
avatars.mds.yandex.net
bb45b4bcbf656eba20407ab3439f697e.safeframe.googlesyndication.com
bidder.criteo.com
c1.adform.net
cdn.videonow.ru
cdn.viqeo.tv
cm.g.doubleclick.net
counter.yadro.ru
data.videonow.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.redllama.ru
dsum-sec.casalemedia.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.li.ru
ib.adnxs.com
log.strm.yandex.ru
match.360yield.com
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mediametrics.ru
mitdmp.whiteboxdigital.ru
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
pm.w55c.net
prodmp.ru
px.adhigh.net
px130.mediahills.ru
redirect.frontend.weborama.fr
relap.io
rtb.com.ru
rtb.videonow.ru
s0.2mdn.net
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssum-sec.casalemedia.com
static-mon.yandex.net
static.criteo.net
stats.viqeo.tv
stats2.videonow.ru
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
sync.videonow.ru
sync3.adsniper.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
videonow-sync.rutarget.ru
videotarget-sync.rutarget.ru
www.google.com
www.googletagservices.com
www.liveinternet.ru
www.tns-counter.ru
www.youtube.com
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
log.strm.yandex.ru
yandex.ru
116.202.85.93
142.250.184.194
142.250.185.162
142.250.185.66
142.250.186.130
142.250.186.66
144.76.118.200
151.236.67.192
151.236.71.1
178.250.2.131
178.250.2.146
185.15.175.133
185.184.8.90
188.34.131.130
188.42.196.115
188.72.107.156
188.72.107.194
193.106.92.202
194.190.76.38
195.201.108.196
195.209.108.51
195.209.111.15
2001:6d0:4001::226
212.76.131.35
212.76.131.50
212.76.131.55
213.87.44.187
217.65.2.150
217.66.147.162
23.35.236.247
2606:4700:3033::ac43:d997
2a00:1148:db00::17
2a00:1450:4001:801::2006
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::28d
2a02:6b8::36
2a02:6b8::402
2a02:6b8::90
2a02:6b8:a::a
2a02:878:2:9:0:1:2:21
31.172.81.159
31.172.81.172
35.157.46.192
35.190.0.66
35.190.24.218
37.157.4.40
37.18.16.16
37.252.172.38
45.9.24.193
51.89.9.253
52.211.8.77
74.121.143.245
81.163.17.245
83.222.109.36
83.222.114.188
83.222.115.14
88.212.196.113
88.212.201.210
88.212.202.50
89.108.119.28
89.108.82.15
89.108.97.2
95.163.37.253
95.217.193.114
00b9f964b6bd425d53575bc3d1fc8c34051c16b6a3ed78ddeccdc42c61c51880
01a6abb845acb6c7d42e864c32a5fb74480ff50f30d88d6e071176e0de2f9f3f
05875443595fb8a07f74fcaa1fc2f61b77dffaff2081e7a742631b37dc7bdb68
08210426af0053a4da68ee5733f3d7a55c46fc2b4b877481cac953f57576a121
0854ba4aeda95830ad5cf264c39b0effcc23cd187e621b791e0982f6d58bfaf4
08889b48a61c5dfe9af1a58b34c8fd91fe80ad8bd54b21e25264a130beb95b87
0b171ad819081daa759564555e65af7f113ac2d963fc9779c2d564916c166198
0b8a17793a0291b59ff3b8553ec9fe1d3cccc8cf1b482a408184d3a2f4d1405f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f3b77f0e991eef1999f1261098a011df936a2bbe75d20dfd013693ca02ba4a0
0f715f75ad3a0e5995fbe9d2ba6cc733f7d5466d19e9c4183b767e60bc3727a7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f842223ca63dec893973e9b82faebd0e2e367195fb2e46f102c5682a360fe9
1a2a973b315180e0c66fa0077f283830e37bfeba27f267dfdc2304c0bd944c45
1a68a27453d8e033799e97fd27c595db04a88bc96ef588574bc11a213bc4216e
1c070534736f94b07c57489a92e0e8d9091b2c9190faa6662a26acde04c0236b
1d6554b5de7e10dddfbe428cb4cac47bdec89851fd64932aca9c18398e3699c7
1ef0e5b472be2bd0da52e8f15c55a0d2241f27b655d86c0e1259796c13185840
1f36ccaed8e8af8aebe3d0ebae53a2fa637bbafeec9e5a505ada0c4e951c7a63
1f4f359199db0ca50d6a34ca0b8d74876bae227d0a29fdd82bdd22a835b44382
224fe0bbdbd3d99dca9fd08322fedee0730c737602a550a4810912986c7d06a6
22b2ca8aa5b6a0bd607683e9bbb638369150a334709db273306fa5f478fa56f2
2617adf8f5cb83097f156dbab8a660f1c336a6b7c7eb94218574ea37a57c8272
27d53a48b059310ec13d93a98120f51c8431ae8ea241c5dff83b20e9c3e1c6ed
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b1aa3a577a8d3f6b07d5dbdb094173604819f73d335e78762298bffac5391dc
2b4bfd88eb224b8ddd06b4449dddf8ceed5632d498409b0a0458378a8e165412
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
39aa39a2cfebf11b7a8054ddd0a1a08f5ada33c8ff3fde69ba6a8a1385dcdb69
3a232fce36ba7b58ea5c46f008834ced5a7ea25b61f3aafc1198cf0e9cfbe1c3
3a5f2c8ec0734e983f19a5a8843230c516212eae6440d5286ca3c07a98156e0f
3c4509da00ea790b9cd80646ad5bd0d2600c77888268abeeab96f89149018aa3
3d376242693b0638eddc94eac7a5dd62e3ba27f076a23e66bd7e6cb5bce16ff7
3da55e568e702d556e38da13bc5c2d1454743bf4e41e7e9a83ff033d9b027472
3e95b5d6251ce147bb21811f3711e2d10afba08a1cabbfb4ad97dd105d9661b2
3f0cf355f9b9a7412740fa906bbe0e7c9b583c6b8edd8b559fbe5c0202883081
44f78273c09dcf1c979615b565330601d70bd6cc546f3c44f90d0cbce66153ce
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b188a156b53d268639aa5756e6436fec005bffc38f1138d12769671d6fd4912
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4dfb29cbea54c47528ebc618efae492c82cca913e9ca20f9a43939bf07bf4ac7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57872fd25f4c257ab69a0652cdc7c0ae32c2874600c61a67621b6d67c1906bf1
5a1bacfda71f3f27975657786632aa27dd576e89c94b6ea6c762cecb9ff60718
5e675f7d7f73d5730d9951dddbcc4196764c7113d99957c1d6e094f6d1a95cf2
5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d
60afeaa61c2e1f5d949f8515e902ea5cf9aa7427ffc27946979a47c66aac03d3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659266e1891081f45405f90065fbfd1849577a5c6a8df8c14f8680b61a4494c8
67b5149e118833c325f62559db1efb40d9047c5f6ea3e8e12685e28a2545f717
68f3a3ca00a9b3f3336e1dcafedc5280d16b3d878f61ca3e72a883f0a7f91421
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
784df16a14e5dc3820fc1995f07b61712d8d2531e387d16eeecb7af8672ecc30
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7e13a73480283ea7702a7c762a362c4da09447668a3113c8b90a216095b58785
7e6dbb0edae85e0f5e06f9a8024cd8ab08ee46844247f3a67a363c1c3484539f
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
87af2c69f74516250827853ff4f672d58c00160dc51697c41973f52e9c60e7ae
881f7d0336a20545a8409dedf81449d35a2ba006ca34617ad4c9000fe042d3ec
8a21b7710d4ed040db83cefa915374b851d59f7267cb5c6d60f4ecae323195ef
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b02ba8596b3e520cd06fc86d605cf133cd0ba2bf47a0ab48e25ab62b17abdc1
8eed52d69e57e5292be8b972b338ad137ceec4f78b727376df819da9f528763d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
997a461d81c1c2ea9687c9b62cf7d9ee8da7791c551b6b9d16f4b8d06c37a6cc
9a8f5f8cf91d19e22455d6e2246b407dda5728a8334df70afb9b57f760235cbd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aafaf8bca24f575e0bebf700e6eaae531d66d786c516ec23ac553734ca640ec
9df81ff4267230f88d9c5be5ee5561882d6d2ba2b505a688cd1b2744352c5d20
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b53e53e3cfe0895eb0901ae8a791863c21afb67d57a34d745267b006ceeae7
a3c8af798c8ecf72de20a400bb2e578c2ee1e8faefa984e117b9f0bd91a0773c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac629b4b64121aeecf52e81c55120c0fd7d0cd2849a19e158979c499ec5e1467
af6ed3b0c1292c477cb64a22ab24ec0e7a9a4233ff00638b90cc61b0e1338f76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b0b35a72deb6d7c8abddc64d177588f6060c7a37f1f6b93fa5d2bdf6c90fea
b4a55f32f8e3c8c7c42227b75ba85d71cf261825cba511d4d6b55d0e63ca93ad
b650768f2426d107f7d36df05c09a7220941cec1ea265d2a82bcb6fcea341f2c
b6c2a75d41df7dac39059ce3ea6ab11c5b41265f42bd3e9a1d95058b05230ee5
ba24376abde567d70f27a4d8ea9ee6ce5cb5ff1ee62639b59f8d0f2fd9af0643
bc54c62a4a0ac6993bb5793321e866b32f74eb741eafa94ed816062b4379d51e
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c55a2c57e1f47380bbdbb8c307cd7a041c0ea2fa1c9d3411e796d8bc1dbcefa9
cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceafbbe919daa9db377a9f62a27e5163f6fa717109da55d131c7eb515642e9b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0
de93aedb142be3848afd749d101218260df5f54c6f0d6a1ca67df06bea50e939
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51fe106b5bb36a39b8ef41aa4e7b91a674fe64e4a92bfce39c97df3f7d9ac3a
e56958ad5b74d0b2647d89d31f6d497a97a063d59a4a5e0d4109e5d566f85be4
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed66fd9ec9132c3e970027bd2f86053f4a0db2bb075a70d0565aa557140daec1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb93ddceb7b07882057789b9cdce4b13c68832989f9d95f617696134804064f
f220f8fdc81e9f517755d81ee853ce2d4a6edc37a7143e297f5663f88cb5b778
f317800b8d9a747c44522bb71a55a0efba2592f5b4f2a239a0a5df12107fb856
f8e75cfee116c03faa91b6a117e8a638cca62eb82dc132e82cc1dc6d6ed0e5ab
fcfb9a79f788c9f877ade57fab270c05003ab6d5c22d7fee9c5fe34aa2d391f3
ff95237b3ce4ecb3458a74b63182e31a2e963b1ee147095210b7f2c0cf3ac898

www.liveinternet.ru Open in urlscan Pro 88.212.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

212 Requests

80 %HTTPS

34 %IPv6

56 Domains

84 Subdomains

60 IPs

9 Countries

3161 kBTransfer

9038 kBSize

87 Cookies

26 Outgoing links

Page URL History

Redirected requests

212 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.liveinternet.ru Open in urlscan Pro
88.212.202.50 Public Scan

Screenshot
Live screenshot

Full Image

212
Requests

80 %
HTTPS

34 %
IPv6

56
Domains

84
Subdomains

60
IPs

9
Countries

3161 kB
Transfer

9038 kB
Size

87
Cookies

212 HTTP transactions
4 data transactions