winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Submission Tags: falconsandbox
Submission: On January 20 via api (January 20th 2022, 8:46:50 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 44 domains to perform 113 HTTP transactions. The main IP is 188.40.254.211, located in Germany and belongs to HETZNER-AS, DE. The main domain is winintro.ru.

This is the only time winintro.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	188.40.254.211 188.40.254.211	24940 (HETZNER-AS) (HETZNER-AS)
15	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5 17	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 4	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1 1	159.69.64.121 159.69.64.121	24940 (HETZNER-AS) (HETZNER-AS)
4	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.142 193.232.148.142	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	81.222.128.16 81.222.128.16	20597 (ELTEL-AS) (ELTEL-AS)
2	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4975	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
4 6	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.158 185.15.175.158	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.129.43 148.251.129.43	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	5.200.44.35 5.200.44.35	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
5 5	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 3	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1 1	195.201.87.224 195.201.87.224	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
2	2606:4700:10:... 2606:4700:10::6816:457	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.42.29.80 188.42.29.80	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 4	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
113	36

25 188.40.254.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cpanel10.coopertino.ru

winintro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 46.4.121.26 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.183.20 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.64.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1397441.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.142 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.16 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad10.adriver.ru

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4975 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.159 (Muehlheim am Main, Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.158 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.129.43 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.44.35 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f35cae9619a082a770270a934-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.166 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-166-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.87.224 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.224.87.201.195.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.80 (Luxembourg)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.145 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	353 KB
25	winintro.ru winintro.ru	61 KB
21	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 35385 acint.net — Cisco Umbrella Rank: 28552	17 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	70 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 121910 dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	22 KB
4	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 2736	2 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 24531 ssp.adriver.ru — Cisco Umbrella Rank: 13446	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	3 KB
3	advarkads.com s3.advarkads.com — Cisco Umbrella Rank: 107349 api.advarkads.com — Cisco Umbrella Rank: 30415	8 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
3	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3286	767 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	40 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	501 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 45473	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	814 B
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12418	1 KB
2	republer.com 2 redirects sync.republer.com — Cisco Umbrella Rank: 49095	952 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	824 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	21 KB
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 94580	262 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 76831	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 48668	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 45116	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	206 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 25947	176 B
1	beeline.ru 1 redirects 0100007f35cae9619a082a770270a934-sp.ops.beeline.ru	635 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 56157	164 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 215066	416 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 114006	304 B
1	relap.io relap.io — Cisco Umbrella Rank: 29912
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 167542	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 235817	108 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 21128	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 31804	239 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 48913	817 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 7967	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	566 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	643 B
113	44

	Domain	Requested by
25	winintro.ru	winintro.ru
17	www.acint.net	5 redirects winintro.ru www.acint.net
15	pagead2.googlesyndication.com	winintro.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	tpc.googlesyndication.com	winintro.ru googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	sm.rtb.mts.ru	5 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
4	ads.betweendigital.com	3 redirects www.acint.net
3	x01.aidata.io	2 redirects www.acint.net
3	an.yandex.ru	1 redirects www.acint.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	winintro.ru
1	api.advarkads.com	s3.advarkads.com
1	pixel.konnektu.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f35cae9619a082a770270a934-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
113	55

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.acint.net R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2022-01-02` - `2023-02-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Frame ID: F29FA56DDDB6605B37F9FFEB2F7781CB
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Frame ID: 647414EA56A8A4090754E2F77241D20C
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 44180C2DEEA837DB09E56978AC862A31
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1642711605&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&ea=0&flash=0&pra=5&wgl=1&dt=1642711605074&bpp=5&bdt=99&idt=114&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6972194227953&frm=20&pv=2&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=128
Frame ID: 38F0B6DFFD4F2F333A8E6493ED548CE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642711605&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642711605089&bpp=15&bdt=114&idt=118&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6972194227953&frm=20&pv=1&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mr24csvnxs&p=http%3A//winintro.ru&dtd=125
Frame ID: F68E042DDF5BCFC0605C2FB3D4E502B3
Requests: 15 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
Frame ID: 673118BE1DFE71555C0D8640700D4BB3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1
Frame ID: 260BD1A5F59821A02520730E24C181EE
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 58DCE92B2AEB41A871CCC95A68E33823
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: E04620BA6E11503F6D9C873F04F1FAC9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72520151AECE587EDF38C0E067D92D2A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1BA6BFF3F4870B6588B565FAFD89B463
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Installing a Server Certificate for TLS Encryption

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

113
Requests

55 %
HTTPS

28 %
IPv6

44
Domains

55
Subdomains

36
IPs

6
Countries

672 kB
Transfer

1721 kB
Size

71
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 29

http://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-20T20%3A46%3A45.162&fu=82bf6b4e-abca-4ac4-b6d9-0b45043677f1 HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-20T20%3A46%3A45.162&fu=82bf6b4e-abca-4ac4-b6d9-0b45043677f1

Request Chain 35

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934&crf=1

Request Chain 36

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F35CAE9611A002D6802BE5F0E

Request Chain 37

https://px.adhigh.net/p/cm/sape?u=0100007F35CAE9619A082A770270A934 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F35CAE9619A082A770270A934&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=uLZ95QTTb70o.AikABlF-eT3giw

Request Chain 39

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4633220582 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AxAAYXDCWPpfWCwmywcncDg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F35CAE9619A082A770270A934

Request Chain 41

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=63bc5dad-dd78-47be-8219-875b2305a820 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi1lKePBlIEioaQK2IkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIw HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi1lKePBlIEioaQK2IkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**

Request Chain 45

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=bd5eb225-7015-4e1e-9176-b31a5ddd2e12

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzXK6WGaCCp3AnCpNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzXK6WGaCCp3AnCpNA&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 47

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934

Request Chain 50

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=RPKCBBAZ

Request Chain 51

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934&cs=1

Request Chain 52

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=ycd-MG1LnGR7

Request Chain 53

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=050dfd3d-3a10-5314-9581-7368f468b95d

Request Chain 54

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=de6e6580bd524bbcbf242dac9a9df3d0

Request Chain 55

https://0100007f35cae9619a082a770270a934-sp.ops.beeline.ru/p?ssp=sp&id=0100007F35CAE9619A082A770270A934 HTTP 301
https://www.acint.net/match?dp=111&euid=3ca69b82-2cad-40a4-85ff-f67c847bc404

Request Chain 56

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F35CAE9619A082A770270A934 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4206219832 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=cqcO.R1JgcTFWmKcd5retu&noredirect

Request Chain 57

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F35CAE9619A082A770270A934 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F35CAE9619A082A770270A934 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F2oWbSUaoT5q05LxBENj1lg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D1067934030 HTTP 302
https://an.yandex.ru/setud/mts_banner/2oWbSUaoT5q05LxBENj1lg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1067934030

Request Chain 58

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=0620bba9-0ad4-4843-503f-4f03c2bd9daa

Request Chain 59

https://s.uuidksinc.net/match/396/?remote_uid=0100007F35CAE9619A082A770270A934 HTTP 302
https://www.acint.net/match?dp=127&euid=203yYnNxIWeHsMsXg4Ja

Request Chain 60

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=1horvixjqc

Request Chain 63

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F35CAE9619A082A770270A934 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F35CAE9619A082A770270A934&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=O%2FOeuhpIWsqtRPuojGKRkA HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=O%2FOeuhpIWsqtRPuojGKRkA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253DO%25252FOeuhpIWsqtRPuojGKRkA%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DO%252FOeuhpIWsqtRPuojGKRkA%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=O%2FOeuhpIWsqtRPuojGKRkA&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&exu=O%!F(string=%20%20)OeuhpIWsqtRPuojGKRkA

Request Chain 65

https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934?redir-setuniq=1

Request Chain 85

https://dmg.digitaltarget.ru/1/1093/i/i?i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 86

https://dmg.digitaltarget.ru/1/1093/i/i?i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 115

http://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165

113 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm Show response
winintro.ru/mail.en/html/ 23 KB
6 KB 150ms
98ms Document
text/html 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

HTTP/1.1

Server

188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

cpanel10.coopertino.ru

Software

nginx /

Resource Hash

96adb6aed4d55606a21f9e51fc509deca81c4c039735411b6b89eac505eb7152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 20:46:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27009fc7dd4a2c80735fc5a90a576f47c6fc0d4d6116e58a6dc704cea755b17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5549114219751288944
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51913
X-XSS-Protection: 0
Expires: Thu, 20 Jan 2022 20:46:45 GMT

GET
H/1.1 200
OK classic.css
winintro.ru/mail.en/local/ 20 KB
5 KB 13ms
12ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/classic.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 36a58af6acd580caed252ea70ef765cbf3aad5614493d92e3e6497e9f2714bf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:44 GMT

GET
H/1.1 200
OK script.js Show response
winintro.ru/mail.en/local/ 540 B
661 B 48ms
37ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 8f6eb5eabb0fa96e48ff327248293e07045d9a997d7ea94591ea27fdb5f8ca64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H/1.1 200
OK helpindex.css
winintro.ru/files/ 344 B
475 B 48ms
37ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/helpindex.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H/1.1 200
OK supply.js Show response
winintro.ru/files/ 1 KB
946 B 47ms
36ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/supply.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:54 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H/1.1 200
OK ext-all.css
winintro.ru/files/ 128 KB
21 KB 49ms
39ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/ext-all.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H/1.1 200
OK drpdown.gif
winintro.ru/mail.en/local/ 221 B
518 B 12ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/drpdown.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 107f0e3adef7081c3bed0dbd9d7e1c6452c9ff41e2dc99cf54c6b1a881b5eadc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK drpdown_orange.gif
winintro.ru/mail.en/local/ 366 B
663 B 12ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/drpdown_orange.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: beeb534d6c70067397c12083829c0035f2d487e5f1e915548610d8554713c527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK collapse.gif
winintro.ru/mail.en/local/ 64 B
360 B 12ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/collapse.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: bdfca3b83c07515b186ac33c4be77f4d365e0774ce320f97fa2c0908280f47bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK exp.gif
winintro.ru/mail.en/local/ 67 B
363 B 13ms
12ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/exp.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 3ce490a72bc04c46e0cd83344b2686577f7c7c8e639a84eb63dbb4c2edc2b10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK collall.gif
winintro.ru/mail.en/local/ 75 B
371 B 12ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/collall.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: ced1fc5ecb99005fdea3fbc0e4c1fb94b042ed70bb66a3377e706fd98415cf10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK expall.gif
winintro.ru/mail.en/local/ 78 B
374 B 22ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/expall.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: ab0eeca7d621e00b7252a85cbc727e7ec0d5a477aaae70dda8fd0fe4b8dcbcd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK copycode.gif
winintro.ru/mail.en/local/ 578 B
875 B 38ms
37ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/copycode.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 18b9f3122939296670d9a8e54c3c761a2f044ef1911decfd7622c07b00511bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 578
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK copycodehighlight.gif
winintro.ru/mail.en/local/ 578 B
875 B 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/copycodehighlight.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 28608624095ea76fa24ce781fc3f495cc461af6e7154f9f5bc78b35c87fe74ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 578
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK note.gif
winintro.ru/mail.en/local/ 123 B
420 B 12ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/note.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 9f761e54e38437a6a2572d15e14f6353ad3b3e91b6a055a5fc365b8ff8c29fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:59 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK script_loc.js Show response
winintro.ru/mail.en/local/ 2 KB
1 KB 13ms
12ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script_loc.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/local/script.js
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 72b2a74df4ad58f0758dbdbe5d74a3d45c33682f82736ef3c4a79c2b2b266a27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H/1.1 200
OK script_main.js Show response
winintro.ru/mail.en/local/ 39 KB
9 KB 13ms
12ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script_main.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/local/script.js
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: df04acf60876cf11c1ad96c8c00cff00373b68ab6d9e7ba22cb5a3ec2339de56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 19 Feb 2022 20:46:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 284 KB
103 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b06f817bc8877172dc8b712c3fca3f1cec9b3fa9508074811c274f9995e59ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104511
x-xss-protection: 0
server: cafe
etag: 14885114657223251790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 20:46:45 GMT

GET
H/1.1 200
OK bg.gif
winintro.ru/files/images/default/toolbar/ 904 B
1 KB 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/toolbar/bg.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:37:13 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 904
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK btn.gif
winintro.ru/files/images/default/button/ 4 KB
4 KB 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/button/btn.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:57 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4298
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK home.png
winintro.ru/files/images/ 1 KB
1 KB 11ms
11ms Image
image/png 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/home.png
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:54 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1110
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK grid-blue-split.gif
winintro.ru/files/images/default/grid/ 817 B
1 KB 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/grid/grid-blue-split.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:37:01 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 817
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK toc-panel.gif
winintro.ru/files/images/ 954 B
1 KB 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/toc-panel.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 954
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK print.gif
winintro.ru/files/images/ 1 KB
1 KB 11ms
11ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/print.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1032
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/ Frame 6474 11 KB
5 KB 31ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Thu, 20 Jan 2022 15:43:32 GMT
expires: Thu, 03 Feb 2022 15:43:32 GMT
cache-control: public, max-age=1209600
age: 18193
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 43ms
12ms Script
application/x-javascript 46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:23:00 GMT
server: openresty
etag: "61a4d434-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Fri, 21 Jan 2022 08:46:45 GMT

GET
H/1.1 200
OK back.gif
winintro.ru/files/ 316 B
613 B 13ms
12ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/back.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H/1.1 200
OK next.gif
winintro.ru/files/ 314 B
611 B 13ms
13ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/next.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 314
Expires: Mon, 21 Mar 2022 20:46:45 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 4418
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

12ms
12ms

Document
text/html

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: 78cf89a3e0c71072014fecdaa90aebfd89a838511fa2b8ebaa21a1c0c64e9478

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

server: openresty
date: Thu, 20 Jan 2022 20:46:45 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Thu, 20 Jan 2022 20:46:45 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&...
https://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=...

43 B
224 B

11ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-20T20%3A46%3A45.162&fu=82bf6b4e-abca-4ac4-b6d9-0b45043677f1
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=36778339&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-20T20%3A46%3A45.162&fu=82bf6b4e-abca-4ac4-b6d9-0b45043677f1
Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
643 B 51ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6db97f168e5c25ed287f4455f10b979f6a472eb1a072519817535e2817107e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 60ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38F0 72 KB
28 KB 573ms
573ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1642711605&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&ea=0&flash=0&pra=5&wgl=1&dt=1642711605074&bpp=5&bdt=99&idt=114&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6972194227953&frm=20&pv=2&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19c13ad1dff99e4866b6ac7a5cca0a34d639c7e577d76fc9945aa127b2b835d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 Jan 2022 20:46:45 GMT
server: cafe
content-length: 28434
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Jan 2022 20:46:45 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F68E 94 KB
31 KB 938ms
938ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642711605&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642711605089&bpp=15&bdt=114&idt=118&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6972194227953&frm=20&pv=1&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mr24csvnxs&p=http%3A//winintro.ru&dtd=125

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4095c8610d6bc2b8bc2c896b45d64da0dc8d06a1277815f183dd74695f9b3a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 Jan 2022 20:46:46 GMT
server: cafe
content-length: 31856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 Jan 2022 20:46:46 GMT
cache-control: private

GET
H2

200

match
ads.betweendigital.com/ Frame 4418
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934&crf=1

68 B
607 B

95ms
95ms

Image
image/png

96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F35CAE9619A082A770270A934&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 4418
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F35CAE9611A002D6802BE5F0E

43 B
270 B

41ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F35CAE9611A002D6802BE5F0E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F35CAE9611A002D6802BE5F0E
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 4418
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F35CAE9619A082A770270A934
https://px.adhigh.net/p/cm/sape?u=0100007F35CAE9619A082A770270A934&bounced=1
https://acint.net/match?dp=17&euid=uLZ95QTTb70o.AikABlF-eT3giw

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=uLZ95QTTb70o.AikABlF-eT3giw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=uLZ95QTTb70o.AikABlF-eT3giw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 4418 43 B
764 B 184ms
61ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 21 Jan 2022 02:46:45 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 4418
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4633220582
https://www.acint.net/rmatch?dp=45&euid=AxAAYXDCWPpfWCwmywcncDg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F35CAE9619A082A770270A934

42 B
201 B

343ms
71ms

Image
image/gif

81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Thu, 20 Jan 2022 20:46:45 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F35CAE9619A082A770270A934
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 4418 0
817 B 127ms
74ms Image
text/plain 2606:4700:20::ac43:4975
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jCNdYOc9M0JPD2LYfd8TttbaQapiP9csQ4UVg%2Blr2wjfWeflvrjnTjz6qurLfsKKMY3q6ayWxtajkBUZG2FrQsDLhdkzMqCrnSI41Sy629fm7snRaD1if4x77IyBIEjEV6NnECXQXYQkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6d0b276d0bd959b3-MXP
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 4418
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=63bc5dad-dd78-47be-8219-875b2305a820
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi1lKePBlIEioaQK2IkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIw
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi1lKePBlIEioaQK2IkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**

43 B
552 B

7ms
6ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx
ETag: 14b5f8ca-7a32-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARi1lKePBmIkNjNiYzVkYWQtZGQ3OC00N2JlLTgyMTktODc1YjIzMDVhODIwogEQFLX4ynoyEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 4418 0
239 B 52ms
14ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F35CAE9619A082A770270A934

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 506
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 4418 3 KB
3 KB 183ms
50ms Script
application/javascript 185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 4418 0
69 B 49ms
11ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx/1.17.0

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=bd5eb225-7015-4e1e-9176-b31a5ddd2e12

43 B
269 B

11ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=bd5eb225-7015-4e1e-9176-b31a5ddd2e12
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=bd5eb225-7015-4e1e-9176-b31a5ddd2e12
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzXK6WGaCCp3AnCpNA
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfzXK6WGaCCp3AnCpNA&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

12ms
12ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 4418
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934

43 B
115 B

58ms
15ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Thu, 20 Jan 2022 20:46:45 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F35CAE9619A082A770270A934
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 4418 42 B
201 B 436ms
68ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 404 sprcs
relap.io/partners/ Frame 4418 0
0 237ms
61ms Image
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://relap.io/partners/sprcs?uid=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=RPKCBBAZ

43 B
269 B

11ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=RPKCBBAZ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=RPKCBBAZ
Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 4418
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934&cs=1

35 B
376 B

12ms
11ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F35CAE9619A082A770270A934&cs=1
date: Thu, 20 Jan 2022 20:46:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=ycd-MG1LnGR7

43 B
269 B

12ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=ycd-MG1LnGR7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=ycd-MG1LnGR7
Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 4418
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=050dfd3d-3a10-5314-9581-7368f468b95d

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=050dfd3d-3a10-5314-9581-7368f468b95d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=050dfd3d-3a10-5314-9581-7368f468b95d
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 4418
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=de6e6580bd524bbcbf242dac9a9df3d0

43 B
269 B

14ms
13ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=de6e6580bd524bbcbf242dac9a9df3d0
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=de6e6580bd524bbcbf242dac9a9df3d0
date: Thu, 20 Jan 2022 20:46:45 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://0100007f35cae9619a082a770270a934-sp.ops.beeline.ru/p?ssp=sp&id=0100007F35CAE9619A082A770270A934
https://www.acint.net/match?dp=111&euid=3ca69b82-2cad-40a4-85ff-f67c847bc404

43 B
269 B

11ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=3ca69b82-2cad-40a4-85ff-f67c847bc404
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 20 Jan 2022 20:46:45 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=3ca69b82-2cad-40a4-85ff-f67c847bc404
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.36
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 4418
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F35CAE9619A082A770270A934
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=4206219832
https://ut.rktch.com/matchspm?pi=1000006&pui=cqcO.R1JgcTFWmKcd5retu&noredirect

88 B
88 B

46ms
46ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=cqcO.R1JgcTFWmKcd5retu&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
via: 1.1 google
last-modified: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=cqcO.R1JgcTFWmKcd5retu&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

2oWbSUaoT5q05LxBENj1lg
an.yandex.ru/setud/mts_banner/ Frame 4418
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F35CAE9619A082A770270A934
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F35CAE9619A082A770270A934
https://tech.rtb.mts.ru/?dsp_uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F2oWbSUaoT5q05LxBENj1lg%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/2oWbSUaoT5q05LxBENj1lg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1067934030

43 B
103 B

64ms
64ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/2oWbSUaoT5q05LxBENj1lg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1067934030

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 20:46:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Jan 2022 20:46:45 GMT

Redirect headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/2oWbSUaoT5q05LxBENj1lg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1067934030
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=0620bba9-0ad4-4843-503f-4f03c2bd9daa

43 B
269 B

11ms
10ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=0620bba9-0ad4-4843-503f-4f03c2bd9daa
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=0620bba9-0ad4-4843-503f-4f03c2bd9daa
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F35CAE9619A082A770270A934
https://www.acint.net/match?dp=127&euid=203yYnNxIWeHsMsXg4Ja

43 B
269 B

11ms
10ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=203yYnNxIWeHsMsXg4Ja
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=203yYnNxIWeHsMsXg4Ja
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 4418
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=1horvixjqc

43 B
269 B

13ms
12ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=1horvixjqc
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=1horvixjqc
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: eb9dd339-9d09-4705-b3d0-c4789ce9f5f2
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 4418 0
215 B 141ms
44ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jan 2022 20:46:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F35CAE9619A082A770270A934
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 4418 0
189 B 460ms
61ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:46 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 4418
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F35CAE9619A082A770270A934
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F35CAE9619A082A770270A934&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=O%2FOeuhpIWsqtRPuojGKRkA
https://sm.rtb.mts.ru/match/second?ssp=51&exu=O%2FOeuhpIWsqtRPuojGKRkA
https://tech.rtb.mts.ru/?dsp_uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3DO%252FOeuhpIWsqtRPuojGKRkA%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=O%2FOeuhpIWsqtRPuojGKRkA&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&exu=O%!F(string=%20%20)OeuhpIWsqtRPuojGKRkA

0
432 B

45ms
45ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&exu=O%!F(string=%20%20)OeuhpIWsqtRPuojGKRkA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:46 GMT
last-modified: Thu, 20 Jan 2022 20:46:45 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 20 Jan 2022 20:46:45 GMT

Redirect headers

Date: Thu, 20 Jan 2022 20:46:46 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=da859b49-46a8-4f9a-b4e4-bc4110d8f596&exu=O%!F(string= )OeuhpIWsqtRPuojGKRkA
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 4418 0
523 B 6ms
6ms Image
text/html 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007F35CAE9619A082A770270A934
an.yandex.ru/mapuid/sapeis/ Frame 4418
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934
https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934?redir-setuniq=1

43 B
108 B

56ms
56ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 20:46:45 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Jan 2022 20:46:45 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 20:46:45 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F35CAE9619A082A770270A934?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Jan 2022 20:46:45 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 6731 187 B
404 B 257ms
200ms Document
text/html 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d0b276d1ba0f917-MXP
content-encoding: gzip

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 4418 15 KB
15 KB 99ms
99ms Script
application/javascript 185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=117461813465111
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:45 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 6731 22 KB
7 KB 144ms
144ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Dec 2021 07:30:44 GMT
server: cloudflare
etag: "0aa781bcf0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6d0b276e6dfaf917-MXP
content-length: 7430

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 6731 43 B
389 B 222ms
84ms Image
image/gif 188.42.29.80
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F35CAE9619A082A770270A934
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Jan 2022 20:46:45 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 149 KB
53 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

607abab2dcc713bafb514fcccf1275601f532bece2ee6e9fed786d3bf26cecc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54133
x-xss-protection: 0
server: cafe
etag: 11549584360338080181
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 20:46:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-2339592383170032&eid=31063752%2C44750773%2C44753738

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2339592383170032&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220118_084535&sat=1642664970718&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.194&alldns=0.194&allp=45&fd=(0%2C11%2C0)%2C(1%2C0%2C0)%2C(2%2C1%2C0)&pgh=1442&su=winintro.ru&pvc=2949611607291423&r=0.1&eid=31063752%2C44750773%2C44753738

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-2339592383170032&eid=31063752%2C44750773%2C44753738

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/ Frame 260B 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Thu, 20 Jan 2022 16:09:22 GMT
expires: Thu, 03 Feb 2022 16:09:22 GMT
cache-control: public, max-age=1209600
age: 16643
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 260B 0
0 102ms
52ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss64or3LD8VAxtfigcK-P-6gMmkvvf-BIhPSpixNHfseKhmCqbFFeEJgPe_QnHkjdjCV0RizMwHrUF_Nuha_CeCIyESh-JWHZAu-xPnqUINy1tJ_e30rG4-eodZQZLtlg2FOt-7Ha0KJDP6BB7PqOgGkt4OtTcenPaDuSHLnCHBYhYMKFYJ8ZhYAZ6MmGlU-WTcY_FvhH057EI7ElbpznsKacgRT65g4tvPG2aSoRfZBe5XmaQr9Bbi_jB-Pt-hORiDGnpBro2zQufm0s7KpBIms6qYsOhGVKTKXz7MlQDd67sFmYU42kPDRs6yDgqGnnYXuI5ZegrESRPEwyrbjoPc2C2brVFr75P0jVtrwuxN8MTPwld_PT89eOTnHUVTgNS_0HwiQh0iouhjlS2sO2-2bPbuJN-2tgjljUFqWklROwSYGeVKLtwmdMpOcXaC0bFT-xs4WZduOWrpt8D8izcxe7QgR-khPjhpVPJ2dxFCIHPj2-52iPwVijXAiZdUj0523YOyLAXJKQhSUI8xFmbtreUrgxYNGS3BkA7k7FE26KCIyx1iYJVVvaWksR-YG-mlRx8ozOk1dbiQChJgR-lnneWEP4VSXBExKOSYmRfuVQylJxMBctgkMZo4_HgEfhJIziaq21K4wq1WE1WHFdZnn96nJbwkS5GRS1wMwu3AFFBy2WUWoAt96l6lPgJSSwdhBvVu2WDmfv_Ge9qAFEK4J40SgxKCAR6DLbr1JzDP-B2oMKBPr33tuPIw1FkPjVeA7S0Y-BQo2WJeJU7Ie9UCS_UZnEtND8_mrAzrRe4k6K0WxfQ18oy-IRkhqMxA86kCLJrdg4CajNw4yk1di4tD6gcQC_4yX3C8k33jbb0sKBeRLUzfdT1P4awcugz6LG135RBdwFfZ_SaSmNMekTuU0H8vlq-sVQIHYslmSW15kwv3CIuJ5H08YDzrse8CxHnamMqSIeiv3cx3GedVpFWGkqT1VWvaFeq4mSGwSO0HZOerAgihNXqY6cTPopB_7NfKzeIDW3YHeGvYdw&sai=AMfl-YSdmpdfxXcn5ILvXideHvmJskPl6lQaEQxuhrBrymBEryhtaDxuwAmgJQ&sig=Cg0ArKJSzBww_y44yCjWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 20 Jan 2022 20:46:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 260B 41 KB
15 KB 51ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jan 2023 15:54:02 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 260B 32 KB
13 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f2d327c1ba974f26c36ae210f8e4b1a4711604670aa472f8e5ad4f86996879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13124
x-xss-protection: 0
server: cafe
etag: 8348368034461324533
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:45:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 260B 2 KB
1 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:41:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 260B 122 KB
38 KB 78ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jan 2022 20:46:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 260B 15 KB
7 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:01:50 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame 260B 19 KB
8 KB 47ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:39:39 GMT

GET
H2 200 15177733444999739628
s0.2mdn.net/simgad/ Frame 260B 20 KB
21 KB 58ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15177733444999739628

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e325cfc20f5bab19ea97a13404d1237cf2ff992a8d8ad6394caf81d9e6b627c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 18:00:45 GMT
x-content-type-options: nosniff
age: 269160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20670
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 17 Jan 2023 18:00:45 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 4418
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9...

49 B
602 B

55ms
55ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 20 Jan 2022 20:46:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.490781081631938&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 4418
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9...

49 B
602 B

68ms
68ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 20:46:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 6
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 20 Jan 2022 20:46:46 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=855263348701000.522960414616155&a=77&e=0100007F35CAE9619A082A770270A934&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007F35CAE9619A082A770270A934.sync:up.xdua:du_L5QIhxkblyCMZzlQZ90Iu.xps:xpsmNAY84HrEAHL8AF9xH4h3x.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 58DC 22 KB
8 KB 25ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Jan 2022 10:49:42 GMT
expires: Thu, 19 Jan 2023 10:49:42 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 122223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 260B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8911e3d93a9f4275864fb2479f4ad07d72805f12ade8bbc9afbd73f4843fe105

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 58DC 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 16:38:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F68E 8 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642711605&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642711605089&bpp=15&bdt=114&idt=118&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6972194227953&frm=20&pv=1&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mr24csvnxs&p=http%3A//winintro.ru&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 20:03:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 20:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 20:46:46 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame F68E 1 KB
875 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:20:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame F68E 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:46:10 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame F68E 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:45:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:45:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F68E 122 KB
37 KB 59ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38060
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1642595990432946"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jan 2022 20:46:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame F68E 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Feb 2022 20:44:14 GMT

GET
H2 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame F68E 27 KB
12 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 13:53:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Apr 2022 19:23:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F68E 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAs0nNcrpYZWnDoThgAe70IiYBPyinN5nu7S_67YNqcrC-9YiEAEgg4yKR2CV4pCCoAegAcvsyMEDyAEJqQLx-EQiKgGzPqgDAcgDywSqBPYBT9DO9clmOR_VmqCL8Ws9lDvafEmZNFQ3PIda-kBAhWwiDzj1nFIaDyj63UgqlAA_77vCjL9oSHXfaWdHzLWGHoiG_cXl2BO_zDinVAkFueQ3uAGJlI61kJoF_EnkBA9k6DD9z4GjnuBvfzZCx5P1a-1gTTw_X5xwAUdcL0JW9ry5JK8MgbY5lF-oW5E-UNRKpM6th4sjwDkJYJvkMDw7PvqQ9uL6JUoozHxUGSdfvUs22BAIhW93L5xlCo0kxrgyNI7DBUKFDF_vKrvkeWtc1CKyjUj7eqoWbKnXcIzbhvylkFwcILjaoZgg1ogUnBU2IVawWmujwATvztyFuQOSBQQIBBgBkgUECAUYBKAGLoAHnZO3PqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELGRHdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjMzOTU5MjM4MzE3MDAzMhgA&sigh=wDSEsvAfFeQ&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642711605&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642711605089&bpp=15&bdt=114&idt=118&shv=r20220118&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6972194227953&frm=20&pv=1&ga_vid=393698685.1642711605&ga_sid=1642711605&ga_hid=672389294&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C44750773%2C44753738&oid=2&pvsid=2949611607291423&pem=772&tmod=454263708&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mr24csvnxs&p=http%3A//winintro.ru&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 20 Jan 2022 20:46:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9787812853930525406/ Frame F68E 18 KB
18 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9787812853930525406/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5136ecd0689ecada2ffd5f137b3c37bbea13793dadee989d6b8dd49038befef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 05:26:03 GMT
x-content-type-options: nosniff
age: 141643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18457
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 13:51:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 19 Jan 2023 05:26:03 GMT

GET
DATA 200
OK truncated
/ Frame F68E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F68E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58DC 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNsFWNcrpYcrZDc24-ga45LrwDgAAAAA4AeAEAg&bg=!5eal5qLNAAZ_DxPPfw87ACkAdvg8WlpaDSyQPxlynM-utS52UycC2xHkVfE6Kja6xDrRbLSlcXC2WQIAAABtUgAAAANoAQeZAtqlsF-fdafGWNMIzIBkGHSzPAXWphZzpx-pQkhQ2mt3VKfz1CS89vFxk79mP7SLjkoVSsdf27FX9KcARlER1pRe6qE6j3SK1Tdlp7GWfKHk408CrlZNFa76r-n7kSLtc45t4hwgpNKu9Ji25slioNfd4dUo0Y6vRrTIx96ZpvixBPuRAhMXobLqfnE1UOROwgAgJAF2T4NcjO4LSLd9jsbmvCCCOODkkXoxdd97Uh_ZnSKh2hBodEvFKRDW8TzxkFKUsmgXDc2vDR41G3o-hjW73bfadFJOR6s-0OcmoQJKdWVlXS0_UCae1xekZJ6qRC6UW96CFhaIM5aCjDOlVXJ2ElRQ1vK7SDkWMVaMp3r5LpkuwTVFW1P6kZPgQSjThi0pGcG253USHyaeXMaHGMuQiEx_XgxktRlsPvxb5vqcJ6S__7YQR8efb5q5bQY1rGxdAt8APl3KLMCAMIzqCF83HVPGJM2wJ60GT3OZMu51hpaN_NYWfkliSbXz6ZSO1OImCwfNAQqZ_PywPjlb-wM2FzMnEvEzTq086HZnVjxt31sLUV8KMnQ8BnWXQyGri-SCN8-MI3Dg1NoirArRiW4MSdZD2uOrpmQgoQhyj8Vku4wtD7GWIvif0vbNkw8z3ffOwVZyfV7NydwkrV9-GsYmv5bbQ0G4wKCtcxNaA7m1UedzjjpYD8CIJjnsMs5hKWRKGtoRc1dKaTOhH4XXety9gplbQzf00B-7CLPhJ-DP06Qx1OiEINphMVu4SMshzmUXM3yWA0DQoqx4SqovJqGnfqpY-3-BGjvlnAL7nsEhciC2fRLerA99ESx2WMNd1-280MaMusLv8e62piOWfeIt-1PoO51nAxgQiKSIHBCHDjeljtfNBO1Ue371fxzKmlGDJiBVz0x4Ixv0iPkE7MYMyhXvlsDHsPOy6rAEg2p0BZ1FInriEwIctXYbKKBtUu9r1kAlS4t_5jdL

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F68E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7b10eeb472199b765c8a7e8b33ed4c975b33419d208251ebe9aaff029de1270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame F68E 28 KB
28 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 18:12:51 GMT
x-content-type-options: nosniff
age: 182035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 18:12:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 35ms
20ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9220142b06c855624cc567d7dddc1835fab85bdf590657c9dac6b384152fab5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Jan 2022 20:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8966
x-xss-protection: 0

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame E046 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 16:38:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Jan 2022 20:46:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7252 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Jan 2022 20:13:14 GMT
expires: Fri, 20 Jan 2023 20:13:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1BA6 783 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a610a6bc935f39cc61fafc591e79f9541cff753481e7215155f02f1ec0a08a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QsslJk9hgnC3v9Tf3UvUJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 20 Jan 2022 20:46:46 GMT
date: Thu, 20 Jan 2022 20:46:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QsslJk9hgnC3v9Tf3UvUJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7252 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 16:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Jan 2023 16:38:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1BA6 0
0 55ms
55ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220118&jk=2949611607291423&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7252 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BOK0eA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220118&jk=2949611607291423&bg=!uLulu__NAAZ_DxPPfw87ACkAdvg8WpJw6poU8Q1nrITpbxrnHDZU40VRA6Q_7sFf9ySxFyaFJObRTQIAAABTUgAAAANoAQeZArT4WD1zICqxCVucpThsLDFK2O0XfjWWExQKov-ELDNKGEkYz5dE6GgM2U-UeUH0xoJaREjsiso9wAM-mKy7fmLYblcxps1T_gBoJlx88qJIlMKBBSWZ0T3AlsWke57k04dOW-7VD-cZ1AiEU0zJt3aOY3zavvNH3lb0YgFvFwHHyZxoWZP-QtJ3stsQrEhnCiG12_SlHVPaIbwuLSwJHWENlmNtmUjGMqWR2YyQY9jVgDM1iUL9OG3CrjuL1GJ8iJVPugf8M052vSwcEGwDxPksR37FUB8Ry8ldNlpO9oxIcGcXNugolaBADg66L7_GA_LfvpmpzD6QcEPQAqqMkRz0KU2OjQZa2wKtrRHjH9Q9Owc0LG-ri2sfYtzDs7bBxfp44Q2zy2Wsw-hkoYAQWeuzFqiRgFTFWPC1tu5nRBI8o1EfMiCNISUz-55CWLp-krCwXyPUBtm1T10sAPInPSeOo8UpST1lyLt20nAyzh2gKeKvXwF2rVs1nlLpgBdx-nMDP9vJEWit2SLPykpO-CDexQH97eUTE1WkixBhplp7sx6zgC6Wz86v0PgZADXrgAaZJWgzaTm6OP_Vws7b_cQ1XBVLqv5NBDI-hdphpRZpoBeCllmlYQH0oySTquRFoP04R4SZxwFo_TcAwg3kI2e7-_-vB5hqIfFFRSIGEqEv7c-ZNSWQHosF9GSlkTlf8e7qyd7ftFY9HQvwXmo4zZOlJ4EmA5vFikpFf4iTyEkGWelCdmFzKE3pdIPbudJ06-tFvLmqY8qk3l6wljBpWCIInJXSjo6OU2kVGRdUZXLCSRakHIJnw0WMWKTy9x4Od6DzroKlnItCL0Oq5yOVLkfh5B2hI3OHUQYVGcxqQRDXHNJWK6SabcAD0WE-E8IVS_ZtmQuoBJYCTTS_51bnGysrRzL8Xw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 260B 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqsEGRydE_bnNA-Yi1AXYgnwps1rZmfBpY87mnTxNQkAkALksF8lWVvGbeCyEMKmo4JX8q3tjq6E5WzGgG4kwRcnGMZrEafCRQwzoYXi545FvtQhwq-zopkbk4Pdc4M15L0Nu_32MU_XgoJvg0FOO4fCtZeq2Wl1zSVDzmzAp6Kg&sai=AMfl-YTZb0Y13Hwjiu2eekOVz3A6ll6rjRmlzO8wwlVEb3Xcg8SJaLViLSsOnWQFX0HAIiy5tTqf-UASP5Hq&sig=Cg0ArKJSzNCpGWDG7WgvEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,758,1000,1130,1264&tos=0,758,242,130,134&v=20220119&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1642711605855&rpt=140&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F68E 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIcQbndxPwqG5D6Ot1a9zaG7GwMdMF2BQsbMAd2Z86ZieiZH9WOeyhOSIl5BQvtNN8Fevgt8gHLC4bSj8s22FZVP2xaT8uq04oWrL-DjQxl4i90qtpFQ&sai=AMfl-YTF8mARKe9ESKVg4jUaM-C9IOk8pYnKTXTNoqfJkLm_hp7Jbid7jdGofh9xHs6otr6x6-tp3l-I4mkQ&sig=Cg0ArKJSzOXM_eOGIoTrEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1206723596&rs=2&la=1&cr=0&vs=4&r=v&rst=1642711605214&rpt=1093&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 20:46:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165
https://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165

43 B
224 B

12ms
11ms

Image
image/gif

46.4.121.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165
Protocol: H2
Server: 46.4.121.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271109.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 20:46:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=b1a6c764-4ab9-42a5-98b6-d74f0cf56a35&dp=10&tz=%2B00%3A00&nc=17261769&dT=2022-01-20T20%3A46%3A48.165
Date: Thu, 20 Jan 2022 20:46:48 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

192 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winintro.ru/	1978-01-11 21:31:40	Name: fid Value: 82bf6b4e-abca-4ac4-b6d9-0b45043677f1
.acint.net/	1970-01-20 00:18:32	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHpyjV3KgiaNKlwAu5JfDulWOKukvPSjvRGZONWrNJe
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp7v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp14v3 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp17 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp32 Value: 1642711605
.acint.net/	1970-01-20 00:19:58	Name: cSyncDp45v3 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp53 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp54v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp62 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp67v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp68 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp71 Value: 1642711605
.acint.net/	1970-01-20 00:38:41	Name: cSyncDp77 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp84 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp85 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp88 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp95v3 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp101 Value: 1642711605
.acint.net/	1970-01-20 00:38:41	Name: cSyncDp104v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp107 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp110 Value: 1642711605
.acint.net/	1970-01-20 00:38:41	Name: cSyncDp111v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp112v2 Value: 1642711605
.acint.net/	1970-01-20 00:40:07	Name: cSyncDp125v2 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp126 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp127 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp129 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp136 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp138 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp144 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp146 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp149 Value: 1642711605
.acint.net/	1970-01-20 01:01:43	Name: cSyncDp151 Value: 1642711605
.winintro.ru/	1970-01-20 09:40:07	Name: __gads Value: ID=02d56c4d857ccffb-22f85a0425cd007e:T=1642711605:RT=1642711605:S=ALNI_MbdxF7uZrgPfR_E-ajDc96h2ugSeQ
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHpyjVoLQAaDl++AnTIPgaq5v1zLcUIGPRmIhN78cuN
.upravel.com/	1970-01-20 00:18:31	Name: session_tptc Value: 1642711605343
.utraff.com/	1970-01-20 01:01:54	Name: preutid Value: 1
.doubleclick.net/	1970-01-20 09:40:07	Name: IDE Value: AHWqTUmty5ZukFnBJOVmkE_-LLB37IXUZ50XjmAXPnvI1IiDnnbdizh7xrWcrhX4cDc
.upravel.com/	1970-01-23 15:54:31	Name: user_id Value: bd5eb225-7015-4e1e-9176-b31a5ddd2e12
.mail.ru/	1970-01-20 09:05:34	Name: VID Value: 0nC9jT2p72o700000a18H4Y7:::0-0-0-70422f5:CAASEBeh2s2kRGKDJkl0Gmh2pb0aYHaYaxUNu9jrXqyEWtrfYrh1s77VolpJOIN0DbSsy1VvFdyn7Be8dS9X27sOi3b5orffs7icMt5fOnVyhxMmoPHOjrJ-6uE8JsFa1qcMW4PtytuAuKd1Ozyirz6S4_BFVQ
.adhigh.net/	1970-01-20 09:04:07	Name: gi_u Value: uLZ95QTTb70o.AikABlF-eT3giw
.republer.com/	1970-01-20 09:04:07	Name: ruid Value: 63bc5dad-dd78-47be-8219-875b2305a820
.1dmp.io/	1970-01-20 09:04:07	Name: uid Value: 149c8c02-7a32-11ec-8677-901b0e934d81
.adhigh.net/	1970-01-20 09:04:07	Name: sape_sync Value: j8C
.adriver.ru/	1970-01-20 17:49:43	Name: cid Value: AxAAYXDCWPpfWCwmywcncDg
.betweendigital.com/	1970-01-20 09:04:07	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:04:07	Name: ss Value: 1
.adsniper.ru/	1970-01-27 07:30:31	Name: uuid3 Value: IiQxNGI1ZjhjYS03YTMyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.bumlam.com/	1970-01-27 07:30:31	Name: suuid3 Value: IiQxNGI1ZjhjYS03YTMyLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.betweendigital.com/	1970-01-20 09:04:07	Name: tuuid Value: 050dfd3d-3a10-5314-9581-7368f468b95d
.betweendigital.com/	1970-01-20 09:04:07	Name: ut Value: YenKNQAJL5BeST9bO_CuTvUAVOBY-6UZi1seNA==
.uuidksinc.net/	1970-01-20 09:04:07	Name: jcsuuid Value: 203yYnNxIWeHsMsXg4Ja
.rktch.com/	1970-01-20 01:01:43	Name: b_uid Value: 7c18fcba5786559a108e6aa9614bdfcfccbf
.ops.beeline.ru/	1970-01-20 08:51:10	Name: BeeAID Value: 3ca69b82-2cad-40a4-85ff-f67c847bc404
.mts.ru/	1970-01-20 08:51:10	Name: dspid Value: da859b49-46a8-4f9a-b4e4-bc4110d8f596
.weborama.fr/	1970-01-20 09:50:12	Name: AFFICHE_W Value: 3w8FOibFsqDf65
ssp.bidvol.com/	1970-02-13 20:49:55	Name: bvuid Value: 1horvixjqc
.rutarget.ru/	1970-01-20 04:37:43	Name: userId Value: ycd-MG1LnGR7
.doubleclick.net/	1970-01-20 00:18:32	Name: test_cookie Value: CheckForPermission
.aidata.io/	1970-01-20 17:49:43	Name: __upin Value: O/OeuhpIWsqtRPuojGKRkA
.aidata.io/	1970-01-20 17:49:43	Name: __upints Value: 1642711605
.advarkads.com/	1970-01-20 17:49:43	Name: u Value: EAJkRlsqRE2WFA-UcdU2xQ
.yandex.ru/	1970-01-23 15:54:31	Name: yuidss Value: 5355715341642711605
.yandex.ru/	1970-01-23 15:54:31	Name: yandexuid Value: 5355715341642711605
x01.aidata.io/	1970-01-20 00:22:50	Name: mts Value: 1
.mts.ru/	1970-01-23 14:42:31	Name: mts_id Value: 2f6d10a9-53d6-46b2-8a1c-41cca607ca6e
.mts.ru/	1970-01-23 14:42:31	Name: mts_id_last_sync Value: 1642711605
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWHpyjaon4dvztDRAg==
.dmg.digitaltarget.ru/	1970-01-21 02:13:43	Name: viuserid Value: dZC1StOP7ewTxRH7dEk2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://relap.io/partners/sprcs?uid=0100007F35CAE9619A082A770270A934 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/2oWbSUaoT5q05LxBENj1lg?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=1067934030 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f35cae9619a082a770270a934-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
api.advarkads.com
bd5eb225-7015-4e1e-9176-b31a5ddd2e12.sync.upravel.com
cm.g.doubleclick.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
match.new-programmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
winintro.ru
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
109.248.237.37
130.193.58.13
142.250.181.226
142.250.184.226
142.250.185.226
148.251.129.43
148.251.237.106
159.69.64.121
185.147.80.35
185.15.175.145
185.15.175.158
188.40.254.211
188.42.29.80
193.232.148.142
194.190.117.94
195.201.243.72
195.201.57.28
195.201.87.224
213.87.44.187
217.65.2.150
217.66.147.166
2606:4700:10::6816:457
2606:4700:20::ac43:4975
2a00:1148:db00::17
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:6b8::90
31.172.81.159
31.220.27.134
35.190.16.14
37.18.103.21
37.9.245.57
46.4.121.26
5.200.44.35
65.108.1.48
78.46.100.125
80.64.106.147
81.222.128.16
81.222.128.213
89.108.119.28
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
96.46.183.20
03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
107f0e3adef7081c3bed0dbd9d7e1c6452c9ff41e2dc99cf54c6b1a881b5eadc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc
18b9f3122939296670d9a8e54c3c761a2f044ef1911decfd7622c07b00511bb3
19c13ad1dff99e4866b6ac7a5cca0a34d639c7e577d76fc9945aa127b2b835d0
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
27009fc7dd4a2c80735fc5a90a576f47c6fc0d4d6116e58a6dc704cea755b17d
28608624095ea76fa24ce781fc3f495cc461af6e7154f9f5bc78b35c87fe74ab
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492
36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a
36a58af6acd580caed252ea70ef765cbf3aad5614493d92e3e6497e9f2714bf3
3ce490a72bc04c46e0cd83344b2686577f7c7c8e639a84eb63dbb4c2edc2b10b
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b06f817bc8877172dc8b712c3fca3f1cec9b3fa9508074811c274f9995e59ef
607abab2dcc713bafb514fcccf1275601f532bece2ee6e9fed786d3bf26cecc6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
6db97f168e5c25ed287f4455f10b979f6a472eb1a072519817535e2817107e40
72b2a74df4ad58f0758dbdbe5d74a3d45c33682f82736ef3c4a79c2b2b266a27
72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190
78cf89a3e0c71072014fecdaa90aebfd89a838511fa2b8ebaa21a1c0c64e9478
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8911e3d93a9f4275864fb2479f4ad07d72805f12ade8bbc9afbd73f4843fe105
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6eb5eabb0fa96e48ff327248293e07045d9a997d7ea94591ea27fdb5f8ca64
9220142b06c855624cc567d7dddc1835fab85bdf590657c9dac6b384152fab5b
96adb6aed4d55606a21f9e51fc509deca81c4c039735411b6b89eac505eb7152
99f2d327c1ba974f26c36ae210f8e4b1a4711604670aa472f8e5ad4f86996879
9a610a6bc935f39cc61fafc591e79f9541cff753481e7215155f02f1ec0a08a5
9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73
9f761e54e38437a6a2572d15e14f6353ad3b3e91b6a055a5fc365b8ff8c29fa3
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee
a7b10eeb472199b765c8a7e8b33ed4c975b33419d208251ebe9aaff029de1270
ab0eeca7d621e00b7252a85cbc727e7ec0d5a477aaae70dda8fd0fe4b8dcbcd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c
bdfca3b83c07515b186ac33c4be77f4d365e0774ce320f97fa2c0908280f47bc
beeb534d6c70067397c12083829c0035f2d487e5f1e915548610d8554713c527
c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d
c4095c8610d6bc2b8bc2c896b45d64da0dc8d06a1277815f183dd74695f9b3a4
c5136ecd0689ecada2ffd5f137b3c37bbea13793dadee989d6b8dd49038befef
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ced1fc5ecb99005fdea3fbc0e4c1fb94b042ed70bb66a3377e706fd98415cf10
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df04acf60876cf11c1ad96c8c00cff00373b68ab6d9e7ba22cb5a3ec2339de56
e325cfc20f5bab19ea97a13404d1237cf2ff992a8d8ad6394caf81d9e6b627c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

winintro.ru Open in urlscan Pro 188.40.254.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

55 %HTTPS

28 %IPv6

44 Domains

55 Subdomains

36 IPs

6 Countries

672 kBTransfer

1721 kBSize

71 Cookies

0 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

55 %
HTTPS

28 %
IPv6

44
Domains

55
Subdomains

36
IPs

6
Countries

672 kB
Transfer

1721 kB
Size

71
Cookies

113 HTTP transactions
4 data transactions