winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Submission: On November 26 via manual (November 26th 2021, 4:44:39 am UTC) from RU — Scanned from DE

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 40 domains to perform 70 HTTP transactions. The main IP is 188.40.254.211, located in Germany and belongs to HETZNER-AS, DE. The main domain is winintro.ru.
TLS certificate: Issued by R3 on October 22nd 2021. Valid for: 3 months.

This is the only time winintro.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	188.40.254.211 188.40.254.211	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 17	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2 3	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
1 1	159.69.64.121 159.69.64.121	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.38 195.209.108.38	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c0b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 4	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.148 185.15.175.148	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.108.196 195.201.108.196	24940 (HETZNER-AS) (HETZNER-AS)
2 2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
2 3	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.95.134 193.106.95.134	48614 (ITSOFT-AS) (ITSOFT-AS)
3 5	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	5.200.44.123 5.200.44.123	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
6 6	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	195.201.87.224 195.201.87.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	23.111.109.220 23.111.109.220	7979 (SERVERS-COM) (SERVERS-COM)
2 4	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
70	27

15 188.40.254.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cpanel10.coopertino.ru

winintro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 195.201.243.72 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.29.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.64.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1397441.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.141 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.38 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c0b3 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.159 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.148 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.108.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.108.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.95.134 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.120.68 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.44.123 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.168 (St Petersburg, Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.193.58.13 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.87.224 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.224.87.201.195.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.109.220 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.130 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	acint.net 2 redirects www.acint.net acint.net	16 KB
15	winintro.ru winintro.ru	40 KB
8	mts.ru 8 redirects sm.rtb.mts.ru tech.rtb.mts.ru	5 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	182 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	aidata.io 3 redirects x01.aidata.io	2 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	11 KB
4	bumlam.com 2 redirects sync.bumlam.com	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	8 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr	672 B
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	com.ru 3 redirects adx.com.ru	1 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	2 KB
2	google.com adservice.google.com www.google.com	2 KB
2	yandex.ru 1 redirects an.yandex.ru	664 B
2	konnektu.ru 2 redirects pixel.konnektu.ru	327 B
2	rktch.com 1 redirects ut.rktch.com	683 B
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	823 B
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	636 B
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	bidvol.com 1 redirects ssp.bidvol.com	458 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	beeline.ru 1 redirects 0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru	635 B
1	adlook.me 1 redirects ads.adlook.me	164 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	278 B
1	relap.io relap.io	1019 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm-eu.hybrid.ai	239 B
1	utraff.com a.utraff.com	819 B
1	mail.ru ad.mail.ru	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
70	40

	Domain	Requested by
15	winintro.ru	winintro.ru
13	www.acint.net	2 redirects winintro.ru www.acint.net
6	sm.rtb.mts.ru	6 redirects
6	pagead2.googlesyndication.com	winintro.ru pagead2.googlesyndication.com tpc.googlesyndication.com
5	x01.aidata.io	3 redirects www.acint.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
3	redirect.frontend.weborama.fr	3 redirects
3	sync.1dmp.io	2 redirects www.acint.net
3	adx.com.ru	3 redirects
3	ads.betweendigital.com	2 redirects www.acint.net
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	an.yandex.ru	1 redirects www.acint.net
2	pixel.konnektu.ru	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	api.advarkads.com	s3.advarkads.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
70	48

This site contains no links.

Subject Issuer	Validity	Valid
winintro.ru R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.acint.net R3	`2021-10-14` - `2022-01-12`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
*.bumlam.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Frame ID: F12665393DD2FEE7F6E710811EFFD11D
Requests: 26 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 090326B09F27230381E3C2646AE326C1
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 0AFEE45C707DA69B634D42E9922C54DB
Requests: 1 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
Frame ID: BFCB9150488DB7419C54F0C6ACE97066
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1637901875&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwinintro.ru%2Fauthm.ru%2Fhtml%2Fd1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637901875178&bpp=2&bdt=109&idt=71&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3384704634876&frm=20&pv=2&ga_vid=1905654776.1637901875&ga_sid=1637901875&ga_hid=1035533287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=3932076571388166&pem=502&tmod=1223460049&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94
Frame ID: 1BB0D40EC5F189C54BC94B49B3453EB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1637901875&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fauthm.ru%2Fhtml%2Fd1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637901875180&bpp=2&bdt=111&idt=99&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3384704634876&frm=20&pv=1&ga_vid=1905654776.1637901875&ga_sid=1637901875&ga_hid=1035533287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=10&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=3932076571388166&pem=502&tmod=1223460049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCWG8q7YMz&p=https%3A//winintro.ru&dtd=105
Frame ID: 9430A0FF706627DB551A3680F016C42A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8E13F1CFA33B66777DAA0582B0207B51
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FFF291D8E7D6D9574840FA736E7928B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Назначение роли группе приложения

Page Statistics

70
Requests

69 %
HTTPS

20 %
IPv6

40
Domains

48
Subdomains

27
IPs

6
Countries

286 kB
Transfer

752 kB
Size

76
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 20

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11&crf=1

Request Chain 21

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F3366A06113005B6F02C5D0B1

Request Chain 22

https://px.adhigh.net/p/cm/sape?u=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F3366A061EF00B22E022C5E11&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=xlKnTE83pN5.AikABlF9Wo85Hw

Request Chain 24

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6186288680 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=ArXS-Rmq4Kn7L4ySXVeCEzQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3366A061EF00B22E022C5E11

Request Chain 26

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=0154feeb-30e5-4198-906c-0bc3ddc36d40 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABizzIGNBlIEioaQK2IkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQw HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARizzIGNBlIEioaQK2IkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzNmoGHvALIuAixeEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzNmoGHvALIuAixeEQ&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 31

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11

Request Chain 34

https://adx.com.ru/sape-sync?uid=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a06633f0e015867d3a0e35&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D61a06633f0e015867d3a0e35%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D61a06633f0e015867d3a0e35%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a06633f0e015867d3a0e35%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61a06633f0e015867d3a0e35%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a06633f0e015867d3a0e35%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61a06633f0e015867d3a0e35%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=4018474317 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a06633f0e015867d3a0e35%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a06633f0e015867d3a0e35%2526dest%253D&webouid=tBGgGVeDMc7vM54r97efVu HTTP 302
https://prodmp.ru/yabbi.gif?uid=61a06633f0e015867d3a0e35&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61a06633f0e015867d3a0e35%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest=&bounce=1

Request Chain 35

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11&cs=1

Request Chain 36

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=djZddYk0thlC

Request Chain 37

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=acfcfafa-17cf-514a-9206-1344f3a67577

Request Chain 38

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=7494ea99d9ff415e914593374eca31b0

Request Chain 39

https://0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3366A061EF00B22E022C5E11 HTTP 301
https://www.acint.net/match?dp=111&euid=43702d07-5967-418b-bc02-ef0702b2447e

Request Chain 40

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=tBGgGVeDMc7vM54r97efVu&noredirect

Request Chain 41

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3366A061EF00B22E022C5E11 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F3366A061EF00B22E022C5E11 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=83b75183-1142-413b-a6fc-02ff5092ad38&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id= HTTP 301
https://www.acint.net/match?dp=125&euid=83b75183-1142-413b-a6fc-02ff5092ad38

Request Chain 42

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=87fb0ea0-65a4-423f-551d-a9de4a3890eb

Request Chain 43

https://s.uuidksinc.net/match/396/0100007F3366A061EF00B22E022C5E11 HTTP 302
https://www.acint.net/match?dp=127&euid=NAKYHYKOPi3pTftcQDMj

Request Chain 44

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=v7ykk6rqe6

Request Chain 47

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3366A061EF00B22E022C5E11 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3366A061EF00B22E022C5E11&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=9JJOFjtFEfwJq4SFEkET0g HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=9JJOFjtFEfwJq4SFEkET0g HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=83b75183-1142-413b-a6fc-02ff5092ad38&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253D9JJOFjtFEfwJq4SFEkET0g%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D9JJOFjtFEfwJq4SFEkET0g%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=9JJOFjtFEfwJq4SFEkET0g&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=83b75183-1142-413b-a6fc-02ff5092ad38&exu=9JJOFjtFEfwJq4SFEkET0g

Request Chain 49

https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11?redir-setuniq=1

Request Chain 59

https://dmg.digitaltarget.ru/1/1093/i/i?i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 60

https://dmg.digitaltarget.ru/1/1093/i/i?i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm Show response
winintro.ru/authm.ru/html/ 13 KB
4 KB 164ms
86ms Document
text/html 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

cpanel10.coopertino.ru

Software

nginx /

Resource Hash

38625d84930a51dd97e666fea25139db9399aa987bedb141f3238cf10cd2a073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 26 Nov 2021 04:44:35 GMT
content-type: text/html
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 59ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f608efd7ca60043bd6636ac1f2451e0a3f5ad01c6deebb71f197d4adb7c006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51205
x-xss-protection: 0
server: cafe
etag: 833036341597906030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:44:35 GMT

GET
H2 200 classic.css
winintro.ru/authm.ru/local/ 7 KB
2 KB 17ms
16ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winintro.ru/authm.ru/local/classic.css
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 47238430d0e20fbcd00d8eea8ddbedf4086cf6896a4abd965a9974fe58c17fda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 10 Dec 2018 15:55:36 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 26 Dec 2021 04:44:35 GMT

GET
H2 200 script.js Show response
winintro.ru/authm.ru/local/ 3 KB
1 KB 17ms
17ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winintro.ru/authm.ru/local/script.js
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 1e26c39956de81f98f5672fee343c16c3e36ee4ecf75bc0864eb2c9480fea639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 10 Dec 2018 15:55:36 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 26 Dec 2021 04:44:35 GMT

GET
H2 200 helpindex.css
winintro.ru/files/ 344 B
323 B 18ms
17ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winintro.ru/files/helpindex.css
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 10:36:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 26 Dec 2021 04:44:35 GMT

GET
H2 200 supply.js Show response
winintro.ru/files/ 1 KB
789 B 16ms
16ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winintro.ru/files/supply.js
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 10:36:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 26 Dec 2021 04:44:35 GMT

GET
H2 200 ext-all.css
winintro.ru/files/ 128 KB
21 KB 24ms
24ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://winintro.ru/files/ext-all.css
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 10:36:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 26 Dec 2021 04:44:35 GMT

GET
H2 200 procedure.gif
winintro.ru/authm.ru/local/ 560 B
739 B 14ms
13ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/authm.ru/local/procedure.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 8c11db5061f6c118d99e8903a5c37d38103c69e83b791cf776df57f1a3b1d89d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 10 Dec 2018 15:55:36 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 560
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 41ms
11ms Script
application/x-javascript 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: be7e9c67cd4a91eb797d66284f95943bb017dae0a8a4eafa37d2682d6c684875

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 11:51:23 GMT
server: openresty
etag: "619b843b-1d08"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7432
expires: Fri, 26 Nov 2021 16:44:35 GMT

GET
H2 200 bg.gif
winintro.ru/files/images/default/toolbar/ 904 B
1 KB 16ms
16ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/default/toolbar/bg.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:37:13 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 904
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 btn.gif
winintro.ru/files/images/default/button/ 4 KB
4 KB 16ms
16ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/default/button/btn.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:57 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 4298
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 home.png
winintro.ru/files/images/ 1 KB
1 KB 17ms
17ms Image
image/png 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/home.png
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:54 GMT
server: nginx
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1110
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 grid-blue-split.gif
winintro.ru/files/images/default/grid/ 817 B
996 B 17ms
17ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/default/grid/grid-blue-split.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:37:01 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 817
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 toc-panel.gif
winintro.ru/files/images/ 954 B
1 KB 16ms
16ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/toc-panel.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:55 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 954
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 print.gif
winintro.ru/files/images/ 1 KB
1 KB 17ms
17ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/images/print.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/ext-all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:55 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 1032
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 back.gif
winintro.ru/files/ 316 B
495 B 19ms
19ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/back.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/helpindex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:53 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 316
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2 200 next.gif
winintro.ru/files/ 314 B
493 B 17ms
16ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winintro.ru/files/next.gif
Requested by: Host: winintro.ru
URL: https://winintro.ru/files/helpindex.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 11 Jul 2016 10:36:53 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 314
expires: Tue, 25 Jan 2022 04:44:35 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 0903
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

12ms
12ms

Document
text/html

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: 5cbd9898cc7e3d3a950ce4d6ff9a3a38e51e507d13127087a711dc8b2add5c45

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

server: openresty
date: Fri, 26 Nov 2021 04:44:35 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Fri, 26 Nov 2021 04:44:35 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1

GET
H2 200 /
www.acint.net/hit/ 43 B
340 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=b32baf50-676c-4536-a49d-9cb3de9296f8&dp=10&tz=%2B00%3A00&nc=79542624&u=https%3A%2F%2Fwinintro.ru%2Fauthm.ru%2Fhtml%2Fd1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D0%B7%D0%BD%D0%B0%D1%87%D0%B5%D0%BD%D0%B8%D0%B5%20%D1%80%D0%BE%D0%BB%D0%B8%20%D0%B3%D1%80%D1%83%D0%BF%D0%BF%D0%B5%20%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F&oE=1&oP=1&dT=2021-11-26T04%3A44%3A35.164&fu=aef0266a-ffa6-4c37-9960-c119cfa38e31
Requested by: Host: winintro.ru
URL: https://winintro.ru/authm.ru/html/d1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

130c57ec5b30683b949cf823070682738f4022db8266dc653dc20626b9264559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99574
x-xss-protection: 0
server: cafe
etag: 6702890045954499413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:44:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 0AFE 11 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 25 Nov 2021 06:55:30 GMT
expires: Thu, 09 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 78545
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

match
ads.betweendigital.com/ Frame 0903
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11&crf=1

68 B
607 B

47ms
47ms

Image
image/png

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F3366A061EF00B22E022C5E11&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0903
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F3366A06113005B6F02C5D0B1

43 B
269 B

32ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F3366A06113005B6F02C5D0B1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F3366A06113005B6F02C5D0B1
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 0903
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F3366A061EF00B22E022C5E11
https://px.adhigh.net/p/cm/sape?u=0100007F3366A061EF00B22E022C5E11&bounced=1
https://acint.net/match?dp=17&euid=xlKnTE83pN5.AikABlF9Wo85Hw

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=xlKnTE83pN5.AikABlF9Wo85Hw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=xlKnTE83pN5.AikABlF9Wo85Hw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 0903 43 B
764 B 295ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Last-Modified: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 26 Nov 2021 10:44:35 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0903
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6186288680
https://www.acint.net/rmatch?dp=45&euid=ArXS-Rmq4Kn7L4ySXVeCEzQ&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3366A061EF00B22E022C5E11

42 B
201 B

69ms
69ms

Image
image/gif

81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 26 Nov 2021 04:44:35 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F3366A061EF00B22E022C5E11
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 0903 0
819 B 142ms
93ms Image
text/plain 2606:4700:3039::6815:c0b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c0b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0xz3qLNTDNChb9Iayh88Wnra0mmzyi768Tk7dCs2d7w39oHUcCgipabQuNQQueDq5tAd2w6zo78hyn4BEWgu%2B%2BWdE1vhwMhZ7dpygUzzzoRhmS0mT9MSvAZVJV4gqGRoPv2WW%2FYxerWQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6b4076607b4359a7-MXP
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 0903
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=0154feeb-30e5-4198-906c-0bc3ddc36d40
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABizzIGNBlIEioaQK2IkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQw
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARizzIGNBlIEioaQK2IkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**

43 B
552 B

7ms
7ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx
ETag: 8e40fb62-4e73-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARizzIGNBmIkMDE1NGZlZWItMzBlNS00MTk4LTkwNmMtMGJjM2RkYzM2ZDQwogEQjkD7Yk5zEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 0903 0
239 B 55ms
12ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F3366A061EF00B22E022C5E11

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 508
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 0903 3 KB
3 KB 300ms
50ms Script
application/javascript 185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 0903 0
69 B 51ms
11ms Image
text/plain 195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.108.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx/1.15.9

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzNmoGHvALIuAixeEQ
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzNmoGHvALIuAixeEQ&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

12ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 0903
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11

43 B
115 B

54ms
14ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Fri, 26 Nov 2021 04:44:35 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F3366A061EF00B22E022C5E11
date: Fri, 26 Nov 2021 04:38:53 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0903 42 B
201 B 288ms
66ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 0903 43 B
1019 B 213ms
53ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F3366A061EF00B22E022C5E11

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back10
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame 0903
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F3366A061EF00B22E022C5E11
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F3366A061EF00B22E022C5E11
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61a06633f0e015867d3a0e35&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a06633f0e015867d3a0e35%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61a06633f0e015867d3a0e35%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61a06633f0e015867d3a0e35%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61a06633f0...
https://prodmp.ru/yabbi.gif?uid=61a06633f0e015867d3a0e35&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61a06633f0e015867d3a0e35%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest=
https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest=&bounce=1

0
432 B

48ms
48ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Fri, 26 Nov 2021 04:44:34 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 26 Nov 2021 04:44:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Fri, 26 Nov 2021 04:44:34 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=9712851&id=61a06633f0e015867d3a0e35&dest=&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 26 Nov 2021 04:44:34 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 0903
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11&cs=1

35 B
378 B

11ms
11ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F3366A061EF00B22E022C5E11&cs=1
date: Fri, 26 Nov 2021 04:44:35 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=djZddYk0thlC

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=djZddYk0thlC
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=djZddYk0thlC
Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 0903
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=acfcfafa-17cf-514a-9206-1344f3a67577

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=acfcfafa-17cf-514a-9206-1344f3a67577
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=acfcfafa-17cf-514a-9206-1344f3a67577
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 0903
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=7494ea99d9ff415e914593374eca31b0

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=7494ea99d9ff415e914593374eca31b0
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=7494ea99d9ff415e914593374eca31b0
date: Fri, 26 Nov 2021 04:44:35 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru/p?ssp=sp&id=0100007F3366A061EF00B22E022C5E11
https://www.acint.net/match?dp=111&euid=43702d07-5967-418b-bc02-ef0702b2447e

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=43702d07-5967-418b-bc02-ef0702b2447e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 26 Nov 2021 04:44:35 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=43702d07-5967-418b-bc02-ef0702b2447e
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.60
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 0903
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F3366A061EF00B22E022C5E11
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://ut.rktch.com/matchspm?pi=1000006&pui=tBGgGVeDMc7vM54r97efVu&noredirect

88 B
88 B

51ms
51ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=tBGgGVeDMc7vM54r97efVu&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
via: 1.1 google
last-modified: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=tBGgGVeDMc7vM54r97efVu&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F3366A061EF00B22E022C5E11
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F3366A061EF00B22E022C5E11
https://tech.rtb.mts.ru/?dsp_uid=83b75183-1142-413b-a6fc-02ff5092ad38&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id=
https://www.acint.net/match?dp=125&euid=83b75183-1142-413b-a6fc-02ff5092ad38

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=83b75183-1142-413b-a6fc-02ff5092ad38
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:36 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 26 Nov 2021 04:44:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://www.acint.net/match?dp=125&euid=83b75183-1142-413b-a6fc-02ff5092ad38
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=87fb0ea0-65a4-423f-551d-a9de4a3890eb

43 B
269 B

12ms
12ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=87fb0ea0-65a4-423f-551d-a9de4a3890eb
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=87fb0ea0-65a4-423f-551d-a9de4a3890eb
date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F3366A061EF00B22E022C5E11
https://www.acint.net/match?dp=127&euid=NAKYHYKOPi3pTftcQDMj

43 B
269 B

12ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=NAKYHYKOPi3pTftcQDMj
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=NAKYHYKOPi3pTftcQDMj
date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 0903
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=v7ykk6rqe6

43 B
269 B

13ms
12ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=v7ykk6rqe6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=v7ykk6rqe6
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 35d3ef45-734d-42ee-b176-55e307ffdb36
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 0903 0
215 B 170ms
52ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 04:44:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F3366A061EF00B22E022C5E11
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 0903 0
189 B 185ms
59ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 0903
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3366A061EF00B22E022C5E11
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F3366A061EF00B22E022C5E11&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=9JJOFjtFEfwJq4SFEkET0g
https://sm.rtb.mts.ru/match/second?ssp=51&exu=9JJOFjtFEfwJq4SFEkET0g
https://tech.rtb.mts.ru/?dsp_uid=83b75183-1142-413b-a6fc-02ff5092ad38&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3D9JJOFjtFEfwJq4SFEkET0g%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=9JJOFjtFEfwJq4SFEkET0g&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=83b75183-1142-413b-a6fc-02ff5092ad38&exu=9JJOFjtFEfwJq4SFEkET0g

0
432 B

48ms
48ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=83b75183-1142-413b-a6fc-02ff5092ad38&exu=9JJOFjtFEfwJq4SFEkET0g
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:36 GMT
last-modified: Fri, 26 Nov 2021 04:44:35 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 26 Nov 2021 04:44:35 GMT

Redirect headers

Date: Fri, 26 Nov 2021 04:44:25 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=83b75183-1142-413b-a6fc-02ff5092ad38&exu=9JJOFjtFEfwJq4SFEkET0g
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 0903 0
523 B 7ms
7ms Image
text/html 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F3366A061EF00B22E022C5E11
an.yandex.ru/mapuid/sapeis/ Frame 0903
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11
https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11?redir-setuniq=1

43 B
108 B

47ms
46ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:44:35 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 04:44:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
last-modified: Fri, 26 Nov 2021 04:44:35 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F3366A061EF00B22E022C5E11?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 26 Nov 2021 04:44:35 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame BFCB 187 B
404 B 205ms
158ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b4076607c2f59fb-MXP
content-encoding: gzip

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
636 B 212ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

97772911273ae1f983405dcb187a27cd666dd3641dc74f2b265d833c2c10f221

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 212ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 217ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BB0 20 KB
5 KB 311ms
131ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1637901875&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwinintro.ru%2Fauthm.ru%2Fhtml%2Fd1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637901875178&bpp=2&bdt=109&idt=71&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3384704634876&frm=20&pv=2&ga_vid=1905654776.1637901875&ga_sid=1637901875&ga_hid=1035533287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=3932076571388166&pem=502&tmod=1223460049&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=94

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38d3d7a4167188cd441318a5ed224ba678fa9575b2c93d4063420058d7ef80b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 04:44:35 GMT
server: cafe
content-length: 5180
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 04:44:35 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9430 436 B
235 B 128ms
125ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1636916721&adf=3417174394&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1637901875&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwinintro.ru%2Fauthm.ru%2Fhtml%2Fd1397e5e-8bdd-415d-b67d-bbb19aeeeee2.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637901875180&bpp=2&bdt=111&idt=99&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3384704634876&frm=20&pv=1&ga_vid=1905654776.1637901875&ga_sid=1637901875&ga_hid=1035533287&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=10&ady=55&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937&oid=2&pvsid=3932076571388166&pem=502&tmod=1223460049&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QCWG8q7YMz&p=https%3A//winintro.ru&dtd=105

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98def3dd9cf9d682dce21e821ab4350a3336a601c9795efbe17f504ab20a4cd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 26 Nov 2021 04:44:35 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 26 Nov 2021 04:44:35 GMT
cache-control: private

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame BFCB 22 KB
7 KB 120ms
118ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1c07ef4846bac16c72d0ba01a5f3df8a7abdd985e9f0f9f408910f3a434e518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:35 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 24 Nov 2021 13:41:26 GMT
server: cloudflare
etag: "0878fa38e1d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6b407661bdd859fb-MXP
content-length: 7378

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 0903 15 KB
15 KB 95ms
94ms Script
application/javascript 185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=425365453903788
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame BFCB 43 B
389 B 164ms
61ms Image
image/gif 23.111.109.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F3366A061EF00B22E022C5E11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.111.109.220 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 26 Nov 2021 03:45:20 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0903
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A0...

49 B
602 B

51ms
51ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.583678963471556&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 0903
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A0...

49 B
602 B

56ms
56ms

Image
image/gif

185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 04:44:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Fri, 26 Nov 2021 04:44:35 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=26924901869731.188368163052373&a=77&e=0100007F3366A061EF00B22E022C5E11&pref=https%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F3366A061EF00B22E022C5E11.sync:up.xdua:duhoSAXgOq7IGOYNR6DPPfdc.xps:xpsBojnaGu2yikIqrlu7ljHNV.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 34ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5d37260fe87851ba6a9991873d9f359a9b93e5329c0f8e2455d32414d09bf8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 04:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9358
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 04:44:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8E13 12 KB
5 KB 24ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 25 Nov 2021 20:35:24 GMT
expires: Fri, 25 Nov 2022 20:35:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6FFF 783 B
1 KB 44ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c85239a55fd8f2701fc73d531d8a4d1f072dcd1054c1e6b3c13d635b37c98967

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LRTqKIqV8DOQ+qIs0dziog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 04:44:36 GMT
date: Fri, 26 Nov 2021 04:44:36 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-LRTqKIqV8DOQ+qIs0dziog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E13 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 17:25:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6FFF 0
0 60ms
60ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=3932076571388166&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=3932076571388166&bg=!u7iluPzNAAZQLpa_UC47ACkAdvg8WuD7u2AQJbOMeX4ztLvI7sGZr7VYPQnlA6ShbqohzCHLZUDhmwIAAABWUgAAAAhoAQcKANVPKO4-4Z74QwcMY1iEtePhJLWEy2cFoB8GM_fHX7DfnyK2yKR0khlStiDlPvCxYaV8fexqjTNLA2G7T4QLaHFZ7WcxUwIIOI0uToXC9W_RlyqQaUu5fCqVV83j04tRRfgFQeLWS61vODfxjT4VZnxA9DHWRvz3fatih7Sm7z0Gc1qMRSrI9p4YDO58VyJgr3XElEvXVi76dDpPpA0ay4vBgOBFqr7hZGHbYqQ6CQVfT6vgYmA9hqxMBapFcyWXnFm3AIPlIBfS3WoVL_D746WIUHr3iHuZAnKPtCOjBgaJN8aw030-Hc5aR6rfelVCZZAb4xRz57UERLDJkw4fFl39iyu89RXW1F60aAK81bV2LB7-y4cyAXzMCr0IlybpQTgLf7Zd9VdBO-2ngUsvCgNgY_ADF0k307MHH-lcWDTLJ-_CpPGQ-Ee6-_5pbYrJ_qWVRVGejco63to3HnnXoRiVHE_LHFTdkISLioDgZuP5bVEWJXo2EaeTv8-shP5l78AGwpJnGoDhDtCNRSBSQyZ5khmLQtJGDJd0FqHhhYuBi-y5gVGXG-UaZhyAN80KO0h8Lcl_8TJNQB93tR4QCuW11qcTH05imyu2w8dTCehDkM-1mGViFoVL-41-SK1GDAb00VEbzFIzW2f90h6Ko9o6FpjbLBC6A8heGbuqnDz75s2j0XAw3DaHlJ07lRk7B2YCDMMgWkpMJrUSD2qnF0dGaefbxhKQAg6ATqb4fdYRdM2EqL2qrrefLdqEOVAGHSG2CIVrP5UwOfZVsKZ44FB7f5VsZpdYNW2hf80iv2db2AqXB5Kuyh5c-8jx1a6zUe9BWTXepW0XzO5elJ_33VbMXog1UOx31GUorRFcOkZDQkcV826fola4cTawxqCIcbiNFf0nLhnbpICzMjVPOwnY2gOvE5Aw1WsLhQVo5sGsHUY-Ncp7blqFuFcQnLyEhroQ_VcI3NKIoDv7BrUkU7hCwbDeK4QK2DZ5L3kAsH1YHk0u-MlkHXq8j5tYJxTgUTIGcdB3g1pMPx4yXoG9g-lj6tt4ey44xPu6qwIevsbMnmYYMaJ0KwPyVJiDPQvirOuehnfMFP-5t0R0EroO7a9WG9FO4dRCD0GKCQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 04:44:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 11ms
11ms Image
image/gif 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=b32baf50-676c-4536-a49d-9cb3de9296f8&dp=10&tz=%2B00%3A00&nc=62932084&dT=2021-11-26T04%3A44%3A38.167
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:44:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winintro.ru/	1978-01-11 21:31:40	Name: fid Value: aef0266a-ffa6-4c37-9960-c119cfa38e31
.acint.net/	1970-01-19 22:58:22	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWGgZjMusgDvEV4sAhkL/24Vmy7j5lUUl7RNkpt/tZ+W
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp7v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp14v3 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp17 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp32 Value: 1637901875
.acint.net/	1970-01-19 22:59:48	Name: cSyncDp45v3 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp53 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp54v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp62 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp67v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp68 Value: 1637901875
.acint.net/	1970-01-19 23:18:31	Name: cSyncDp77 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp84 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp85 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp88 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp95v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp101 Value: 1637901875
.acint.net/	1970-01-19 23:18:31	Name: cSyncDp104v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp107 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp110 Value: 1637901875
.acint.net/	1970-01-19 23:18:31	Name: cSyncDp111v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp112v2 Value: 1637901875
.acint.net/	1970-01-19 23:19:57	Name: cSyncDp125v2 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp126 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp127 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp129 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp136 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp138 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp144 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp146 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp149 Value: 1637901875
.acint.net/	1970-01-19 23:41:33	Name: cSyncDp151 Value: 1637901875
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWGgZjNvWwATsdDFAn/NcRD20AjcgMtLWf+HhlDAFzHg
.utraff.com/	1970-01-19 23:41:44	Name: preutid Value: 1
.winintro.ru/	1970-01-20 08:19:57	Name: __gads Value: ID=8d7aa4580d346cbe-2230684506cc0011:T=1637901875:RT=1637901875:S=ALNI_MbsQ9jJIinlv6pW0M3e2iUEN4X1FQ
.adhigh.net/	1970-01-20 07:43:57	Name: gi_u Value: xlKnTE83pN5.AikABlF9Wo85Hw
.mail.ru/	1970-01-20 07:45:24	Name: VID Value: 0QbG-N0ldvo600000Y14H4I6:::0-0-0-6babef3:CAASEKQ8hC0zHWKKJdZK6kzl4S8aYKcR7UKH1u00orGr6AWLQhRv2JjzdIIievg9bulMsoF1fIn68_jCFaXMunn22nuFOHDAu0HO_Ze0jb6snoj7ShYmcVP0oWn_GbJkbbTNPjTYSCgZaRCFzYZ4fH3zRckvKQ
.betweendigital.com/	1970-01-20 07:43:57	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:43:57	Name: tuuid Value: acfcfafa-17cf-514a-9206-1344f3a67577
.betweendigital.com/	1970-01-20 07:43:57	Name: ss Value: 1
.doubleclick.net/	1970-01-20 08:19:57	Name: IDE Value: AHWqTUnY92XfxEhCyuAYWw4DCIbEKxdUUME7VNr5V8yoIjWsZPSxcRB1PFBVrgO23Iw
.republer.com/	1970-01-20 07:43:57	Name: ruid Value: 0154feeb-30e5-4198-906c-0bc3ddc36d40
.adhigh.net/	1970-01-20 07:43:57	Name: sape_sync Value: IGg
adx.com.ru/	1970-01-20 07:43:57	Name: yabbi-user Value: 61a06633f0e015867d3a0e35
.1dmp.io/	1970-01-20 07:43:57	Name: uid Value: 8e327600-4e73-11ec-8677-901b0e934d81
.relap.io/	1970-01-23 14:34:21	Name: unique Value: v5ns4Oes
.relap.io/	1970-01-23 14:34:21	Name: fsts Value: 1637901875
.relap.io/	1970-01-23 14:34:21	Name: lsts Value: 1637901875
.relap.io/	1969-12-31 23:59:59	Name: suid Value: efa24754683c9cfe3b501189abf2c250b208bd9c--7cfe1143ff5b25fbe4d4fc09a6d4b75175044d99de941a8b9d1728440ec2af6b
.relap.io/	1970-01-19 22:59:48	Name: hllc Value: 1
.relap.io/	1970-01-20 07:43:57	Name: rlpsprcs Value: eyJ0cyI6MTYzNzkwMTg3NSwidWlkIjoiMDEwMDAwN0YzMzY2QTA2MUVGMDBCMjJFMDIyQzVFMTEifQ--cd77fb46a2f61f2777698a798175e293d8ee72573a9b1b76740ec306e7d8e32e
.betweendigital.com/	1970-01-20 07:43:57	Name: ut Value: YaBmMwAIbEAH7re7qEWocwhrCnuRhHVkjM4JnQ==
.doubleclick.net/	1970-01-19 22:58:22	Name: test_cookie Value: CheckForPermission
.adriver.ru/	1970-01-20 16:29:33	Name: cid Value: ArXS-Rmq4Kn7L4ySXVeCEzQ
.weborama.fr/	1970-01-20 08:30:02	Name: AFFICHE_W Value: Yt-6BouO72Ji76
.uuidksinc.net/	1970-01-20 07:43:57	Name: jcsuuid Value: NAKYHYKOPi3pTftcQDMj
.adsniper.ru/	1970-01-27 06:10:21	Name: uuid3 Value: IiQ4ZTQwZmI2Mi00ZTczLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/	1970-01-27 06:10:21	Name: suuid3 Value: IiQ4ZTQwZmI2Mi00ZTczLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mts.ru/	1970-01-20 07:31:00	Name: dspid Value: 83b75183-1142-413b-a6fc-02ff5092ad38
ssp.bidvol.com/	1970-02-13 19:29:45	Name: bvuid Value: v7ykk6rqe6
.rktch.com/	1970-01-19 23:41:33	Name: b_uid Value: 20764eac5676975959f5bf0926d0a53b2a8b
.advarkads.com/	1970-01-20 16:29:33	Name: u Value: EAIsQaevlEq2e3rW66Z9Eg
.ops.beeline.ru/	1970-01-20 07:31:00	Name: BeeAID Value: 43702d07-5967-418b-bc02-ef0702b2447e
prodmp.ru/	1970-01-20 01:07:57	Name: rai Value: 9b933a2bb5e62826522946a1ceb26ffb
.rutarget.ru/	1970-01-20 03:17:33	Name: userId Value: djZddYk0thlC
.aidata.io/	1970-01-20 16:29:33	Name: __upints Value: 1637901875
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWGgZjNxN5j52cgtAg==
.mts.ru/	1970-01-23 13:22:21	Name: mts_id Value: 59c2b7d0-41a9-4f3f-94f3-b85355277c87
.mts.ru/	1970-01-23 13:22:21	Name: mts_id_last_sync Value: 1637901875
x01.aidata.io/	1970-01-19 23:02:41	Name: mts Value: 1
.yandex.ru/	1970-01-23 14:34:21	Name: yuidss Value: 1106750511637901875
.yandex.ru/	1970-01-23 14:34:21	Name: yandexuid Value: 1106750511637901875
.aidata.io/	1970-01-20 16:29:33	Name: __upin Value: U1turiFJPBqYw9iiw7JDUg
.dmg.digitaltarget.ru/	1970-01-21 00:53:33	Name: viuserid Value: OBVXj44rxIhCEWA7HJmB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f3366a061ef00b22e022c5e11-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cm.g.doubleclick.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
match.new-programmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
winintro.ru
www.acint.net
www.google.com
x01.aidata.io
109.248.237.36
130.193.58.13
142.250.185.66
142.250.186.98
159.69.64.121
185.15.175.130
185.15.175.148
188.34.131.134
188.40.254.211
188.42.29.196
193.106.95.134
193.232.148.141
194.190.117.94
195.201.108.196
195.201.243.72
195.201.87.224
195.209.108.38
213.87.44.187
217.65.2.150
217.66.147.168
23.111.109.220
2606:4700:10::6816:557
2606:4700:3039::6815:c0b3
2a00:1148:db00::17
2a00:1450:4001:802::2002
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a02:6b8::90
31.172.81.158
31.172.81.159
31.220.27.134
35.190.16.14
37.18.103.16
37.9.245.57
5.200.44.123
65.108.1.48
78.46.100.125
80.64.106.148
81.222.128.213
89.108.120.68
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5
130c57ec5b30683b949cf823070682738f4022db8266dc653dc20626b9264559
1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc
1e26c39956de81f98f5672fee343c16c3e36ee4ecf75bc0864eb2c9480fea639
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492
36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a
38625d84930a51dd97e666fea25139db9399aa987bedb141f3238cf10cd2a073
38d3d7a4167188cd441318a5ed224ba678fa9575b2c93d4063420058d7ef80b1
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
47238430d0e20fbcd00d8eea8ddbedf4086cf6896a4abd965a9974fe58c17fda
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5cbd9898cc7e3d3a950ce4d6ff9a3a38e51e507d13127087a711dc8b2add5c45
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c11db5061f6c118d99e8903a5c37d38103c69e83b791cf776df57f1a3b1d89d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
95f608efd7ca60043bd6636ac1f2451e0a3f5ad01c6deebb71f197d4adb7c006
97772911273ae1f983405dcb187a27cd666dd3641dc74f2b265d833c2c10f221
98def3dd9cf9d682dce21e821ab4350a3336a601c9795efbe17f504ab20a4cd4
9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73
a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c
be7e9c67cd4a91eb797d66284f95943bb017dae0a8a4eafa37d2682d6c684875
c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d
c5d37260fe87851ba6a9991873d9f359a9b93e5329c0f8e2455d32414d09bf8d
c85239a55fd8f2701fc73d531d8a4d1f072dcd1054c1e6b3c13d635b37c98967
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c07ef4846bac16c72d0ba01a5f3df8a7abdd985e9f0f9f408910f3a434e518

winintro.ru Open in urlscan Pro 188.40.254.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

70 Requests

69 %HTTPS

20 %IPv6

40 Domains

48 Subdomains

27 IPs

6 Countries

286 kBTransfer

752 kBSize

76 Cookies

0 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

69 %
HTTPS

20 %
IPv6

40
Domains

48
Subdomains

27
IPs

6
Countries

286 kB
Transfer

752 kB
Size

76
Cookies

70 HTTP transactions
0 data transactions