www.billing.novostroy-gid.ru Open in urlscan Pro
185.129.100.49  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u041F%u0435%u0442%u0435%u0440%u0431%u0443%u0440%u0433%u0430%20-%20%u043A%u0432%u0430%u0440%u0442%u0438%u0440%u044B%20%u0432%20%u043D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0430%u0445%20%u0421%u041F%u0431%21%20%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439-%u0413%u0438%u0434;0.45539849417316747 HTTP 302
• https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u041F%u0435%u0442%u0435%u0440%u0431%u0443%u0440%u0433%u0430%20-%20%u043A%u0432%u0430%u0440%u0442%u0438%u0440%u044B%20%u0432%20%u043D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0430%u0445%20%u0421%u041F%u0431%21%20%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439-%u0413%u0438%u0434;0.45539849417316747

Request Chain 36

• https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9471.ijKrgVeTsHDsxo6hTqS3_o2eo3_OOT4C2RoGQTmla6jzil7OaaQDBHCe33MDwgv4.Z2GA18sGEaanwLi-M17lSFvAVLU%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9471.D9EEQRdrm4W0DGC-knyERI0R5huUkO8r5vcIwAz_d-8DVjtXOLR_oT7b4SiEpaMmhPv6mmFC48GtlsTkNA3fkQ%2C%2C.iWrV1FWiS62dnW6XzLRQ_cmZxLc%2C

Request Chain 37

• https://mc.yandex.com/watch/22562989?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A467864832572%3Ahid%3A164184842%3Az%3A0%3Ai%3A20211128213438%3Aet%3A1638135279%3Ac%3A1%3Arn%3A1055135178%3Arqn%3A1%3Au%3A1638135279642793507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638135277341%3Ads%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638135279%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&t=gdpr(14)ti(2) HTTP 302
• https://mc.yandex.com/watch/22562989/1?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A467864832572%3Ahid%3A164184842%3Az%3A0%3Ai%3A20211128213438%3Aet%3A1638135279%3Ac%3A1%3Arn%3A1055135178%3Arqn%3A1%3Au%3A1638135279642793507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638135277341%3Ads%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638135279%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1%21%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&t=gdpr%2814%29ti%282%29

Request Chain 56

• https://acint.net/rmatch?dp=123&r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D%24%7BUSER_ID%7D&euid=e16eabf593d54ffeac1423e8d56cd490 HTTP 302
• https://acint.net/rmatch?r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D$%7BUSER_ID%7D&dp=123&tc=1&euid=e16eabf593d54ffeac1423e8d56cd490 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fprofilepxl.ru%252Fc%252Fsape_match%253Fpid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=0100007FF2F5A3612600059A029EDA42&r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D$%7BUSER_ID%7D HTTP 302
• https://profilepxl.ru/c/sape_match?pid=0100007FF0F5A361F700362E029B8CE1

Request Chain 125

• https://manalyticshub.com/m/watch?type=2&token=fd7ff8d9-2a98-4312-a800-9da7384a9bdf&sid=cfa57eeec94945f1a7244ded5251f2c2 HTTP 302
• https://manalyticshub.com/content/img/img7021.png

Request Chain 143

• https://whitesaas.com/api/phone/check?api_key=rcZ61JD1pinUKP5HOH9ZeBomEdlN7VEXcizbUdsrXjIvbGupbTm&k_id=425422862&k_v=1&r=https://ruperstat.ru/ext/datastore/pcbk.php HTTP 302
• https://ruperstat.ru/ext/datastore/pcbk.php?e=0&p=0&k_id=425422862&k_v=1&z=1

Request Chain 161

• https://counter.yadro.ru/id/finmed.gif?id=61a3f5f22c0d03.429588213&gif2x2=1 HTTP 302
• https://dmp.one/pb-data/liveinternet?id=61a3f5f22c0d03.429588213&gif2x2=1&p=0&e=0

Request Chain 163

• https://sync.yaomli.com/?src=etg1 HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjy64-NBlIFpszb7gM* HTTP 302
• https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjy64-NBlIFpszb7gOiARD_xIUSUJIR7IbgACWQwGR8 HTTP 302
• https://sync.yaomli.com/?src=etg1&s_data=CAIQABjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw* HTTP 302
• https://sync.yaomli.com/?src=etg1&s_data=CAIQARjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw*

Request Chain 165

• https://ixseptor.ru/ph/tazeros.php?visit_id=425422862&visitor_id=api10-32ee98c3-3181-42c9-9413-366fbabdc9cd&fingerprint_id=e5033af72e4b1de1f276216148490a64&session_id=7430396929_1638135282478 HTTP 302
• https://ixseptor.ru/rtrg.gif

Request Chain 168

• https://pxl.viewclick.ru/script.php?code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851 HTTP 301
• https://vh126.timeweb.ru/parking/?ref=pxl.viewclick.ru&code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851

Request Chain 170

• https://sync.bumlam.com/?src=dmp3&cmp=pix7&act=datasend&data64=eyJycWlkIjoxLCJzX3VpZDMiOiIiLCJzZV91aWQzIjoiIiwic2lkIjoiODQ0NGZhZTQtYmM4ZC00N2RkLTkzYzMtZTU3OTBmZDA5M2RiIiwic2l0ZV9pZCI6IjJkOWY5NWIzLTQ4NjYtNGYwYy1iZjYxLTE5MDBlZjU2YzQ4ZSIsImN1c3RvbV9jaWQiOiI2MWEzZjVmMjJjMGQwMy40Mjk1ODgyMTMifQ**&extradata64=&cb=0.9144509471346662&v=02 HTTP 302
• https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABjy64-NBlIF27zswQRaGAoCY2ISEjAuOTE0NDUwOTQ3MTM0NjY2MlrvAQoGZGF0YTY0EuQBZXlKeWNXbGtJam94TENKelgzVnBaRE1pT2lJaUxDSnpaVjkxYVdReklqb2lJaXdpYzJsa0lqb2lPRFEwTkdaaFpUUXRZbU00WkMwME4yUmtMVGt6WXpNdFpUVTNPVEJtWkRBNU0yUmlJaXdpYzJsMFpWOXBaQ0k2SWpKa09XWTVOV0l6TFRRNE5qWXROR1l3WXkxaVpqWXhMVEU1TURCbFpqVTJZelE0WlNJc0ltTjFjM1J2YlY5amFXUWlPaUkyTVdFelpqVm1NakpqTUdRd015NDBNamsxT0RneU1UTWlmUSoqWg0KC2V4dHJhZGF0YTY0WgcKAXYSAjAy8gEEcGl4N_oBCGRhdGFzZW5k HTTP 302
• https://sync.bumlam.com/?src=dmp3&s_data=CAIQABjy64-NBloYCgJjYhISMC45MTQ0NTA5NDcxMzQ2NjYyWu8BCgZkYXRhNjQS5AFleUp5Y1dsa0lqb3hMQ0p6WDNWcFpETWlPaUlpTENKelpWOTFhV1F6SWpvaUlpd2ljMmxrSWpvaU9EUTBOR1poWlRRdFltTTRaQzAwTjJSa0xUa3pZek10WlRVM09UQm1aREE1TTJSaUlpd2ljMmwwWlY5cFpDSTZJakprT1dZNU5XSXpMVFE0TmpZdE5HWXdZeTFpWmpZeExURTVNREJsWmpVMll6UTRaU0lzSW1OMWMzUnZiVjlqYVdRaU9pSTJNV0V6WmpWbU1qSmpNR1F3TXk0ME1qazFPRGd5TVRNaWZRKipaDQoLZXh0cmFkYXRhNjRaBwoBdhICMDKiARD_xIUSUJIR7IbgACWQwGR88gEEcGl4N_oBCGRhdGFzZW5k HTTP 302
• https://sync.bumlam.com/?src=dmp3&s_data=CAIQARjy64-NBloYCgJjYhISMC45MTQ0NTA5NDcxMzQ2NjYyWu8BCgZkYXRhNjQS5AFleUp5Y1dsa0lqb3hMQ0p6WDNWcFpETWlPaUlpTENKelpWOTFhV1F6SWpvaUlpd2ljMmxrSWpvaU9EUTBOR1poWlRRdFltTTRaQzAwTjJSa0xUa3pZek10WlRVM09UQm1aREE1TTJSaUlpd2ljMmwwWlY5cFpDSTZJakprT1dZNU5XSXpMVFE0TmpZdE5HWXdZeTFpWmpZeExURTVNREJsWmpVMll6UTRaU0lzSW1OMWMzUnZiVjlqYVdRaU9pSTJNV0V6WmpWbU1qSmpNR1F3TXk0ME1qazFPRGd5TVRNaWZRKipaDQoLZXh0cmFkYXRhNjRaBwoBdhICMDKiARD_xIUSUJIR7IbgACWQwGR88gEEcGl4N_oBCGRhdGFzZW5k HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=&extra2=dmp3 HTTP 302
• https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=dmp3&google_gid=CAESEFpGq5KK8VugxDIF9gSWRlw&google_cver=1

Request Chain 192

• https://whitesaas.com/api/phone/check?api_key=z34714321fhje2z&k_id=20598911&k_rpid=84757883&r=https://pxl.knam.pro/code/prov11.php HTTP 302
• https://pxl.knam.pro/code/prov11.php?e=0&p=0&k_id=20598911&k_rpid=84757883&z=1 HTTP 302
• https://pxl.knam.pro/code/rtrg.gif

Request Chain 225

• https://rupertino.ru/app/run.php?type=1&vid=53726406 HTTP 302
• https://statistik1.ru/pixel/ph/pixel/pixel17.php?vid=53726406 HTTP 302
• https://rupertino.ru/app/type1.php?vid=53726406&pixel=1683783728

Request Chain 226

• https://rupertino.ru/app/run.php?type=4&vid=53726406 HTTP 302
• https://counter.yadro.ru/corresp/wantres.gif?id=k53726406

Request Chain 231

• https://statik-us.info/loadfp?uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&colord=24&screenw=1600&screenh=1200&devicememory=8&hardwareconcurrency=4&platform=Linux%20x86_64&timeoffset=0&webglvendor=Intel%20Inc.&webglrenderer=Intel%20Iris%20OpenGL%20Engine HTTP 302
• https://perstat.ru/pixel/ufp.php?webglvendor=w&webglrenderer=w&token=58dd1de450b9a100b3a63850dc086905&uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&colord=24&screenw=1600&screenh=1200&devicememory=8&hardwareconcurrency=4&platform=Linux%20x86_64&timeoffset=0&webglvendor=Intel%20Inc.&webglrenderer=Intel%20Iris%20OpenGL%20Engine

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
16 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.billing.novostroy-gid.ru/	49 KB 10 KB	629ms 417ms	Document text/html	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 2d078c0201fbc4e79a4dd2dc445d439102dbb5f88997f95ab44a6ce7823a03a1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server ddos-guard content-security-policy upgrade-insecure-requests; date Sun, 28 Nov 2021 21:36:10 GMT content-type text/html; charset=utf-8 content-length 10417 vary Accept-Encoding content-encoding gzip x-cache-status HIT
GET H2	200	styles.css www.billing.novostroy-gid.ru/static/min/	191 KB 45 KB	111ms 109ms	Stylesheet text/css	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/min/styles.css?v=1.0.108 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 09124cb0836acec2778dc86cd8ba06f7eada6cbc5e539294095625211d9d2982 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Tue, 23 Mar 2021 08:08:07 GMT server ddos-guard etag W/"6059a1e7-2fb69" content-type text/css cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	cookies_inform.css www.billing.novostroy-gid.ru/static/css/	1 KB 533 B	223ms 221ms	Stylesheet text/css	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/css/cookies_inform.css?v=1.0.1 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c2bc8981f4d0e939dec8afb937115ce36f9a1d0e2f378326369b36a90c65c6bb Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-515" content-type text/css cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	building-list.css www.billing.novostroy-gid.ru/static/css/	4 KB 1002 B	189ms 187ms	Stylesheet text/css	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/css/building-list.css?v=0.2 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 2b7516b0ee6700ca176c9075706dfde481d0cf63dfe8752e6ae39e5d89582d64 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-110a" content-type text/css cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	call-request-form-bottom.css www.billing.novostroy-gid.ru/static/css/test/	3 KB 791 B	187ms 186ms	Stylesheet text/css	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/css/test/call-request-form-bottom.css Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 4ca7a410017efc0afcaec1c09f63b76cd42995a4e98050a2356d7d198643efd1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-aa0" content-type text/css cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	logo.png www.billing.novostroy-gid.ru/static/images/	4 KB 4 KB	314ms 312ms	Image image/png	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/static/images/logo.png Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 8cc3dce88badcac1f0b2cb2234abcc5654c2622d8189f7900b7742fc5487191b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 27 Nov 2020 07:36:58 GMT server ddos-guard etag "5fc0ac9a-1069" content-type image/png cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT accept-ranges bytes content-length 4201 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	3569ca733bfa7957eaf8b030b13bc603_1.jpg www.billing.novostroy-gid.ru/373x236/media/images/	116 KB 116 KB	391ms 388ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/3569ca733bfa7957eaf8b030b13bc603_1.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash ff8abc12307946a63dfa0f03f5b6f01c063a78a94ef6d617c45de4314577864e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 18 Nov 2020 09:31:53 GMT server ddos-guard etag W/"5fb4ea09-30f26" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:11 GMT content-length 118946 expires Sun, 12 Dec 2021 21:36:11 GMT
GET H2	200	2517f59fc89b69d861f24874ca19f81e_01.jpg www.billing.novostroy-gid.ru/373x236/media/images/	99 KB 99 KB	310ms 307ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/2517f59fc89b69d861f24874ca19f81e_01.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f57c63c16ccb2d79d42b12117890e77146072b3b484a82b320f17f6b42c1d52a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 16 Sep 2020 00:01:14 GMT server ddos-guard etag W/"5f6155ca-19c35" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 101012 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	9c697a25de46379891be20a0b88b33e6_720-04.jpg www.billing.novostroy-gid.ru/373x236/media/images/	100 KB 100 KB	280ms 278ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/9c697a25de46379891be20a0b88b33e6_720-04.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 6289009cff9f5b04b3b294af0b2e8149cbeb850bc32dbf1991232a487dd4b78a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 21 Apr 2021 13:39:38 GMT server ddos-guard etag W/"60802b1a-277f5" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 102022 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	1280-2.jpg www.billing.novostroy-gid.ru/373x236/media/images/	102 KB 102 KB	391ms 389ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/1280-2.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 01cd55ae4f7770bb5727362f54a5f39bd601afbfafdc5b1d2a31703205b62ecb Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Mon, 10 Aug 2020 12:06:35 GMT server ddos-guard etag W/"5f31384b-24192" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:11 GMT content-length 104316 expires Sun, 12 Dec 2021 21:36:11 GMT
GET H2	200	a04.jpg www.billing.novostroy-gid.ru/373x236/media/images/	99 KB 99 KB	323ms 321ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/a04.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash a000829c1d705fd9595f76f6cd93dd3d1eb67442650cbce9a1cab123ad2a5230 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Tue, 04 Aug 2020 10:28:24 GMT server ddos-guard etag W/"5f293848-2b702" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 101563 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	94b304f60a59e4127cded43fb6a27963_0.jpg www.billing.novostroy-gid.ru/373x236/media/images/	98 KB 98 KB	224ms 222ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/94b304f60a59e4127cded43fb6a27963_0.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash a7f92c3605b038749c9e35cc8f47c7f50a5c93a0ef55373926fbf547e85e7ab6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Thu, 19 Jul 2018 07:06:32 GMT server ddos-guard etag W/"5b503878-535f6" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 100107 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	720-01.jpg www.billing.novostroy-gid.ru/373x236/media/images/	89 KB 89 KB	226ms 224ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/720-01.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b23554e3421b148681bff5007f5e7452d47e8d962ff23a8ef5257b2a60af3de5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 28 Oct 2020 10:04:28 GMT server ddos-guard etag W/"5f99422c-18012" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 90940 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	img3-1-2.jpg www.billing.novostroy-gid.ru/373x236/media/images/	97 KB 97 KB	519ms 518ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/img3-1-2.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash d22f8e10c876e0e770a38d56344aa02c0fb8e6ecd5feb37645a01d28f3723f58 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 28 Sep 2018 10:48:33 GMT server ddos-guard etag W/"5bae0701-2a069" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:11 GMT content-length 99513 expires Sun, 12 Dec 2021 21:36:11 GMT
GET H2	200	191da7ee691cd0b3f2a5e827adf34cb0_720-01.jpg www.billing.novostroy-gid.ru/373x236/media/images/	103 KB 104 KB	226ms 224ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/373x236/media/images/191da7ee691cd0b3f2a5e827adf34cb0_720-01.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 48510d0e61087146af7871018348746c0d9a51043b81e570c7c671a350176eb0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Thu, 04 Feb 2021 02:52:08 GMT server ddos-guard etag W/"601b6158-2b60a" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT content-length 105840 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	blank.gif www.billing.novostroy-gid.ru/static/images/	43 B 159 B	189ms 188ms	Image image/gif	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/static/images/blank.gif Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 27 Nov 2020 07:36:58 GMT server ddos-guard etag "5fc0ac9a-2b" content-type image/gif cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:10 GMT accept-ranges bytes content-length 43 expires Sun, 12 Dec 2021 21:36:10 GMT
GET H2	200	scripts.js Show response www.billing.novostroy-gid.ru/static/min/	393 KB 118 KB	269ms 263ms	Script application/javascript	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/min/scripts.js?v=1.0.41 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 05afd6a4a41c5611687285bcb630bc2581a7ba9223f7200377b505dd69877ceb Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Tue, 29 Dec 2020 14:54:16 GMT server ddos-guard etag W/"5feb4318-6257a" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	zhmyak.js Show response www.billing.novostroy-gid.ru/static/js/	11 KB 2 KB	190ms 188ms	Script application/javascript	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/js/zhmyak.js?v=1.0.2 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash d9fa1c94dd412127980e419fd42ea58bb3cc85981e1030ed155c5cc74aac73ed Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Tue, 29 Dec 2020 12:13:00 GMT server ddos-guard etag W/"5feb1d4c-2b64" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	cookies_inform.js Show response www.billing.novostroy-gid.ru/static/js/	634 B 313 B	218ms 215ms	Script application/javascript	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/js/cookies_inform.js?v=1.0.1 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash c597c66d3804a3f6a325ac2379bb2759b4d8d449a731721b835fef8f9c2ed4c3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-27a" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	soz_widget.js Show response soz.novostroy-gid.ru/soz-static/js/widget/	87 KB 12 KB	1802ms 1328ms	Script application/javascript	185.129.100.39 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://soz.novostroy-gid.ru/soz-static/js/widget/soz_widget.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.39 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 20bf7106e8b0a45bf232f7c9d9261a4c6369f61e7db0910959b522c3a20abf55 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Thu, 25 Feb 2021 14:34:53 GMT server ddos-guard etag W/"6037b58d-15bed" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:32:40 GMT expires Sun, 28 Nov 2021 21:47:40 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	97 KB 39 KB	58ms 33ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-814765047 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 816fc520dd11f624d4e262aa06cf5130d47c57cd2953e8991d890293aaae4caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39543 x-xss-protection 0 last-modified Sun, 28 Nov 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 28 Nov 2021 21:34:38 GMT
GET H/1.1	200 OK	s.js Show response profilepxl.ru/	90 KB 91 KB	289ms 117ms	Script application/javascript	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 88096ad9e15bedaf1384de52310a56d0c3aee18882da943615caeec38fd43a58 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:38 GMT Last-Modified Thu, 15 Jul 2021 12:24:01 GMT Server nginx/1.14.0 (Ubuntu) ETag "60f028e1-169a8" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 92584
GET H2	200	/ Show response api-maps.yandex.ru/2.1/	33 KB 12 KB	234ms 100ms	Script application/javascript	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Full URL https://api-maps.yandex.ru/2.1/?lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash ade1b9c3d731b5107fd538201492cdd4c667ce2b87f15413f4b6bff368af147a Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:38 GMT content-encoding gzip x-content-type-options nosniff, nosniff vary Accept-Encoding, Origin content-type application/javascript; charset=utf-8 access-control-allow-origin * x-lighttpd-locale ru_RU content-disposition attachment; filename=json.txt timing-allow-origin * x-xss-protection 1; mode=block
GET H2	200	map_index.js Show response www.billing.novostroy-gid.ru/static/js/	2 KB 1 KB	183ms 180ms	Script application/javascript	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/js/map_index.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 99f53b2b766cfafadb795be89bab0ff7b472f36a6cdbfe2dfeab41253dc19a5b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-92c" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	contact_form_bottom.js Show response www.billing.novostroy-gid.ru/static/js/components/	8 KB 2 KB	187ms 185ms	Script application/javascript	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/js/components/contact_form_bottom.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f89cff02ade0907a472f025e9179dafd5634eabf164f457bad28991cc5c9fa57 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag W/"5fc0ac9b-1e3c" content-type application/javascript cache-control max-age=900 date Sun, 28 Nov 2021 21:36:10 GMT expires Sun, 28 Nov 2021 21:51:10 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	119 KB 43 KB	33ms 32ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KBWV27 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e0d31b7a77fcc4cebaee6fd261f48299b87b38a3dc80f64a1fc92a3e2ebb1a32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43493 x-xss-protection 0 last-modified Sun, 28 Nov 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 28 Nov 2021 21:34:38 GMT
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u04... https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u...	140 B 626 B	64ms 64ms	Image image/gif	88.212.201.216 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u041F%u0435%u0442%u0435%u0440%u0431%u0443%u0440%u0433%u0430%20-%20%u043A%u0432%u0430%u0440%u0442%u0438%u0440%u044B%20%u0432%20%u043D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0430%u0445%20%u0421%u041F%u0431%21%20%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439-%u0413%u0438%u0434;0.45539849417316747 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Server 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash a92f2b3edb0d9f5e017eaf110749e21ce9aea2121cc492145837afd222a8416e Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Nov 2021 21:34:38 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Type image/gif Content-Length 140 Expires Sat, 28 Nov 2020 21:00:00 GMT Redirect headers Pragma no-cache Date Sun, 28 Nov 2021 21:34:38 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Location https://counter.yadro.ru/hit?q;t44.1;r;s1600*1200*24;uhttps%3A//www.billing.novostroy-gid.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0438%20%u0421%u0430%u043D%u043A%u0442-%u041F%u0435%u0442%u0435%u0440%u0431%u0443%u0440%u0433%u0430%20-%20%u043A%u0432%u0430%u0440%u0442%u0438%u0440%u044B%20%u0432%20%u043D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439%u043A%u0430%u0445%20%u0421%u041F%u0431%21%20%u041D%u043E%u0432%u043E%u0441%u0442%u0440%u043E%u0439-%u0413%u0438%u0434;0.45539849417316747 Cache-control no-cache Connection keep-alive Content-Type text/html Content-Length 32 Expires Sat, 28 Nov 2020 21:00:00 GMT
GET H2	200	blue-bear.jpg www.billing.novostroy-gid.ru/static/images/	95 KB 96 KB	82ms 82ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/static/images/blue-bear.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 8b3046ca6970dd00e167efe98e43f363f8f76ba257c18e1bb88ff90de37ab026 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 27 Nov 2020 07:36:58 GMT server ddos-guard etag "5fc0ac9a-17dce" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:11 GMT accept-ranges bytes content-length 97742 expires Sun, 12 Dec 2021 21:36:11 GMT
GET DATA	200 OK	truncated /	566 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash be54bc35662391218ca23342af0eaacb7d74efdf941862fc0f555637d13cef3f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fontawesome-webfont.woff2 www.billing.novostroy-gid.ru/static/fonts/	75 KB 76 KB	81ms 80ms	Font application/octet-stream	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/static/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/static/min/styles.css?v=1.0.108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://www.billing.novostroy-gid.ru/static/min/styles.css?v=1.0.108 Origin https://www.billing.novostroy-gid.ru Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 27 Nov 2020 07:36:59 GMT server ddos-guard etag "5fc0ac9b-12d68" content-type application/octet-stream cache-control max-age=900 date Sun, 28 Nov 2021 21:36:11 GMT accept-ranges bytes content-length 77160 expires Sun, 28 Nov 2021 21:51:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	32ms 7ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBWV27 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2011 date Sun, 28 Nov 2021 21:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 28 Nov 2021 23:01:07 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	189 KB 65 KB	157ms 73ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:38 GMT content-encoding br last-modified Fri, 26 Nov 2021 15:51:55 GMT etag "61a0d86b-101bc" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 65980 expires Sun, 28 Nov 2021 22:34:38 GMT
GET H3	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 884 B	26ms 10ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 20:40:11 GMT content-encoding gzip x-content-type-options nosniff age 3267 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 28 Nov 2021 21:40:11 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 452 B	63ms 20ms	XHR text/plain	2a00:1450:400c:c07::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52809280-1&cid=573967421.1638135278&jid=947162915&gjid=390223802&_gid=1376015553.1638135278&_u=aGBAgAAjAAAAAE~&z=2122352546 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 28 Nov 2021 21:34:38 GMT content-type text/plain access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	9ms 8ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1942220295&t=pageview&_s=1&dl=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=947162915&gjid=390223802&cid=573967421.1638135278&tid=UA-52809280-1&_gid=1376015553.1638135278&gtm=2wgba1KBWV27&z=93112787 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 03:02:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 66725 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	57ms 30ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52809280-1&cid=573967421.1638135278&jid=947162915&_u=aGBAgAAjAAAAAE~&z=478230250 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	56ms 29ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-52809280-1&cid=573967421.1638135278&jid=947162915&_u=aGBAgAAjAAAAAE~&z=478230250 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check?t=ti(4) https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9471.ijKrgVeTsHDsxo6hTqS3_o2eo3_OOT4C2RoGQTmla6jzil7OaaQDBHCe33MDwgv4.Z2GA18sGEaanwLi-M17lSFvAVLU%2C https://mc.yandex.com/sync_cookie_image_decide?token=9471.D9EEQRdrm4W0DGC-knyERI0R5huUkO8r5vcIwAz_d-8DVjtXOLR_oT7b4SiEpaMmhPv6mmFC48GtlsTkNA3fkQ%2C%2C.iWrV1FWiS62dnW6XzLRQ_cmZxLc%2C	75 B 75 B	41ms 41ms	Image text/html	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9471.D9EEQRdrm4W0DGC-knyERI0R5huUkO8r5vcIwAz_d-8DVjtXOLR_oT7b4SiEpaMmhPv6mmFC48GtlsTkNA3fkQ%2C%2C.iWrV1FWiS62dnW6XzLRQ_cmZxLc%2C Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:38 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9471.D9EEQRdrm4W0DGC-knyERI0R5huUkO8r5vcIwAz_d-8DVjtXOLR_oT7b4SiEpaMmhPv6mmFC48GtlsTkNA3fkQ%2C%2C.iWrV1FWiS62dnW6XzLRQ_cmZxLc%2C date Sun, 28 Nov 2021 21:34:38 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	1 Show response mc.yandex.com/watch/22562989/ Redirect Chain https://mc.yandex.com/watch/22562989?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen... https://mc.yandex.com/watch/22562989/1?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3A...	331 B 485 B	40ms 40ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/22562989/1?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A467864832572%3Ahid%3A164184842%3Az%3A0%3Ai%3A20211128213438%3Aet%3A1638135279%3Ac%3A1%3Arn%3A1055135178%3Arqn%3A1%3Au%3A1638135279642793507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638135277341%3Ads%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638135279%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1%21%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&t=gdpr%2814%29ti%282%29 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 1c4f554eed333f03c19901ae85534bd0385aa1fbfee9c5c0ac635a505b472d36 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:39 GMT x-content-type-options nosniff last-modified Sun, 28-Nov-2021 21:34:39 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:39 GMT Redirect headers pragma no-cache date Sun, 28 Nov 2021 21:34:38 GMT last-modified Sun, 28-Nov-2021 21:34:38 GMT location /watch/22562989/1?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A467864832572%3Ahid%3A164184842%3Az%3A0%3Ai%3A20211128213438%3Aet%3A1638135279%3Ac%3A1%3Arn%3A1055135178%3Arqn%3A1%3Au%3A1638135279642793507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1638135277341%3Ads%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1638135279%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1%21%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&t=gdpr%2814%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:38 GMT
GET H2	200	/ Show response soz.novostroy-gid.ru/6b91a588/	2 KB 491 B	238ms 203ms	XHR application/json	185.129.100.39 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://soz.novostroy-gid.ru/6b91a588/?referer=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F Requested by Host: soz.novostroy-gid.ru URL: https://soz.novostroy-gid.ru/soz-static/js/widget/soz_widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.39 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash be250d38fab580a2e958a1d55ddfc8a814b89f4d247e562a62de926d7bba49d8 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip vary Origin server ddos-guard date Sun, 28 Nov 2021 21:32:40 GMT x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin *
GET H2	200	soz_widget.min.css Show response soz.novostroy-gid.ru/soz-static/css/widget/	24 KB 5 KB	251ms 220ms	XHR text/css	185.129.100.39 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://soz.novostroy-gid.ru/soz-static/css/widget/soz_widget.min.css?referer=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F Requested by Host: soz.novostroy-gid.ru URL: https://soz.novostroy-gid.ru/soz-static/js/widget/soz_widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.39 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 059e7add053747e7521daf7ecc4e781f58e92da57885e9185027b418ca3fcdac Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Mon, 11 Jan 2021 07:54:48 GMT server ddos-guard etag W/"5ffc0448-614a" access-control-allow-methods GET content-type text/css access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control max-age=900 date Sun, 28 Nov 2021 21:32:40 GMT access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Sun, 28 Nov 2021 21:47:40 GMT
GET H2	200	chat.svg soz.novostroy-gid.ru/soz-static/img/	3 KB 3 KB	82ms 82ms	Image image/svg+xml	185.129.100.39 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://soz.novostroy-gid.ru/soz-static/img/chat.svg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.39 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 500b02537123c4b0f22ff4d30552b53e37eff8948c8d2e18e4319506f29dbc87 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Thu, 10 Oct 2019 08:04:30 GMT server ddos-guard etag "5d9ee60e-c19" content-type image/svg+xml cache-control max-age=900 date Sun, 28 Nov 2021 21:32:40 GMT accept-ranges bytes content-length 3097 expires Sun, 28 Nov 2021 21:47:40 GMT
GET H2	200	call.svg soz.novostroy-gid.ru/soz-static/img/	3 KB 3 KB	222ms 221ms	Image image/svg+xml	185.129.100.39 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://soz.novostroy-gid.ru/soz-static/img/call.svg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.39 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 271696c5fb38cb4f4a26532173709f20a414d538b362d72f674cb2d600f6f2ea Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Thu, 10 Oct 2019 08:04:30 GMT server ddos-guard etag "5d9ee60e-b5f" content-type image/svg+xml cache-control max-age=900 date Sun, 28 Nov 2021 21:32:40 GMT accept-ranges bytes content-length 2911 expires Sun, 28 Nov 2021 21:47:40 GMT
GET H/1.1	200 OK	index.php Show response qoopler.ru/	14 KB 6 KB	203ms 65ms	Script text/html	82.202.229.210 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://qoopler.ru/index.php?ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 82.202.229.210 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 1fb9e8a559608ade78157ef24290de42d00590a5e71fb7cdeafee055006652d6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 28 Nov 2021 21:34:40 GMT Content-Encoding gzip Server nginx/1.10.3 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	code.js Show response top-fwz1.mail.ru/js/	25 KB 11 KB	269ms 102ms	Script application/javascript	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/js/code.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT content-encoding gzip x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" amp-access-control-allow-source-origin * last-modified Thu, 15 Jul 2021 18:35:46 GMT server nginx etag W/"60f08002-64db" access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type application/javascript access-control-allow-origin * access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control max-age=3600, private access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin * access-control-allow-headers * expires Sun, 28 Nov 2021 22:34:40 GMT
GET H2	200	full-d1de67c44ff77d445058e8457ca6578da7094d3a.js Show response yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-28/build/release/	3 MB 688 KB	158ms 71ms	Script application/javascript	2a02:6b8:20::215 YNDX
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-28/build/release/full-d1de67c44ff77d445058e8457ca6578da7094d3a.js Requested by Host: api-maps.yandex.ru URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software nginx/1.17.9 / Resource Hash 6c35d680a9ab6c3deabe0a8fcc81f0165fab33ea449d33d7cba7a291c7727ec1 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT content-encoding br last-modified Tue, 16 Nov 2021 18:22:25 GMT server nginx/1.17.9 etag W/"3886d816ca31975fc2cc7fbf5f26f1b6" vary Accept-Encoding report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 29 Nov 2022 03:21:34 GMT cache-control public, max-age=31556952 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} strict-transport-security max-age=43200000; includeSubDomains; timing-allow-origin * x-nginx-request-id 6a3216ba42ab90bb
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 232 B	41ms 40ms	Image image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif?t=ti(4) Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT last-modified Fri, 26 Nov 2021 15:51:55 GMT etag "61a0d86b-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Sun, 28 Nov 2021 22:34:40 GMT
GET H2	200	/ Show response www.billing.novostroy-gid.ru/search/building/	403 KB 51 KB	588ms 588ms	XHR application/json	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/search/building/ Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/static/min/scripts.js?v=1.0.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 09d0de84105573e3ceafd3efe2eb510f8e7ad9e130c73db016a77651b562fc1d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept */* Referer https://www.billing.novostroy-gid.ru/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard date Sun, 28 Nov 2021 21:36:13 GMT content-length 52402 vary Accept-Encoding content-type application/json
GET H2	200	/ Show response www.billing.novostroy-gid.ru/teaser/get/	19 KB 3 KB	345ms 344ms	XHR application/json	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/teaser/get/?url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/static/min/scripts.js?v=1.0.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash bae7e40eb95ef7c23ccd5a20b75e4f06421bfcf78acc1991c0ec0b27202bd248 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept */* Referer https://www.billing.novostroy-gid.ru/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard date Sun, 28 Nov 2021 21:36:13 GMT content-length 2835 vary Accept-Encoding content-type application/json
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 15 KB	44ms 20ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-814765047 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14378 x-xss-protection 0 server cafe etag 684346926396516684 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 28 Nov 2021 21:34:40 GMT
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	273 B 836 B	82ms 82ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 3028c91157c58af7b5521c5c488489903e96dc7578a9f2af008573a3bb6aba58 Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:40 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 273
POST H2	200	counter top-fwz1.mail.ru/	43 B 1 KB	61ms 61ms	Ping image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/counter?js=13;id=3068425;u=https%3A//www.billing.novostroy-gid.ru/;st=1638135280049;pid=USER_ID;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8f60981cb6fd06d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1638135280242%3A1638135280246%3A1%3Ac125781a4f89dbe724aa011e99a63e3b;opts=dl;visible=true;_=0.3072384526457079 Requested by Host: top-fwz1.mail.ru URL: https://top-fwz1.mail.ru/js/code.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin https://www.billing.novostroy-gid.ru server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-headers *
POST H2	200	tracker top-fwz1.mail.ru/	43 B 1 KB	60ms 60ms	Ping image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/tracker?js=13;id=3068425;u=https%3A//www.billing.novostroy-gid.ru/;st=1638135280049;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8f60981cb6fd06d;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1638135280242%3A1638135280248%3A2%3Ac125781a4f89dbe724aa011e99a63e3b;opts=dl;visible=true;_=0.9957599521032641;e=IV%3A0/3%3B%3Bhome Requested by Host: top-fwz1.mail.ru URL: https://top-fwz1.mail.ru/js/code.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin https://www.billing.novostroy-gid.ru server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-headers *
GET H/1.1	200 OK	/ ad.mail.ru/retarget/	43 B 384 B	180ms 53ms	Image image/gif	2a00:1148:db00::17 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/retarget/?counter=3068425&list=3&productid=&pagetype=home&totalvalue=0&_=0.33674081717223636 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:40 GMT Content-Type image/gif Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" Cache-Control private, no-cache, no-store Connection keep-alive Timing-Allow-Origin * Content-Length 43
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/814765047/	3 KB 2 KB	58ms 20ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814765047/?random=1638135280256&cv=9&fst=1638135280256&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b5cbd23e34d5d67fe3f2b17a99e54f75383cabb2d0cf63d43d42f5ffb4c8fe96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1110 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/814765047/	3 KB 1 KB	59ms 22ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814765047/?random=1638135280258&cv=9&fst=1638135280258&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dpage_view%3Blisting_id%3D%3Blisting_pagetype%3Dhome%3Blisting_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4062d43a5f985f9c9d67e6ba2f34349e0e8344bad6f5f6d3d05aa11c97168790 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1139 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sync Show response dmp.one/	5 KB 3 KB	388ms 292ms	Script text/html	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmp.one/sync?stock_key=1b102086ff3b7547b0e7bea50b96fbc3&yid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a1b6636ef50f12f2817984a9a2becc9885834276f777f460c859d1eea2404b8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKHLb52l99d9%2FSIKUsCRWhMLGbxTmUdl%2FFzGWlFjqfQBVjoysKynO1ek10WEY0GcQCL5PrnrP1XD225mxvGbiCSRiNBnKC%2Frs0i2eIWnrUMwSgXQnNXnu7VVj3h9qqgYbWs8yCcg"}],"group":"cf-nel","max_age":604800} cf-ray 6b56b8bebdaa0fa6-VIE
GET H/1.1	200 OK	sape_match profilepxl.ru/c/ Redirect Chain https://acint.net/rmatch?dp=123&r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D%24%7BUSER_ID%7D&euid=e16eabf593d54ffeac1423e8d56cd490 https://acint.net/rmatch?r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D$%7BUSER_ID%7D&dp=123&tc=1&euid=e16eabf593d54ffeac1423e8d56cd490 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fprofilepxl.ru%252Fc%252Fsape_match%253Fpid%253D$%257BUSER_ID%257D&dp=14 https://acint.net/rmatch?dp=14&euid=0100007FF2F5A3612600059A029EDA42&r=https%3A%2F%2Fprofilepxl.ru%2Fc%2Fsape_match%3Fpid%3D$%7BUSER_ID%7D https://profilepxl.ru/c/sape_match?pid=0100007FF0F5A361F700362E029B8CE1	26 B 460 B	65ms 65ms	Image image/gif	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://profilepxl.ru/c/sape_match?pid=0100007FF0F5A361F700362E029B8CE1 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 26 Content-Type image/gif Redirect headers date Sun, 28 Nov 2021 21:34:42 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://profilepxl.ru/c/sape_match?pid=0100007FF0F5A361F700362E029B8CE1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-type text/html content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/814765047/	42 B 64 B	47ms 23ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/814765047/?random=1638135280256&cv=9&fst=1638133200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&async=1&fmt=3&is_vtc=1&random=2950625033&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/814765047/	42 B 64 B	44ms 22ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/814765047/?random=1638135280256&cv=9&fst=1638133200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&async=1&fmt=3&is_vtc=1&random=2950625033&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/814765047/	42 B 64 B	48ms 26ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/814765047/?random=1638135280258&cv=9&fst=1638133200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dpage_view%3Blisting_id%3D%3Blisting_pagetype%3Dhome%3Blisting_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&async=1&fmt=3&is_vtc=1&random=1754054755&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/814765047/	42 B 64 B	46ms 24ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/814765047/?random=1638135280258&cv=9&fst=1638133200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dpage_view%3Blisting_id%3D%3Blisting_pagetype%3Dhome%3Blisting_totalvalue%3D&frm=0&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&tiba=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE&async=1&fmt=3&is_vtc=1&random=1754054755&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1e781dd81a1d2fb1.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	44 KB 45 KB	112ms 109ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/1e781dd81a1d2fb1.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 5e77244fbe1b2cc1d73d0bf53920ff77a4b70180b34720d0fb59f730cc6feef0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:06:34 GMT server ddos-guard etag "617edb2a-b1e0" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 45536 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	f1b56755eb792af5.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	9 KB 9 KB	54ms 50ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/f1b56755eb792af5.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 320c6b09e2f0e7379ea41642c780bea40d844fd0890b6ef0d1b3a2948f5bb76e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 27 Oct 2021 11:33:17 GMT server ddos-guard etag "617938fd-248c" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 9356 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	007915a6c1a02965.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	7 KB 8 KB	53ms 50ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/007915a6c1a02965.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 9eac58d58eb5693da668dba89fe18a1be7097d6c52fcb7f63e6b09fd82982f1a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 27 Oct 2021 11:30:08 GMT server ddos-guard etag "61793840-1dd1" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 7633 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	a3d52cc9ec74f146.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	49 KB 49 KB	101ms 98ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/a3d52cc9ec74f146.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 99216099d178270dbdba34ba4fbb02f8f28b8d60a23ebceb94dbebacbdddda1e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:09:18 GMT server ddos-guard etag "617edbce-c575" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 50549 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	1bddf2119d5a9def.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	42 KB 42 KB	99ms 96ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/1bddf2119d5a9def.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b1b807b926777cb5e37a8f4f11a1bbb49d8b87eff42281195a9e9aa9e1798342 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:21:12 GMT server ddos-guard etag "617ede98-a6ed" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 42733 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	6aa0fda03c040774.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	20 KB 20 KB	82ms 79ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/6aa0fda03c040774.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f4dd251daa0b3867d07d7e8591bec342db2b96ac0e668388b776cc3d649566dd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 17:54:12 GMT server ddos-guard etag "617ed844-4e0d" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 19981 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	858b94891c0cbc9a.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	20 KB 20 KB	82ms 80ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/858b94891c0cbc9a.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 6bcdf7a843a224788f58ad1310db29a29d7b1733a889272a133a1fcf431481de Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 17:57:38 GMT server ddos-guard etag "617ed912-4e1f" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 19999 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	cf7974c0029b0bff.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	40 KB 40 KB	113ms 111ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/cf7974c0029b0bff.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash e6e1d014fbc67146824486434b88e19ac85299cee52d62f162667536bcb66412 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:16:57 GMT server ddos-guard etag "617edd99-9f7c" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 40828 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	ef4b13b89d7e2642.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	49 KB 49 KB	81ms 79ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/ef4b13b89d7e2642.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 18a2bc5520a6c886ed08ae963b5ff6366d2f9b5fd537d683fef5bb572d3a458b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:07:52 GMT server ddos-guard etag "617edb78-c367" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 50023 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	00b15c7c2781fd8c.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	49 KB 49 KB	81ms 78ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/00b15c7c2781fd8c.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 080572119b8d80a295b2dabb3bc01e0f5bb5d78a2eb32a04b8bc48948a616be6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:15:40 GMT server ddos-guard etag "617edd4c-c415" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 50197 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	5313dcc589149cb1.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	24 KB 24 KB	87ms 84ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/5313dcc589149cb1.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b8c02bf6001f8ca03fa36c27eafb89c758aafec44a88ef516e09f5dee518876c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:04:38 GMT server ddos-guard etag "617edab6-604b" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 24651 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	7d7f6530ba548ce7.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	10 KB 10 KB	62ms 60ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/7d7f6530ba548ce7.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash dab85a439babebc9f86630961a31730e12a2aebf6c4ebafd70a8bf6e786893a9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 27 Oct 2021 11:34:48 GMT server ddos-guard etag "61793958-273b" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 10043 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	88d75e6c89d66179.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	48 KB 48 KB	116ms 114ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/88d75e6c89d66179.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 644565fcd1c1fcd7f07c01911a126bcf620a4b6402c3a366998d393a405376f9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 17:15:55 GMT server ddos-guard etag "617ecf4b-c169" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 49513 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	294ae2677021e942.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	20 KB 20 KB	85ms 84ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/294ae2677021e942.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash b55081d31ba1cb64200c9a21337d5ca00279c835cf7c6b3d6b2d81c13a645cd0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Wed, 27 Oct 2021 08:44:24 GMT server ddos-guard etag "61791168-4f00" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 20224 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	80ab38064f11c15e.jpg www.billing.novostroy-gid.ru/media/images/banners/2021-43/	36 KB 36 KB	109ms 107ms	Image image/jpeg	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/media/images/banners/2021-43/80ab38064f11c15e.jpg Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 8d89d95e322d99434539823877b13ecfb68df25bde2b7e363074f89dee04ed89 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Sun, 31 Oct 2021 18:12:09 GMT server ddos-guard etag "617edc79-9167" content-type image/jpeg cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 37223 expires Sun, 12 Dec 2021 21:36:13 GMT
GET DATA	200 OK	truncated /	187 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d9340ba012ead5ec0e5d25c29781f4f837985d419c10ce9e72d4cc5de5297a27 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	grab.cur api-maps.yandex.ru/2.1.79/build/release/images/cursor/	326 B 355 B	73ms 73ms	Image application/octet-stream	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grab.cur Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT last-modified Tue, 16 Nov 2021 18:22:37 GMT etag "6193f6ed-146" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 326 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	grabbing.cur api-maps.yandex.ru/2.1.79/build/release/images/cursor/	326 B 355 B	76ms 76ms	Image application/octet-stream	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grabbing.cur Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT last-modified Tue, 16 Nov 2021 18:22:37 GMT etag "6193f6ed-146" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 326 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	help.cur api-maps.yandex.ru/2.1.79/build/release/images/cursor/	326 B 525 B	41ms 41ms	Image application/octet-stream	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/help.cur Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT last-modified Tue, 16 Nov 2021 18:22:37 GMT etag "6193f6ed-146" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 326 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	zoom_in.cur api-maps.yandex.ru/2.1.79/build/release/images/cursor/	326 B 355 B	78ms 78ms	Image application/octet-stream	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/zoom_in.cur Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT last-modified Tue, 16 Nov 2021 18:22:37 GMT etag "6193f6ed-146" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 326 expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated /	104 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ac301e04134f0a6a5a96b2e9f056107818db1d84226f0cf85d700d196c44ed85 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9cfeddeac6bec7714f140da244af0823eb469e665411fc571451f889a1d7fa94 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	315 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 365e85a31de197b7e074e022301502692aa6f4d56ffca64b505546b986e8ffc0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response www.billing.novostroy-gid.ru/points/	44 KB 15 KB	96ms 96ms	XHR application/json	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Full URL https://www.billing.novostroy-gid.ru/points/ Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/static/min/scripts.js?v=1.0.41 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash f37c07889514e383416986ef353197f988227d976d292a536dbcc31c58021234 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.billing.novostroy-gid.ru/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard date Sun, 28 Nov 2021 21:36:13 GMT x-cache-status HIT vary Accept-Encoding content-type application/json content-length 15229
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	12 KB 12 KB	196ms 106ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=149&y=75&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 930eeb4f1044f904101341399eed11d9c5ac68bcfbf94ea4938623c1ccf0266c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "d377e52ffd268eb0d306e611d39d96c9" content-length 12719 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	13 KB 13 KB	197ms 110ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=148&y=75&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 2f838f6616c91a2cc34a49ade5fd3d4ea17b681837f9f5dd4f11aebc329658c2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "89df26faeb325703ea24f89ea1da4060" content-length 13585 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	13 KB 13 KB	159ms 72ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=150&y=75&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 2319da5212bb38924b83793806698d604be694d5ea30473fe339f7d6496b3519 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "ca56f90b4dd141b09e15eabba5eeb74f" content-length 13021 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	10 KB 10 KB	225ms 139ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=148&y=74&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8cc7ef336c8a1a7dd001e0e2a2d3f54a53fe7f4ad99d58099afdf03beba80dc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "d9b96144f20f369c9f70686fe0896385" content-length 10052 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	11 KB 11 KB	158ms 72ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=148&y=76&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash d3c96ad33fd472c1f9d5dcac5ade474a8d631e2a9ea9983992b9891948e5d478 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "b43319fc43f4ee8e0334f735e3aa79ea" content-length 11374 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	19 KB 19 KB	192ms 106ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=149&y=74&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash ea1a371eb8e5499825ee291f0e61c5c3bd0070a8660d9d2461e15cf7627dab8b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "eb45ff67a0ea3d21078737739a3405b2" content-length 19182 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	13 KB 13 KB	130ms 129ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=149&y=76&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash f60986e3bd84ff4f937848e08cc81a013d357c9dc5aa92520f402562badd3e8c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "8d31840daf84007ca552803e0f1359f1" content-length 12806 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	9 KB 9 KB	94ms 93ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=150&y=74&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 33c5957d17ded5b79a6ac014ff5bd9d6b25b290af472779153e9aff462d93cdc Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "17c6398b24f3676ae7191033eb721512" content-length 9060 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	12 KB 12 KB	126ms 125ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=150&y=76&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash ad7635646d014525cff89c87ef5e8bc756286d2d02f05cb1e83e88805b535a78 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "2bc04a420294056fbc774b08e89a0e41" content-length 12273 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	3 KB 3 KB	129ms 128ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=147&y=74&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 397aea4125b32ffcaea5935c0c45bfbbcd465e2824ecb4509775e459bab1255c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "92dd1f39af2d37bca38fbe759cdd40a4" content-length 2582 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	11 KB 11 KB	129ms 128ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=147&y=75&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash a694343065e3ea48d208475a9f7947a17289cea136a0b7e9eef1e504691f866b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "7e8b5033dbd1240cf323bbd7c8ca775c" content-length 10763 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	9 KB 9 KB	126ms 125ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=147&y=76&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 2f0feb9f45abd0e20d8232cf2fcbbd27dc992debde640c734d3ac4998201fc78 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "6c67d1e7e9133630d5cf8227f704302e" content-length 8857 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	9 KB 9 KB	130ms 129ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=151&y=74&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 9e0a874c638d89185db5dd5f2a3917344a12b7a42606a62b39cc7e121c2c6f55 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "090c6f2510282d931fe2d6a27cd2199e" content-length 8996 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	11 KB 11 KB	130ms 129ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=151&y=75&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 8629406b26eb73290ff0f93ffd509db627aa548b2adf2c6f55367bbf9956b362 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "23b4ade9ec48208d94bff941b7d65d39" content-length 11339 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	12 KB 12 KB	130ms 129ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=151&y=76&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 9750e426a399222265dde9ceb68f7ddf1ee4fa1a27ec25b21522518709ba41d9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "8ebb04e0b63953003a90179fb98bfaab" content-length 12567 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	13 KB 13 KB	124ms 123ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=147&y=73&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash b99b854124dc9c57d7db14834be777bbc5837299bbc1da44006b1ce55571d403 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:40 GMT cache-control max-age=7654321 etag "f5c860de709e871a0af3f2bb3537205a" content-length 13374 content-type image/png
GET DATA	200 OK	truncated /	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 34cf8e0e6c2a6b25fa59ba31aecd238a612827b5895e24cee0ba58e47d72515e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	152 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c825ab46f6c799d1b2694913c1111977150739d55dae694ba6e41efe3d40e732 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	126 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dbd9b5b78b0d2b6513c22452dbc77094b9839195a20fcb06abd9eb3376643f32 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	358 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9613573c5095fd4c6b558212ba48604a686830b0875553737d568d00f8662368 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	233 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c71568321e1ff98c006f531f2dc3f8cbe90a2ec3e19809d21eeba5ea93a44af6 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response api-maps.yandex.ru/services/coverage/v2/	205 B 315 B	82ms 82ms	Script text/javascript	2a02:6b8::274 YNDX
General Check archive.org Show headers Download Go to Full URL https://api-maps.yandex.ru/services/coverage/v2/?l=map&ll=30.31362200,59.93772000&z=8&lang=ru_RU&callback=jsonp_yandex_coverage__l_map_ll_30_31362200_59_93772000_z_8_lang_ru_RU Requested by Host: yastatic.net URL: https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-28/build/release/full-d1de67c44ff77d445058e8457ca6578da7094d3a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash e14720547c60e43511ceaac8f7a1e33baf95e8830af373af2dbed94aca456b19 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT x-content-type-options nosniff, nosniff expires Mon, 29 Nov 2021 21:34:40 GMT etag W/"cd-w/Xhj4JgJGynqOkiaMWNHUDB/+U" content-length 205 x-xss-protection 1; mode=block content-type text/javascript; charset=utf-8
GET H2	200	sync.js Show response dmp.one/	89 KB 33 KB	127ms 125ms	Script application/javascript	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmp.one/sync.js?k=1630485193 Requested by Host: dmp.one URL: https://dmp.one/sync?stock_key=1b102086ff3b7547b0e7bea50b96fbc3&yid=cfa57eeec94945f1a7244ded5251f2c2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f81afcadbdcc75560e1a472f913c771d9e8aaefa9259405d65c00592f9f1eb2e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:40 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 01 Sep 2021 08:33:13 GMT server cloudflare etag W/"612f3ac9-164c8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCzd94eWwb4C5VFR%2FC%2B3D3bc%2BHwmsFo%2BbGdgDKbARRepZj5Wbn5Q3mVRhPTtu2pNObnZv9Ce6mj1W6oH5W5ClN6yZV8G2cy8ye1FNnsjbAT6sBjCRSoZr57Z7juAUL1k4VUKBXhk"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6b56b8c088830fa6-VIE
GET H/1.1	200 OK	/ Show response jsonip.com/	109 B 410 B	488ms 159ms	XHR application/json	2600:3c01::f03c:91ff:fe79:43b LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://jsonip.com/ Requested by Host: dmp.one URL: https://dmp.one/sync?stock_key=1b102086ff3b7547b0e7bea50b96fbc3&yid=cfa57eeec94945f1a7244ded5251f2c2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:3c01::f03c:91ff:fe79:43b Fremont, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 3067a26107e059b5a8ebccdcb4992e5a2b4838cf4d7f0fcb59f0be9e070b6814 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:41 GMT Server nginx/1.20.1 Strict-Transport-Security max-age=31536000; Access-Control-Allow-Methods GET Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	71ms 71ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:40 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 272ec41d07caa8473de42b7b1f165fb06410fbae329bf85ffb87dbc154c51683 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 60e00c41f1281b56c8cf69daec92596c0e7188c71e35a97dbe9fb5dabd594579 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c06d43594224d79cfe4372d349140b571a891a2d9a89a2db086613abc936fc76 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	home.png www.billing.novostroy-gid.ru/static/images/	15 KB 15 KB	78ms 78ms	Image image/png	185.129.100.49 DDOS-GUARD
General Check archive.org Show headers Download Go to Show image Full URL https://www.billing.novostroy-gid.ru/static/images/home.png Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.129.100.49 , Russian Federation, ASN57724 (DDOS-GUARD, RU), Reverse DNS ddos-guard.net Software ddos-guard / Resource Hash 797192ab58f6bdd34623438cf1155e04a293725f9e1ee7c6b16d847516546dc4 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; last-modified Fri, 27 Nov 2020 07:36:58 GMT server ddos-guard etag "5fc0ac9a-3c26" content-type image/png cache-control max-age=1209600 date Sun, 28 Nov 2021 21:36:13 GMT accept-ranges bytes content-length 15398 expires Sun, 12 Dec 2021 21:36:13 GMT
GET H2	200	sync Show response dmp.one/	65 B 357 B	133ms 133ms	Script text/html	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmp.one/sync?yid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b2fe1a5bc3b88590b58e8b89657d54a10556d705328fd88a1e4be6d15fdcd75 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:41 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHD%2BqLbQpGr67QUomScY7gUgt6i2LAPk0oyi4wvbe0WknlBTiqkGo1OkGpZd8bRXu0m6Y6A8s%2FELxruz2opxNdr7fZ%2BsLApZjQ53A0mPjjgiSD7RrMoxaVzmS9NxTmi8l88sqJm8"}],"group":"cf-nel","max_age":604800} cf-ray 6b56b8c27ae20fa6-VIE
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eda6bda6f9fba28d051fe165c90c5bc6cebee11d74fc24ed75da16f7f37fa743 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 678ced5cf07316334b21419cccf0f9ab491dcc0ee386b2d67ec062a8d4aedb97 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 31a1109a1a983cae5867c2f84010416c92eaa92404ebfb72ca5d6b4c523a0df0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	15 KB 15 KB	41ms 41ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=148&y=73&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 49560bad0764ae6700bf5253025cdfac66fca304b0fc16ad4274420c528c5f7c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:41 GMT cache-control max-age=7654321 etag "11e1cd9524a81700f5dff6172c43c0e5" content-length 15215 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	13 KB 13 KB	42ms 41ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=149&y=73&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 96796c869696092ba60502adf7ff003a26a07a5fa20cfeb72baca4f796110185 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:41 GMT cache-control max-age=7654321 etag "26ce7cfd5ef04d794f3a17d7a85370e3" content-length 13649 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	1 KB 1 KB	76ms 76ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=150&y=73&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 5f897fcafb880ac9224de3e28ba8816122090722391599310f71161efd09d03c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:41 GMT cache-control max-age=7654321 etag "3ed8d3762fe224f482d2c8ca6a0e5044" content-length 1321 content-type image/png
GET H2	200	tiles core-renderer-tiles.maps.yandex.net/	10 KB 10 KB	75ms 75ms	Image image/png	2a02:6b8::2b8 YNDX
General Check archive.org Show headers Download Go to Show image Full URL https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.11.28-1-b211103130830&x=151&y=73&z=8&scale=1&lang=ru_RU Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash b38b982adf38045bb3c994d44fc6abc719bdb24f41bf1d6de19796a75cf5fb03 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:41 GMT cache-control max-age=7654321 etag "7710b06b62f5b1300cbdd7667b015aaf" content-length 10208 content-type image/png
GET H2	200	/ Show response tls-eun1.fpapi.io/	208 B 335 B	102ms 26ms	XHR text/plain	13.248.141.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tls-eun1.fpapi.io/ Requested by Host: dmp.one URL: https://dmp.one/sync.js?k=1630485193 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.248.141.108 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a885e4cd4ba7f987e.awsglobalaccelerator.com Software / Resource Hash 3b65ee34186a0448d05c21ccb10793c81f99dbbfc1d42955796152c466f4a0b1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * strict-transport-security max-age=63072000; includeSubDomains cache-control max-age=2592000, immutable, private date Sun, 28 Nov 2021 21:34:41 GMT content-length 208 content-type text/plain; charset=utf-8
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 169 B	43ms 43ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=1&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=669285432&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1638135281%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213441%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135281&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:41 GMT last-modified Sun, 28-Nov-2021 21:34:41 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:41 GMT
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	72ms 72ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:41 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H2	200	img7021.png manalyticshub.com/content/img/ Redirect Chain https://manalyticshub.com/m/watch?type=2&token=fd7ff8d9-2a98-4312-a800-9da7384a9bdf&sid=cfa57eeec94945f1a7244ded5251f2c2 https://manalyticshub.com/content/img/img7021.png	120 B 209 B	32ms 32ms	Image image/png	40.69.88.149 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://manalyticshub.com/content/img/img7021.png Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 40.69.88.149 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash cbdee449ad6978388b4488eafb187977178070088cac0c3bf84a2344c317aede Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:41 GMT last-modified Tue, 10 Aug 2021 13:50:09 GMT server Microsoft-IIS/10.0 etag "1d78deea1fa7ef8" content-type image/png accept-ranges bytes content-length 120 request-context appId=cid-v1:0c7b4808-2372-4681-a536-13686db848ca Redirect headers location https://manalyticshub.com/content/img/img7021.png date Sun, 28 Nov 2021 21:34:41 GMT cache-control no-store server Microsoft-IIS/10.0 content-length 0 request-context appId=cid-v1:0c7b4808-2372-4681-a536-13686db848ca
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	72ms 71ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:41 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H/1.1	200 OK	code.php Show response rupertino.ru/	1 KB 756 B	65ms 13ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/code.php?code=XFZDGE5SWkxDU0ZMVEcfQEY=&id1=8011&id2=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e6214d35eda16e40cc66c053e91e5a1933de67f0ac1fb8d1b636d8854b66a4f2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:41 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H2	200	/ Show response c.dmp.one/	753 B 1 KB	165ms 63ms	XHR application/octet-stream	75.2.3.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.dmp.one/?cv=3.5.1 Requested by Host: dmp.one URL: https://dmp.one/sync.js?k=1630485193 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.3.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a1368e4e6e9dab683.awsglobalaccelerator.com Software nginx/1.20.0 / Resource Hash 18ba7dd8d9bf35abfc05619d58a1cda52a385b862ab004105f3b66ebc87608b0 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers date Sun, 28 Nov 2021 21:34:41 GMT server nginx/1.20.0 vary Origin content-type text/plain access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true strict-transport-security max-age=63072000 content-length 753
GET H/1.1	200 OK	pixel.php Show response statistik1.ru/pixel/ph/	27 B 425 B	227ms 54ms	Script text/html	82.202.249.27 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://statistik1.ru/pixel/ph/pixel.php?pfrom=11&logtype=3&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845 Requested by Host: rupertino.ru URL: https://rupertino.ru/code.php?code=XFZDGE5SWkxDU0ZMVEcfQEY=&id1=8011&id2=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.202.249.27 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.16.0 / Resource Hash 4d184fce7344f500080d14990a76f8101d6f9589a316993fdb837994f0602ed8 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:36:15 GMT Transfer-Encoding chunked Server nginx/1.16.0 Connection keep-alive Strict-Transport-Security max-age=31536000; Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	70ms 70ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:41 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H/1.1	200 OK	p pixel.hot-wifi.ru/	74 B 331 B	211ms 67ms	Image image/png	84.201.161.180 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.hot-wifi.ru/p?t=Kokoc&v=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.201.161.180 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software nginx / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx Connection keep-alive Content-Length 74 Content-Type image/png
GET H/1.1	200 OK	code1.php Show response rupertino.ru/	70 KB 71 KB	69ms 69ms	Script text/javascript	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/code1.php?pixel=1683783709&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%255D%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D Requested by Host: rupertino.ru URL: https://rupertino.ru/code.php?code=XFZDGE5SWkxDU0ZMVEcfQEY=&id1=8011&id2=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e29682d2920c715a9782596da24d976bfcda4cecab15852a41c8d55c92c69007 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8
POST H2	200	service Show response dmp.one/	4 KB 2 KB	592ms 551ms	XHR text/html	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmp.one/service Requested by Host: dmp.one URL: https://dmp.one/sync?stock_key=1b102086ff3b7547b0e7bea50b96fbc3&yid=cfa57eeec94945f1a7244ded5251f2c2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ce27999513d06d6949935451ffd65d0c9f9562a2b2dd1629b9d80b072196a0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin https://www.billing.novostroy-gid.ru report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cpT1%2FeOl71BuH4hdZH2KbeHNtVUoMkxf4KVnOEWo%2BanRPvXGziSJ6LhyCr%2BzFEIHbxEd2A%2FpSM%2F30mRkSL1TWxhLggpwRNEtq61oHyszg73R9Es0Wc6elSst3iaH2MrfbpddPAgr"}],"group":"cf-nel","max_age":604800} cache-control no-store, no-cache, must-revalidate cf-ray 6b56b8c8edcae8f7-MXP expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 73 B	417ms 41ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=1&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=461684730&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638135282%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213442%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135282&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:42 GMT last-modified Sun, 28-Nov-2021 21:34:42 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:42 GMT
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	117ms 70ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H/1.1	200 OK	websocket.php Show response rupertino.ru/	0 224 B	13ms 13ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/websocket.php Requested by Host: rupertino.ru URL: https://rupertino.ru/code1.php?pixel=1683783709&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%255D%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	189 KB 65 KB	92ms 92ms	Script application/javascript	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: rupertino.ru URL: https://rupertino.ru/code1.php?pixel=1683783709&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%255D%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br last-modified Fri, 26 Nov 2021 15:51:55 GMT etag "61a0d86b-101bc" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 65980 expires Sun, 28 Nov 2021 22:34:42 GMT
GET H/1.1	200 OK	ph.php Show response ixseptor.ru/ph/ Frame 9FB2	2 KB 2 KB	265ms 167ms	Document text/html	138.201.251.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Requested by Host: rupertino.ru URL: https://rupertino.ru/code1.php?pixel=1683783709&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%255D%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash dc4178cb399f39934b3159d9d584c72f753eebb110e7431ee82c28c4385516e0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ Response headers Server nginx/1.6.2 Date Sun, 28 Nov 2021 21:34:42 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response rupertino.ru/	154 KB 155 KB	13ms 12ms	Script application/javascript	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/jquery-1.10.2.min.js Requested by Host: rupertino.ru URL: https://rupertino.ru/code1.php?pixel=1683783709&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&pdid=cfa57eeec94945f1a7244ded5251f2c2&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%255D%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash cf11c90fa83f6fd90fa303e00dc798e811c2258c3d03e7e8d67045abb643432c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Last-Modified Tue, 25 Jul 2017 02:07:59 GMT Server nginx/1.6.2 ETag "5976a7ff-2695a" Content-Type application/javascript; charset=utf-8 Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 158042 Expires Wed, 08 Dec 2021 21:34:42 GMT
GET H/1.1	200 OK	check.php ixseptor.ru/ph/	0 224 B	114ms 14ms	Image text/html	138.201.251.19 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ixseptor.ru/ph/check.php?visits_id=425422862 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ get4click.ru/api/get-cookie/60c3e9e0acbb7c432d7585fe6c329f5906b379a1/pixel/	68 B 412 B	255ms 102ms	Image image/png	185.137.235.176 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://get4click.ru/api/get-cookie/60c3e9e0acbb7c432d7585fe6c329f5906b379a1/pixel/?pid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.137.235.176 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Length 68 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	56726485 Show response mc.yandex.com/watch/	331 B 410 B	41ms 40ms	XHR application/json	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/56726485?wmode=7&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A1068%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1468055301111%3Ahid%3A164184842%3Az%3A0%3Ai%3A20211128213442%3Aet%3A1638135282%3Ac%3A1%3Arn%3A633387938%3Arqn%3A1%3Au%3A1638135279642793507%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1638135277341%3Ads%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C1957%2C19%2C%2C%2C%2C2708%3Adsn%3A147%2C65%2C417%2C1%2C0%2C0%2C%2C2078%2C18%2C%2C%2C%2C2709%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1638135282%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash a2a50b37d01d3c57516c6233edb26763dc66bce2659fcee8858ce3577df47881 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:42 GMT x-content-type-options nosniff last-modified Sun, 28-Nov-2021 21:34:42 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:42 GMT
GET H/1.1	200 OK	pcbk.php ruperstat.ru/ext/datastore/ Frame 9FB2 Redirect Chain https://whitesaas.com/api/phone/check?api_key=rcZ61JD1pinUKP5HOH9ZeBomEdlN7VEXcizbUdsrXjIvbGupbTm&k_id=425422862&k_v=1&r=https://ruperstat.ru/ext/datastore/pcbk.php https://ruperstat.ru/ext/datastore/pcbk.php?e=0&p=0&k_id=425422862&k_v=1&z=1	49 B 256 B	319ms 51ms	Image image/png	188.124.36.221 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://ruperstat.ru/ext/datastore/pcbk.php?e=0&p=0&k_id=425422862&k_v=1&z=1 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Server 188.124.36.221 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.10.3 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type image/png Redirect headers location https://ruperstat.ru/ext/datastore/pcbk.php?e=0&p=0&k_id=425422862&k_v=1&z=1 date Sun, 28 Nov 2021 21:34:42 GMT server nginx access-control-allow-origin * content-type application/json
GET H/1.1	200 OK	/ get4click.ru/api/get-cookie/a16762da3db2b5b052c5eeb938978665916c3d51/pixel/ Frame 9FB2	68 B 412 B	161ms 101ms	Image image/png	185.137.235.176 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://get4click.ru/api/get-cookie/a16762da3db2b5b052c5eeb938978665916c3d51/pixel/?pid=425422862v1 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.137.235.176 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Length 68 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	v1.php statik-us.info/ Frame 9FB2	0 234 B	195ms 57ms	Image text/html	82.202.229.210 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://statik-us.info/v1.php?vid=425422862 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 82.202.229.210 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Server nginx/1.10.3 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	v3.js Show response stats.tazeros.com/ Frame 9FB2	42 KB 15 KB	46ms 10ms	Script application/javascript	192.46.232.52 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://stats.tazeros.com/v3.js Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.46.232.52 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li2175-52.members.linode.com Software nginx/1.14.2 / Resource Hash 68088387c0ec60245ff19d29833831af66799aabe51fad47a413dcc8fd0f2fa5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Last-Modified Thu, 23 Sep 2021 23:24:21 GMT Server nginx/1.14.2 ETag W/"614d0ca5-a75a" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control max-age=86400, public, no-transform Connection keep-alive Expires Mon, 29 Nov 2021 21:34:42 GMT
GET H2	200	prov10.php Show response pxl.knam.pro/code/ Frame F224	0 112 B	381ms 52ms	Document text/html	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/prov10.php?vid=1&id=425422862 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ Response headers server nginx/1.14.2 date Sun, 28 Nov 2021 21:34:49 GMT content-type text/html; charset=UTF-8 content-encoding gzip
GET H/1.1	200 OK	ph1.php Show response ixseptor.ru/ph/ Frame 9FB2	697 B 668 B	154ms 154ms	Script text/html	138.201.251.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ixseptor.ru/ph/ph1.php?vid=425422862&img=XFZDGE5SWkxDU0ZMVEcfQEY=&uid=8011&nid=442845&cookid=433815869&newstatid=78511287&pixel=1683783709&v=2 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 0e355b70de3b4574bbf3c025938dac34214018cd5338deb822f8e1a7abee0f34 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	/ Show response api09.tazeros.com/ Frame 9FB2	90 B 632 B	234ms 78ms	XHR application/json	95.84.138.196 NCNET-AS
General Check archive.org Show headers Download Go to Full URL https://api09.tazeros.com/ Requested by Host: stats.tazeros.com URL: https://stats.tazeros.com/v3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.84.138.196 Moscow, Russian Federation, ASN42610 (NCNET-AS, RU), Reverse DNS broadband-95-84-138-196.ip.moscow.rt.ru Software nginx/1.18.0 (Ubuntu) / Resource Hash 8086695983349b267d6b901a7297424488ba58b30c9efb00046581bb7283a295 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ixseptor.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, OPTIONS, POST Content-Type application/json Access-Control-Allow-Origin https://ixseptor.ru Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Origin, Authorization, Accept, Cache-Control, X-Requested-With, X-Requested-With, Access-Control-Allow-Credentials
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	71ms 70ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H/1.1	200 OK	index.php Show response leo-crm.ru/c/ Frame C289	847 B 731 B	174ms 11ms	Document text/html	138.201.251.19 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://leo-crm.ru/c/index.php?id=78511287 Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 565254e7e3cd129e56e149088027a9aa2a210dc8ccf098f095fc99beb02e1110 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ Response headers Server nginx/1.6.2 Date Sun, 28 Nov 2021 21:34:42 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H/1.1	200 OK	connect Show response api.pozvonim.com/widget/callback/v3/1a7280017870240894da572af188f3e7/ Frame 9FB2	3 KB 2 KB	262ms 92ms	Script application/javascript	80.75.132.198 MTT-AS
General Check archive.org Show headers Download Go to Full URL https://api.pozvonim.com/widget/callback/v3/1a7280017870240894da572af188f3e7/connect Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.75.132.198 , Russian Federation, ASN49476 (MTT-AS, RU), Reverse DNS Software nginx/1.12.1 / PHP/5.6.31 Resource Hash 7a59a3fc00aee900512fb454685c0900b4a49e8b724e9184716b9a21228db6f6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip Server nginx/1.12.1 Transfer-Encoding chunked X-Powered-By PHP/5.6.31 Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, UPDATE, DELETE, OPTIONS Content-Type application/javascript; charset=utf8 Access-Control-Max-Age 1728000 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
GET H2	200	event.js Show response topvisit.ru/metrika/	651 B 1 KB	237ms 166ms	Script application/javascript	2606:4700:3034::ac43:da1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://topvisit.ru/metrika/event.js?id=237d1581-d4ce-4f0c-ba4e-09e9d7974d74&userid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:da1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a46a930f68e33ee4998196048579405317747cf32d362bfcaef5044451c584a4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-dns-prefetch-control off report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRaLeL%2F8p7zRkWMlGaqIS55ZxFbDN9%2BAK3gIoqWTVAxD3vTn65F1ecJwi2dTwba01DRTK66SUDEjOmRRuTYVjj7tltxK6%2BpmYOFEhMgBzJvk693iRTFD0%2F1QpjolTSYVWHflyCcnuG9lzw%3D%3D"}],"group":"cf-nel","max_age":604800} vary Origin, Accept-Encoding x-xss-protection 1; mode=block server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 cf-ray 6b56b8cc8dd577f8-VIE
GET H/1.1	200 OK	matcher.js Show response cfv4.com/v2/	33 KB 13 KB	1040ms 618ms	Script text/javascript	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/matcher.js?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash ff0e21b83a341399caf31f7e2d1a9bc97d24842fd4fb22b3a280db9541b97b78 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:43 GMT content-encoding gzip Referrer-Policy no-referrer-when-downgrade ETag W/"31e2-D32WnosQLMmiuXQ+Byl/H9vKYic" X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru X-XSS-Protection 1; mode=block Connection keep-alive Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 12770 control-cache max-age=300 X-Content-Type-Options nosniff
GET H2	200	container_yaomli.js Show response static.yaomli.com/dmp/	341 B 465 B	81ms 13ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://static.yaomli.com/dmp/container_yaomli.js Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 9eb1b78ffd95b23c6bff92f4f49a99df563f300f2341179b1d52742e9aa2ef84 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-77-nzt AcO1rgVvpKf/KHMAAA== x-accel-expires @1638192202 date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br last-modified Fri, 24 Aug 2018 13:15:20 GMT server CDN77-Turbo x-77-nzt-ray WG9ENBLhxoU= etag W/"5b8004e8-155" x-77-cache HIT content-type application/javascript x-cache HIT x-age 29480 x-77-pop frankfurtDE
GET H2	200	watchjsu Show response manalyticshub.com/m/	0 469 B	41ms 39ms	Script application/javascript	40.69.88.149 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://manalyticshub.com/m/watchjsu?token=aa979c59-5586-4801-baa8-751664ce6e13&sid=61a3f5f22c0d03.429588213 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.69.88.149 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding gzip server Microsoft-IIS/10.0 cache-control no-store content-type application/javascript vary Accept-Encoding request-context appId=cid-v1:0c7b4808-2372-4681-a536-13686db848ca
GET H/1.1	200 OK	matcher.js Show response cfv4.com/v2/	33 KB 13 KB	1097ms 647ms	Script text/javascript	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/matcher.js?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash cd0151b2fb445969be620bfc925fa98b98ec5f943f30503f6505b8872f8a123e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:43 GMT content-encoding gzip Referrer-Policy no-referrer-when-downgrade ETag W/"3144-DpYbr3p4lrGVQgjH6+4bH10m9UM" X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru X-XSS-Protection 1; mode=block Connection keep-alive Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 12612 control-cache max-age=300 X-Content-Type-Options nosniff
GET H2	200	watchjsu Show response manalyticshub.com/m/	0 298 B	46ms 45ms	Script application/javascript	40.69.88.149 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://manalyticshub.com/m/watchjsu?token=13fe2cb8-e242-49a9-b4c8-9e8b7b3d7a98&sid=61a3f5f22c0d03.429588213 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.69.88.149 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding gzip server Microsoft-IIS/10.0 cache-control no-store content-type application/javascript vary Accept-Encoding request-context appId=cid-v1:0c7b4808-2372-4681-a536-13686db848ca
GET H2	200	abced21f-7cfa-4b1c-8eef-e1237bf86bf1 Show response c8tys.tnsis.ru/pixel/tags/	13 KB 4 KB	704ms 219ms	Script text/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://c8tys.tnsis.ru/pixel/tags/abced21f-7cfa-4b1c-8eef-e1237bf86bf1 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 509a0325b06cf5fb0d5521e63890dfe70bf7145ee24c907ba5677a1e75695162 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-id fr5-up-gc31 date Sun, 28 Nov 2021 21:34:43 GMT content-encoding gzip age 1987 x-cached-since 2021-11-28T21:15:23+00:00 x-trans-id 91077a63-9c49-42c9-a21e-050537526116 x-timestamp 1637876981.94506 last-modified Thu, 25 Nov 2021 21:49:42 GMT server nginx etag W/"ffc737e8be930e74ab31ebd9f4f59bfa" content-type text/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges cache-control max-age=600 cache REVALIDATED expires Sun, 28 Nov 2021 21:44:43 GMT
GET H/1.1	200 OK	p pxl.hot-wifi.ru/	74 B 331 B	230ms 52ms	Image image/png	84.201.161.180 YANDEXCLOUD
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.hot-wifi.ru/p?t=DMP1&v=61a3f5f22c0d03.429588213 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 84.201.161.180 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software nginx / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx Connection keep-alive Content-Length 74 Content-Type image/png
GET H2	200	liveinternet dmp.one/pb-data/ Redirect Chain https://counter.yadro.ru/id/finmed.gif?id=61a3f5f22c0d03.429588213&gif2x2=1 https://dmp.one/pb-data/liveinternet?id=61a3f5f22c0d03.429588213&gif2x2=1&p=0&e=0	0 295 B	80ms 80ms	Image text/html	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.one/pb-data/liveinternet?id=61a3f5f22c0d03.429588213&gif2x2=1&p=0&e=0 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDfhAWLWVM6ThEy8RQZPE20i5NoUkN0q4MH8h7kyvUSj4sOPAOjiIyWVOMCTe6lHTso04qwxu4YrNh%2FF9KSy%2BoGWueOYJX4fAFGl1nQJJzQ1c02lVSX3lm2CC1Kmx%2BSe%2BIQj9AI2"}],"group":"cf-nel","max_age":604800} cf-ray 6b56b8cd28a60fa6-VIE Redirect headers Location https://dmp.one/pb-data/liveinternet?id=61a3f5f22c0d03.429588213&gif2x2=1&p=0&e=0 Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.17.9 Connection keep-alive Content-Length 358 Strict-Transport-Security max-age=86400 Content-Type text/html; charset=iso-8859-1
GET H2	200	c_60b9c3902dd5c9d7c54d4b76459a5686.js Show response static.yaomli.com/dmp/	14 KB 4 KB	14ms 14ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://static.yaomli.com/dmp/c_60b9c3902dd5c9d7c54d4b76459a5686.js?3 Requested by Host: static.yaomli.com URL: https://static.yaomli.com/dmp/container_yaomli.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash b0d9f61606c8e059edd70fa02f24ceee8cd777bd704ab552634e7a78b6a63602 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-77-nzt AcO1rgUSx///z3EAAA== x-accel-expires @1638192547 date Sun, 28 Nov 2021 21:34:42 GMT content-encoding br last-modified Fri, 27 Jul 2018 13:56:00 GMT server CDN77-Turbo x-77-nzt-ray AZxf+y5TlAk= etag W/"5b5b2470-3655" x-77-cache HIT content-type application/javascript x-cache HIT x-age 29135 x-77-pop frankfurtDE
GET H/1.1	200 OK	/ Show response sync.yaomli.com/ Redirect Chain https://sync.yaomli.com/?src=etg1 https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjy64-NBlIFpszb7gM* https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjy64-NBlIFpszb7gOiARD_xIUSUJIR7IbgACWQwGR8 https://sync.yaomli.com/?src=etg1&s_data=CAIQABjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw* https://sync.yaomli.com/?src=etg1&s_data=CAIQARjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw*	66 B 588 B	7ms 7ms	Script application/javascript	31.172.81.172 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Full URL https://sync.yaomli.com/?src=etg1&s_data=CAIQARjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw* Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Server 31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash b80e78f9da5e44ad3b2a0408d2c28a2fad566dc7cc399151fe3116d474d35f6d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type application/javascript Content-Length 66 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx ETag ffc48512-5092-11ec-86e0-002590c0647c P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location //sync.yaomli.com/?src=etg1&s_data=CAIQARjy64-NBqIBEP_EhRJQkhHshuAAJZDAZHw* Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Connection keep-alive Content-Length 0
POST H/1.1	200 OK	/ Show response api09.tazeros.com/ Frame 9FB2	50 B 596 B	75ms 75ms	XHR application/json	95.84.138.196 NCNET-AS
General Check archive.org Show headers Download Go to Full URL https://api09.tazeros.com/ Requested by Host: stats.tazeros.com URL: https://stats.tazeros.com/v3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.84.138.196 Moscow, Russian Federation, ASN42610 (NCNET-AS, RU), Reverse DNS broadband-95-84-138-196.ip.moscow.rt.ru Software nginx/1.18.0 (Ubuntu) / Resource Hash 6643b7b6e2d06095d6a1d6df1280b05776a0fba1134761289dc22607dd099dda Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ixseptor.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, OPTIONS, POST Content-Type application/json Access-Control-Allow-Origin https://ixseptor.ru Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Origin, Authorization, Accept, Cache-Control, X-Requested-With, X-Requested-With, Access-Control-Allow-Credentials
GET H/1.1	200 OK	rtrg.gif ixseptor.ru/ Frame 9FB2 Redirect Chain https://ixseptor.ru/ph/tazeros.php?visit_id=425422862&visitor_id=api10-32ee98c3-3181-42c9-9413-366fbabdc9cd&fingerprint_id=e5033af72e4b1de1f276216148490a64&session_id=7430396929_1638135282478 https://ixseptor.ru/rtrg.gif	49 B 355 B	11ms 11ms	Image image/gif	138.201.251.19 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ixseptor.ru/rtrg.gif Requested by Host: ixseptor.ru URL: https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 Protocol HTTP/1.1 Server 138.201.251.19 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.19.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ph/ph.php?nid=442845&uid=8011&cookid=433815869&img=XFZDGE5SWkxDU0ZMVEcfQEY=&pixel=1683783709&newmoney=0&newnomera=927497&newstatid=78511287&ixs=1&hide=0&isme=1&visits_id=425422862&isamail=0&devicetype=Desktop&bname=Chrome%2096&osname=Windows%2010 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Last-Modified Wed, 13 Mar 2019 09:43:33 GMT Server nginx/1.6.2 ETag "5c88d0c5-31" Content-Type image/gif Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 49 Expires Wed, 08 Dec 2021 21:34:42 GMT Redirect headers Location https://ixseptor.ru/rtrg.gif Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	api Show response whitesaas.com/ Frame C289	89 B 294 B	64ms 64ms	Script text/javascript	82.202.217.213 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://whitesaas.com/api?action=load&callback=jWS214056225029260328134_16381352827163&code=dc58e87342f96fcee87395b0416d8fc3&url=https%3A%2F%2Ftutor21.ru%2F&referrer=false&cookie=&visit_count=0&visitorId=&platform=Win32&visitorHash=&_=1638135282732 Requested by Host: leo-crm.ru URL: https://leo-crm.ru/c/index.php?id=78511287 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 82.202.217.213 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash b63bfac5f06ccc2282702015832fa76d2d90e5c3c5a91a536c3b895e567e0bbf Request headers Accept-Language de-DE,de;q=0.9 Referer https://leo-crm.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:42 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript;charset=UTF-8
GET H3	200	tag Show response topvisit.ru/metrika/	16 B 910 B	305ms 285ms	XHR application/json	2606:4700:3034::ac43:da1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://topvisit.ru/metrika/tag?id=237d1581-d4ce-4f0c-ba4e-09e9d7974d74&userid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: topvisit.ru URL: https://topvisit.ru/metrika/event.js?id=237d1581-d4ce-4f0c-ba4e-09e9d7974d74&userid=cfa57eeec94945f1a7244ded5251f2c2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:da1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-dns-prefetch-control off report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhozF44JItrkmPhrRnMXv2APdxbWNcPxKEaOXige15wxfSNwJ2u9EX2B3aPeHn4MOiiUggs4Pyh%2BuZYhSiOX2E3kQ5jVNqqbbKot9n8MaWknDTbZYvoVBCTytDDrrZdqkdVAGsILfIyFYg%3D%3D"}],"group":"cf-nel","max_age":604800} vary Origin content-length 16 x-xss-protection 1; mode=block server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen content-type application/json; charset=utf-8 access-control-allow-origin https://www.billing.novostroy-gid.ru alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 access-control-allow-credentials true cf-ray 6b56b8cd9b8a4d8a-FRA
GET H2	200	/ Show response vh126.timeweb.ru/parking/ Redirect Chain https://pxl.viewclick.ru/script.php?code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851 https://vh126.timeweb.ru/parking/?ref=pxl.viewclick.ru&code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851	0 0	247ms 73ms	Script text/html	2a03:6f00:1::5c35:608c TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://vh126.timeweb.ru/parking/?ref=pxl.viewclick.ru&code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 2a03:6f00:1::5c35:608c , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Redirect headers location https://vh126.timeweb.ru/parking/?ref=pxl.viewclick.ru&code=QlJaU1UdQlFUQVZVUVBaHEFH&id1=1&id2=158851 date Sun, 28 Nov 2021 21:34:43 GMT cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 server nginx/1.14.1 content-length 185 content-type text/html
GET H2	200	watchjsu Show response manalyticshub.com/m/	0 298 B	39ms 39ms	Script application/javascript	40.69.88.149 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://manalyticshub.com/m/watchjsu?token=0069de4b-c8e3-46d6-9b66-205aef035e95&sid=434 Requested by Host: topvisit.ru URL: https://topvisit.ru/metrika/event.js?id=237d1581-d4ce-4f0c-ba4e-09e9d7974d74&userid=cfa57eeec94945f1a7244ded5251f2c2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.69.88.149 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:42 GMT content-encoding gzip server Microsoft-IIS/10.0 cache-control no-store content-type application/javascript vary Accept-Encoding request-context appId=cid-v1:0c7b4808-2372-4681-a536-13686db848ca
GET H/1.1	200 OK	/ sync3.sniperlog.ru/ Redirect Chain https://sync.bumlam.com/?src=dmp3&cmp=pix7&act=datasend&data64=eyJycWlkIjoxLCJzX3VpZDMiOiIiLCJzZV91aWQzIjoiIiwic2lkIjoiODQ0NGZhZTQtYmM4ZC00N2RkLTkzYzMtZTU3OTBmZDA5M2RiIiwic2l0ZV9pZCI6IjJkOWY5NWIzLT... https://sync3.adsniper.ru/?src=ggl&s_data=CAEQABjy64-NBlIF27zswQRaGAoCY2ISEjAuOTE0NDUwOTQ3MTM0NjY2MlrvAQoGZGF0YTY0EuQBZXlKeWNXbGtJam94TENKelgzVnBaRE1pT2lJaUxDSnpaVjkxYVdReklqb2lJaXdpYzJsa0lqb2lPRFE... https://sync.bumlam.com/?src=dmp3&s_data=CAIQABjy64-NBloYCgJjYhISMC45MTQ0NTA5NDcxMzQ2NjYyWu8BCgZkYXRhNjQS5AFleUp5Y1dsa0lqb3hMQ0p6WDNWcFpETWlPaUlpTENKelpWOTFhV1F6SWpvaUlpd2ljMmxrSWpvaU9EUTBOR1poWlRR... https://sync.bumlam.com/?src=dmp3&s_data=CAIQARjy64-NBloYCgJjYhISMC45MTQ0NTA5NDcxMzQ2NjYyWu8BCgZkYXRhNjQS5AFleUp5Y1dsa0lqb3hMQ0p6WDNWcFpETWlPaUlpTENKelpWOTFhV1F6SWpvaUlpd2ljMmxrSWpvaU9EUTBOR1poWlRR... https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=&extra2=dmp3 https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=dmp3&google_gid=CAESEFpGq5KK8VugxDIF9gSWRlw&google_cver=1	43 B 516 B	59ms 7ms	Image image/gif	31.172.81.160 DE-FIRSTCOLO www....
General Check archive.org Show headers Download Go to Show image Full URL https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=dmp3&google_gid=CAESEFpGq5KK8VugxDIF9gSWRlw&google_cver=1 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol HTTP/1.1 Server 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Cache-Control no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0 Server nginx Connection keep-alive Content-Type image/gif Content-Length 43 P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Redirect headers pragma no-cache date Sun, 28 Nov 2021 21:34:42 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync3.sniperlog.ru/?src=ggl&extra1=&extra2=dmp3&google_gid=CAESEFpGq5KK8VugxDIF9gSWRlw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 321 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	71ms 71ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:42 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H/1.1	200 OK	pozvonim.min.js Show response cdn.pozvonim.com/widget/ Frame 9FB2	760 KB 181 KB	361ms 58ms	Script application/javascript	80.75.132.198 MTT-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Requested by Host: api.pozvonim.com URL: https://api.pozvonim.com/widget/callback/v3/1a7280017870240894da572af188f3e7/connect Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.75.132.198 , Russian Federation, ASN49476 (MTT-AS, RU), Reverse DNS Software nginx/1.12.1 / Resource Hash eea350c92749fd3fb86dca043a66da3a48ccc1d60aa321ca6146cb94a4ece203 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Content-Encoding gzip Server nginx/1.12.1 Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, UPDATE, DELETE, OPTIONS Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Max-Age 1728000 Cache-Control max-age=31104000 Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Expires Wed, 23 Nov 2022 21:34:43 GMT
GET H2	200	mmjtyo pixel.detmir.ru/	43 B 299 B	225ms 160ms	Image image/gif	178.248.232.181 QRATOR
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.detmir.ru/mmjtyo?id_profiledata=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.248.232.181 , Russian Federation, ASN197068 (QRATOR, RU), Reverse DNS Software QRATOR / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:43 GMT server QRATOR etag W/"2b-La6qi18Z8LwgnZdsAr1qy1GwCwo" content-type image/gif cache-control no-cache, no-store, must-revalidate content-length 43 expires 0
GET H2	200	id.html Show response static.user-red.com/engine/ Frame A0F1	2 KB 1014 B	85ms 14ms	Document text/html	2a02:6ea0:c700::10 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://static.user-red.com/engine/id.html?service=https%3A%2F%2Fsynce.user-red.com&code=ffc48512-5092-11ec-86e0-002590c0647c Requested by Host: static.yaomli.com URL: https://static.yaomli.com/dmp/c_60b9c3902dd5c9d7c54d4b76459a5686.js?3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 59fd4dd92b3a57648fbaadd094123913a91c2a8cf248a71e816b8c80a4ae909c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ Response headers date Sun, 28 Nov 2021 21:34:43 GMT content-type text/html last-modified Mon, 28 Sep 2020 08:45:24 GMT etag W/"5f71a2a4-661" access-control-allow-origin * access-control-allow-headers * x-accel-expires @1638277504 server CDN77-Turbo x-77-nzt Abk73BCagKX/c6YNAA== x-77-nzt-ray LmQ3hUMC55k= x-cache HIT x-age 894579 x-77-pop frankfurtDE x-77-cache HIT content-encoding br
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	70ms 70ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 145 B	52ms 51ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=2&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=205418038&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638135283%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213443%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135283&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:43 GMT last-modified Sun, 28-Nov-2021 21:34:43 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:43 GMT
GET H2	200	code.php Show response pxl.knam.pro/code/	31 KB 31 KB	53ms 53ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/code.php?pid=214&uid=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 60cab6ef95cf52fb50ead028125c761652d8cd5c36c7c4b011eb84ea26bc9f1b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:50 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	72ms 71ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
GET H2	200	/ Show response abcdata-pxl.tech/partners/	0 208 B	523ms 72ms	Script application/x-javascript	77.222.40.109 SWEB-AS
General Check archive.org Show headers Download Go to Full URL https://abcdata-pxl.tech/partners/?key=ab48faef3ef2d37f4746d25c96c4e675&user=cfa57eeec94945f1a7244ded5251f2c2 Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 77.222.40.109 , Russian Federation, ASN44112 (SWEB-AS, RU), Reverse DNS vh286.sweb.ru Software nginx/1.19.1 / PHP/7.4.16 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:43 GMT server nginx/1.19.1 x-powered-by PHP/7.4.16 content-length 0 content-type application/x-javascript; charset=utf-8
GET H2	200	code1.php Show response pxl.knam.pro/code/	2 KB 2 KB	390ms 390ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/code1.php?title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%255D&fprint=3bf3e30f415e175e6123505f6cba2576&uid=cfa57eeec94945f1a7244ded5251f2c2&pid=214 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/code.php?pid=214&uid=cfa57eeec94945f1a7244ded5251f2c2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash bc52789b422b50734e75b88629bf7e4081ef4a156e3492d7c092a85b61cad951 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:50 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H2	200	emojione.min.js Show response cdnjs.cloudflare.com/ajax/libs/emojione/2.1.4/lib/js/ Frame 9FB2	189 KB 21 KB	73ms 33ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/emojione/2.1.4/lib/js/emojione.min.js?_=1638135283384 Requested by Host: cdn.pozvonim.com URL: https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ee1289e9a934487022e65c2df63495380ffe2545f9964daaa4b85ae48ce1c2b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1029369 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 20240 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:53 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e51-2f329" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm4Mr6jLhvN9gFxvsU7UybC07xaGASbpwsQEh%2B47D1iXJ57%2BWJ7XeYPghENwd1Zynlzd4H0%2B%2FYPgZxNCUd9%2BQaUb4ZfAW6JSoe%2BCuMrdYl%2Bjk4bHiYLAn0%2B2QtRcCgNw12ZJe%2FkgOHxr4GV8IEijvK3z"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b56b8d17da70e16-MXP expires Fri, 18 Nov 2022 21:34:43 GMT
GET H3	200	emojione.sprites.css cdnjs.cloudflare.com/ajax/libs/emojione/2.1.4/assets/sprites/ Frame 9FB2	85 KB 6 KB	67ms 42ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/emojione/2.1.4/assets/sprites/emojione.sprites.css Requested by Host: cdn.pozvonim.com URL: https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 704c2c78d408f86ff780e34366cacf853b5a0561ad5e6a7ca759e413e07bcde8 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 532557 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5627 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:53 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e51-1522f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpkyY28eZ2I4QWbCxXT0lwZujKMZBk7MKXGdpn1zvt2D4HrPIXw6rZrx7hhS%2Fz3%2F1xY8paPw1w1cC65L8aIBovQkyd3YbFvvhz10ELd%2BMhOSSFNldPcoWwAab24tohRvWN8yCgIMx9ZFg%2BM%2FP5MsQFyo"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6b56b8d1faff5a37-MXP expires Fri, 18 Nov 2022 21:34:43 GMT
GET H/1.1	200 OK	crossdomain.html Show response cdn.pozvonim.com/ Frame 25FB	1 KB 1 KB	58ms 57ms	Document text/html	80.75.132.198 MTT-AS
General Check archive.org Show headers Download Go to Full URL https://cdn.pozvonim.com/crossdomain.html?v2 Requested by Host: cdn.pozvonim.com URL: https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.75.132.198 , Russian Federation, ASN49476 (MTT-AS, RU), Reverse DNS Software nginx/1.12.1 / Resource Hash 92c1a132fdb5bbc5ce66608767ad176b83c30623d75c54ba8fca731b6b282c86 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ixseptor.ru/ Response headers Server nginx/1.12.1 Date Sun, 28 Nov 2021 21:34:43 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Access-Control-Allow-Credentials true Access-Control-Max-Age 1728000 Access-Control-Allow-Methods GET, POST, UPDATE, DELETE, OPTIONS Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since Content-Encoding gzip
POST H/1.1	204 No Content	stats.php Show response api.pozvonim.com/widget/ Frame 9FB2	0 526 B	58ms 57ms	XHR text/html	80.75.132.198 MTT-AS
General Check archive.org Show headers Download Go to Full URL https://api.pozvonim.com/widget/stats.php Requested by Host: cdn.pozvonim.com URL: https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.75.132.198 , Russian Federation, ASN49476 (MTT-AS, RU), Reverse DNS Software nginx/1.12.1 / PHP/5.6.31 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ixseptor.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Server nginx/1.12.1 X-Powered-By PHP/5.6.31 Access-Control-Max-Age 1728000 Access-Control-Allow-Methods GET, POST, UPDATE, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://ixseptor.ru Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
POST H/1.1	204 No Content	stats.php Show response api.pozvonim.com/widget/ Frame 9FB2	0 526 B	114ms 56ms	XHR text/html	80.75.132.198 MTT-AS
General Check archive.org Show headers Download Go to Full URL https://api.pozvonim.com/widget/stats.php Requested by Host: cdn.pozvonim.com URL: https://cdn.pozvonim.com/widget/pozvonim.min.js?build=1579866366 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.75.132.198 , Russian Federation, ASN49476 (MTT-AS, RU), Reverse DNS Software nginx/1.12.1 / PHP/5.6.31 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ixseptor.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Server nginx/1.12.1 X-Powered-By PHP/5.6.31 Access-Control-Max-Age 1728000 Access-Control-Allow-Methods GET, POST, UPDATE, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://ixseptor.ru Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
GET H/1.1	200 OK	options.json Show response cfv4.com/v2/	274 B 1020 B	94ms 93ms	XHR application/json	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/options.json?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Requested by Host: cfv4.com URL: https://cfv4.com/v2/matcher.js?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash c42357f197ab985289f7a6a1c61c9563291c60ab6877ca86a5916f2a7763e80e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ X-Session-ID 657592b0-308c-48b4-b657-1f2b0ec3e96d Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache Date Sun, 28 Nov 2021 21:34:43 GMT Referrer-Policy no-referrer-when-downgrade ETag 89b22fdb-d982-4efe-846c-9ee38b6c8616 X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru cache-control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 274 X-XSS-Protection 1; mode=block expires 0
OPTIONS H/1.1	200 OK	options.json cfv4.com/v2/ Frame	0 0	191ms 59ms	Preflight	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/options.json?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-session-id Origin https://www.billing.novostroy-gid.ru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Vary Access-Control-Request-Headers Access-Control-Allow-Headers x-session-id X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 Referrer-Policy no-referrer-when-downgrade X-Frame-Options SAMEORIGIN
GET H2	200	sslba.php Show response cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/	571 B 1 KB	134ms 48ms	Script application/javascript	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sslba.php?idClient=61&idCampaign=92119&sonar=true&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&ref=&status=new&gi=2494d0f88dc7462984cc4b5e57dee19b Requested by Host: c8tys.tnsis.ru URL: https://c8tys.tnsis.ru/pixel/tags/abced21f-7cfa-4b1c-8eef-e1237bf86bf1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash c0b84690498116c6942b9e69eda772ed019a6e0d474c891a770d9f2da271b810 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:43 GMT mode no-cors server nginx/1.20.1 content-type application/javascript
GET H/1.1	200 OK	options.json Show response cfv4.com/v2/	125 B 871 B	94ms 94ms	XHR application/json	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/options.json?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Requested by Host: cfv4.com URL: https://cfv4.com/v2/matcher.js?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash 0939a915174850b4e8ec25eab5f4496f884296fede8703b408f33a3c1e150848 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ X-Session-ID 4a5e833e-2bec-492b-9c75-959381990a3f Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache Date Sun, 28 Nov 2021 21:34:43 GMT Referrer-Policy no-referrer-when-downgrade ETag 4d4b264d-2f8b-464c-b558-80abb99a4b03 X-Frame-Options SAMEORIGIN Connection keep-alive Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru cache-control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 125 X-XSS-Protection 1; mode=block expires 0
OPTIONS H/1.1	200 OK	options.json cfv4.com/v2/ Frame	0 0	172ms 50ms	Preflight	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/options.json?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers x-session-id Origin https://www.billing.novostroy-gid.ru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Vary Access-Control-Request-Headers Access-Control-Allow-Headers x-session-id X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 Referrer-Policy no-referrer-when-downgrade X-Frame-Options SAMEORIGIN
GET H2	200	run.php Show response pxl.knam.pro/code/	359 B 483 B	56ms 56ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/run.php?id=11&vid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/code1.php?title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%255D&fprint=3bf3e30f415e175e6123505f6cba2576&uid=cfa57eeec94945f1a7244ded5251f2c2&pid=214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 51e755c66d90ff127ade0c023a83ec1f1a4a39b788e918d71a6739f3075429c7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:50 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H2	200	rtrg.gif pxl.knam.pro/code/ Redirect Chain https://whitesaas.com/api/phone/check?api_key=z34714321fhje2z&k_id=20598911&k_rpid=84757883&r=https://pxl.knam.pro/code/prov11.php https://pxl.knam.pro/code/prov11.php?e=0&p=0&k_id=20598911&k_rpid=84757883&z=1 https://pxl.knam.pro/code/rtrg.gif	49 B 173 B	52ms 52ms	Image image/gif	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.knam.pro/code/rtrg.gif Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:50 GMT last-modified Tue, 27 Oct 2020 09:58:11 GMT server nginx/1.14.2 accept-ranges bytes etag "5f97ef33-31" content-length 49 content-type image/gif Redirect headers location https://pxl.knam.pro/code/rtrg.gif date Sun, 28 Nov 2021 21:34:50 GMT server nginx/1.14.2 content-type text/html; charset=UTF-8
GET H2	200	run1.php pxl.knam.pro/code/	0 124 B	55ms 55ms	Image text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.knam.pro/code/run1.php?id=84757883 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:50 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
POST H/1.1	200 OK	39cea395-7dfd-4e1f-9fb1-90b68faf591c Show response profilepxl.ru/t/	232 B 795 B	71ms 71ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/t/39cea395-7dfd-4e1f-9fb1-90b68faf591c Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 54c5ab752522056903e0438fa01cc2c28e377f14c2a74846781ad3d4eb65df0e Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 232
OPTIONS H/1.1	200 OK	visit cfv4.com/v2/ Frame	0 0	50ms 50ms	Preflight	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/visit?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-session-id Origin https://www.billing.novostroy-gid.ru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Sun, 28 Nov 2021 21:34:43 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Vary Access-Control-Request-Headers Access-Control-Allow-Headers content-type,x-session-id X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 Referrer-Policy no-referrer-when-downgrade X-Frame-Options SAMEORIGIN
POST H/1.1	201 Created	visit Show response cfv4.com/v2/	45 B 571 B	260ms 260ms	XHR application/json	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/visit?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Requested by Host: cfv4.com URL: https://cfv4.com/v2/matcher.js?apiToken=36c70f29-772c-4106-a4a5-4154136749d5&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash d3fb3bc6c8506fd993ec7f2cb627dedcc645b41620da06edada2051c290b3f19 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ X-Session-ID 657592b0-308c-48b4-b657-1f2b0ec3e96d Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers Date Sun, 28 Nov 2021 21:34:44 GMT Referrer-Policy no-referrer-when-downgrade ETag W/"2d-fzLOpDVOQ473fkUyomHVrw7mQA8" X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Connection keep-alive Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 45 X-XSS-Protection 1; mode=block
GET H2	200	pixel integration.cfv4.com/api/	95 B 322 B	671ms 276ms	Image image/png	188.124.36.8 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL https://integration.cfv4.com/api/pixel?mapperId=f86121ee-62db-456f-bc42-17069fc0b4d7&subscriberId=fe88d122-53ab-48af-a89e-b2b867984261&needPhone=1&needEmail=0 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.124.36.8 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:44 GMT cache-control must-revalidate, no-cache, private referrer-policy no-referrer-when-downgrade x-xss-protection 1; mode=block x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubDomains; preload content-type image/png
OPTIONS H/1.1	200 OK	visit cfv4.com/v2/ Frame	0 0	55ms 55ms	Preflight	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/visit?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-session-id Origin https://www.billing.novostroy-gid.ru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers Date Sun, 28 Nov 2021 21:34:44 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Vary Access-Control-Request-Headers Access-Control-Allow-Headers content-type,x-session-id X-XSS-Protection 1; mode=block Strict-Transport-Security max-age=63072000; includeSubDomains; preload max-age=31536000 Referrer-Policy no-referrer-when-downgrade X-Frame-Options SAMEORIGIN
POST H/1.1	201 Created	visit Show response cfv4.com/v2/	45 B 571 B	244ms 243ms	XHR application/json	185.151.241.28 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://cfv4.com/v2/visit?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Requested by Host: cfv4.com URL: https://cfv4.com/v2/matcher.js?apiToken=eb0ecb77-8a42-46ab-955d-75e55d51a2d6&sid=61a3f5f22c0d03.429588213 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.151.241.28 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software / Resource Hash 2a51b46986547e6e07ce9d3c9e3e87adee846ec9c66f2c8cfc85ec9e42be014c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ X-Session-ID 4a5e833e-2bec-492b-9c75-959381990a3f Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/json; charset=UTF-8 Response headers Date Sun, 28 Nov 2021 21:34:44 GMT Referrer-Policy no-referrer-when-downgrade ETag W/"2d-tEEkvg5QCJvRLnhMkhT55zHoy6M" X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.billing.novostroy-gid.ru Connection keep-alive Access-Control-Allow-Credentials true Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31536000 Content-Length 45 X-XSS-Protection 1; mode=block
GET H2	200	check.js Show response sonar.semantiqo.com/4e3ll/	24 KB 24 KB	129ms 40ms	Script application/javascript	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sonar.semantiqo.com/4e3ll/check.js?caltat1=ed3633a5adc2495dac6d4cc5c5534399&idClient=61&idCampaign=92119&csid=ed3633a5adc2495dac6d4cc5c5534399&service=sslba Requested by Host: cdn3.caltat.com URL: https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sslba.php?idClient=61&idCampaign=92119&sonar=true&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&ref=&status=new&gi=2494d0f88dc7462984cc4b5e57dee19b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash 11094b86657b43dec70192186295e0f89eb4b928cf080603230d6169b3ec5f0d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:44 GMT mode no-cors last-modified Fri, 26 Nov 2021 13:44:03 GMT server nginx/1.20.1 etag "61a0e4a3-5f6e" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes access-control-allow-headers Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers content-length 24430
GET H2	200	33A4595C.php cdn3.caltat.com/ll/	0 154 B	35ms 35ms	Image text/html	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn3.caltat.com/ll/33A4595C.php?sid=ed3633a5adc2495dac6d4cc5c5534399&idCampaign=92119 Requested by Host: www.billing.novostroy-gid.ru URL: https://www.billing.novostroy-gid.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers access-control-allow-origin * date Sun, 28 Nov 2021 21:34:44 GMT content-encoding gzip server nginx/1.20.1 mode no-cors content-type text/html; charset=UTF-8
POST H2	200	tracker top-fwz1.mail.ru/	43 B 952 B	59ms 59ms	Ping image/gif	217.69.133.145 MAILRU-AS Mail.Ru
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/tracker?js=13;id=3068425;u=https%3A//www.billing.novostroy-gid.ru/;st=1638135280049;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8f60981cb6fd06d;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1638135277341/////0/1/148/148/213/166/213/630/631/751/2708/2708/2727/7285/7285/;ni=9.2//4g/0/0/;detect=0;lvid=1638135280242%3A1638135284630%3A3%3Ac125781a4f89dbe724aa011e99a63e3b;opts=dl;visible=true;_=0.41553447122730214;e=RT/load;et=1638135284629 Requested by Host: top-fwz1.mail.ru URL: https://top-fwz1.mail.ru/js/code.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Nov 2021 21:34:44 GMT x-content-type-options nosniff p3p CP="NOI DSP COR NID CUR PSA OUR NOR" content-length 43 pragma no-cache amp-access-control-allow-source-origin https://www.billing.novostroy-gid.ru server nginx access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-expose-headers AMP-Access-Control-Allow-Source-Origin cache-control private, no-cache, no-store, max-age=0 access-control-allow-credentials true accept-ch-lifetime 86400 accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version timing-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-headers *
GET H/1.1	200 OK	setmyobj.php rupertino.ru/	0 224 B	13ms 12ms	Image text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://rupertino.ru/setmyobj.php?code=XFZDGE5SWkxDU0ZMVEcfQEY=&c=433815869&s=0&clicks=undefined&page=NaN&moves=undefined&scrolls=undefined&scrollspercent=undefined&bname=Chrome%2096&devicetype=Desktop&osname=Windows%2010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:44 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	invoke Show response profilepxl.ru/	15 B 577 B	81ms 81ms	XHR application/json	95.213.192.244 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://profilepxl.ru/invoke Requested by Host: profilepxl.ru URL: https://profilepxl.ru/s.js?id=39cea395-7dfd-4e1f-9fb1-90b68faf591c Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.213.192.244 Novosibirsk, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:45 GMT Server nginx/1.14.0 (Ubuntu) vary Origin Content-Type application/json access-control-allow-origin https://www.billing.novostroy-gid.ru access-control-allow-credentials true Connection keep-alive Content-Length 15
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 145 B	131ms 83ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=3&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=830834235&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638135285%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213445%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135285&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:45 GMT last-modified Sun, 28-Nov-2021 21:34:45 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:45 GMT
GET H2	200	/ Show response sonar.semantiqo.com/i/ Frame 0CD3	166 B 518 B	37ms 37ms	Document text/html	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sonar.semantiqo.com/i/ Requested by Host: sonar.semantiqo.com URL: https://sonar.semantiqo.com/4e3ll/check.js?caltat1=ed3633a5adc2495dac6d4cc5c5534399&idClient=61&idCampaign=92119&csid=ed3633a5adc2495dac6d4cc5c5534399&service=sslba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash eb67f0a083db90b7da9b98a8a8a78ac8ab2c5c7f813126927f7282a16a8abc0f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ Response headers server nginx/1.20.1 date Sun, 28 Nov 2021 21:34:45 GMT content-type text/html last-modified Wed, 06 Oct 2021 15:45:15 GMT etag W/"615dc48b-a6" content-encoding gzip mode no-cors access-control-allow-origin * access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers cache-control no-cache
GET H2	200	b.js Show response sonar.semantiqo.com/i/ Frame 0CD3	7 KB 7 KB	36ms 36ms	Script application/javascript	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sonar.semantiqo.com/i/b.js Requested by Host: sonar.semantiqo.com URL: https://sonar.semantiqo.com/i/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash a5999cec348d9c44155de3607778eab37958803f0e379211a327cb5b5f69b2db Request headers Accept-Language de-DE,de;q=0.9 Referer https://sonar.semantiqo.com/i/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:45 GMT mode no-cors last-modified Wed, 06 Oct 2021 15:45:15 GMT server nginx/1.20.1 etag "615dc48b-1bba" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript access-control-allow-origin * cache-control no-cache accept-ranges bytes access-control-allow-headers Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers content-length 7098
POST H2	200	analize.js sonar.semantiqo.com/4e3ll/	0 0	100ms 35ms	Fetch text/html	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sonar.semantiqo.com/4e3ll/analize.js Requested by Host: sonar.semantiqo.com URL: https://sonar.semantiqo.com/4e3ll/check.js?caltat1=ed3633a5adc2495dac6d4cc5c5534399&idClient=61&idCampaign=92119&csid=ed3633a5adc2495dac6d4cc5c5534399&service=sslba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Nov 2021 21:34:45 GMT content-encoding gzip server nginx/1.20.1 mode no-cors access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache access-control-allow-headers Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
POST H2	200	analize.js sonar.semantiqo.com/4e3ll/	0 0	99ms 36ms	Fetch text/html	95.217.109.66 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sonar.semantiqo.com/4e3ll/analize.js Requested by Host: sonar.semantiqo.com URL: https://sonar.semantiqo.com/4e3ll/check.js?caltat1=ed3633a5adc2495dac6d4cc5c5534399&idClient=61&idCampaign=92119&csid=ed3633a5adc2495dac6d4cc5c5534399&service=sslba Protocol H2 Security TLS 1.3, , AES_128_GCM Server 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.66.109.217.95.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 28 Nov 2021 21:34:45 GMT content-encoding gzip server nginx/1.20.1 mode no-cors access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-cache access-control-allow-headers Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	run.php Show response pxl.knam.pro/code/	630 B 754 B	56ms 56ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/run.php?id=14&vid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/code1.php?title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%255D&fprint=3bf3e30f415e175e6123505f6cba2576&uid=cfa57eeec94945f1a7244ded5251f2c2&pid=214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 2381dab717d324f4ae1b4370b59e0fe590fa0f57169986928f9228a075f85473 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:52 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H2	200	78604&zid=20598911 Show response lpt-crm.online/code/new/	4 KB 2 KB	221ms 55ms	Script application/javascript	95.213.150.212 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://lpt-crm.online/code/new/78604&zid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/run.php?id=14&vid=20598911 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.213.150.212 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash be92da636d2e9c63b5ff20a9799a32653ce8687e85217d10dc1a6e98f65c17c7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:45 GMT content-encoding gzip last-modified Thu, 25 Nov 2021 06:05:03 GMT server nginx/1.12.2 etag W/"619f278f-119d" content-type application/javascript x-upstream stats-fpm cache-control no-cache expires Sun, 28 Nov 2021 21:34:44 GMT
GET H2	200	run1.php pxl.knam.pro/code/	0 124 B	56ms 56ms	Image text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.knam.pro/code/run1.php?id=84757884 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:52 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H2	200	main.min.js Show response lpt-crm.online/lpt_widget/out/	746 KB 226 KB	103ms 103ms	Script application/javascript	95.213.150.212 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-313-g909d73e322-dirty Requested by Host: lpt-crm.online URL: https://lpt-crm.online/code/new/78604&zid=20598911 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.213.150.212 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash f79fd1fabf7a39b036181bc44f65c18bfc9049b3a1eb1441f3898d52d01d3c28 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:45 GMT content-encoding gzip last-modified Thu, 25 Nov 2021 06:05:14 GMT server nginx/1.12.2 etag W/"619f279a-ba7e8" content-type application/javascript x-upstream stats-fpm cache-control max-age=604800 expires Sun, 05 Dec 2021 21:34:45 GMT
POST H2	409	track Show response lpt-crm.online/	60 B 586 B	68ms 68ms	XHR application/json	95.213.150.212 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://lpt-crm.online/track Requested by Host: lpt-crm.online URL: https://lpt-crm.online/lpt_widget/out/main.min.js?2.24.20201228-313-g909d73e322-dirty Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.213.150.212 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash 6129af969897c36c9a62ca71e459d4c16212b0300f706672f7ae80a32f0ae9db Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers date Sun, 28 Nov 2021 21:34:46 GMT x-origin normal x-lpt-memory-peak 4.00 x-lpt-log-failures 0 x-lpt-env prod x-lpt-memory-total 2.00 x-backend-server stats-new-1 pragma no-cache x-lpt-request-id 07210748-5f0e-4f66-8cfb-12487b4aefa7 server nginx/1.12.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT content-type application/json; charset=UTF-8 access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control no-store, no-cache access-control-allow-credentials true x-lpt-time 0.01 access-control-allow-headers Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With x-lpt-log-events 0 x-lpt-db-queries 9
OPTIONS H2	200	track lpt-crm.online/ Frame	0 0	165ms 56ms	Preflight text/html	95.213.150.212 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://lpt-crm.online/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.213.150.212 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx/1.12.2 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.billing.novostroy-gid.ru User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.12.2 date Sun, 28 Nov 2021 21:34:46 GMT content-type text/html; charset=UTF-8 access-control-allow-methods GET, POST, PUT access-control-allow-headers Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With x-backend-server stats-new-3 access-control-max-age 3600 access-control-allow-credentials true access-control-allow-origin https://www.billing.novostroy-gid.ru x-origin normal x-upstream stats-fpm content-encoding gzip
GET H2	200	run.php Show response pxl.knam.pro/code/	659 B 783 B	56ms 55ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/run.php?id=16&vid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/code1.php?title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%255D&fprint=3bf3e30f415e175e6123505f6cba2576&uid=cfa57eeec94945f1a7244ded5251f2c2&pid=214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 21299be74392619439a6827103955716f82e3818b82f5d01d96db7cf39cafa5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:53 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H2	200	sync Show response dmp.one/	52 B 345 B	168ms 168ms	Script text/html	2606:4700:3030::6815:5057 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dmp.one/sync?stock_key=6aee8d63142ec7f46e114d0005292513%20&yid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/run.php?id=16&vid=20598911 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5057 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53d58edecfb5e2c881088fe099d7429024693fedd9a88f87d204d088e9ab8bf5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:46 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-methods GET, POST, OPTIONS content-type text/html; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CD2sFIDJK839zPeOjl50f4qVQ269MfvFyFCnZVZIELCYth7PxF0XprqnN2rOJh%2BWRr5FD1j4Gv83KTmmhZSlbhAVT2Js%2F6AkTpfsZYyb79bq993ZcQso7qei0TbFfPXq4oGrYyF"}],"group":"cf-nel","max_age":604800} cf-ray 6b56b8e6be700fa6-VIE
GET H2	200	run1.php pxl.knam.pro/code/	0 124 B	56ms 56ms	Image text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.knam.pro/code/run1.php?id=84757885 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:53 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 145 B	130ms 84ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=4&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=994056343&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638135287%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213447%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135287&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:47 GMT last-modified Sun, 28-Nov-2021 21:34:47 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:47 GMT
POST H/1.1	200 OK	/ Show response api09.tazeros.com/ Frame 9FB2	50 B 596 B	72ms 72ms	XHR application/json	95.84.138.196 NCNET-AS
General Check archive.org Show headers Download Go to Full URL https://api09.tazeros.com/ Requested by Host: stats.tazeros.com URL: https://stats.tazeros.com/v3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.84.138.196 Moscow, Russian Federation, ASN42610 (NCNET-AS, RU), Reverse DNS broadband-95-84-138-196.ip.moscow.rt.ru Software nginx/1.18.0 (Ubuntu) / Resource Hash 6643b7b6e2d06095d6a1d6df1280b05776a0fba1134761289dc22607dd099dda Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ixseptor.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Sun, 28 Nov 2021 21:34:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, OPTIONS, POST Content-Type application/json Access-Control-Allow-Origin https://ixseptor.ru Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type, Origin, Authorization, Accept, Cache-Control, X-Requested-With, X-Requested-With, Access-Control-Allow-Credentials
GET H2	200	run.php Show response pxl.knam.pro/code/	635 B 759 B	55ms 55ms	Script text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Full URL https://pxl.knam.pro/code/run.php?id=1&vid=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/code1.php?title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20%D0%A1%D0%B0%D0%BD%D0%BA%D1%82-%D0%9F%D0%B5%D1%82%D0%B5%D1%80%D0%B1%D1%83%D1%80%D0%B3%D0%B0%20-%20%D0%BA%D0%B2%D0%B0%D1%80%D1%82%D0%B8%D1%80%D1%8B%20%D0%B2%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B0%D1%85%20%D0%A1%D0%9F%D0%B1!%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D1%80%D0%BE%D0%B9-%D0%93%D0%B8%D0%B4&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20tmr_reqNum%3D2%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%255D&fprint=3bf3e30f415e175e6123505f6cba2576&uid=cfa57eeec94945f1a7244ded5251f2c2&pid=214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash 65bffb6e5e4fb21115155ccbaa05a97f3e45f5217271828dffbe5258ceca8db9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:55 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H/1.1	200 OK	code.php Show response rupertino.ru/app/	955 B 690 B	12ms 12ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/code.php?app_type=1&id=20598911 Requested by Host: pxl.knam.pro URL: https://pxl.knam.pro/code/run.php?id=1&vid=20598911 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 810be109a21f35093700103582d1f40c7c3c31d293da50bb2d5f1d99a09c9b12 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	run1.php pxl.knam.pro/code/	0 124 B	55ms 55ms	Image text/javascript	91.218.228.190 EUROBYTE Eurobyte...
General Check archive.org Show headers Download Go to Show image Full URL https://pxl.knam.pro/code/run1.php?id=84757886 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.218.228.190 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU), Reverse DNS hosted-by.ihc.ru Software nginx/1.14.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 28 Nov 2021 21:34:55 GMT server nginx/1.14.2 access-control-allow-headers Content-Type, X-Requested-With content-type text/javascript; charset=UTF-8
GET H/1.1	200 OK	code1.php Show response rupertino.ru/app/	2 KB 1 KB	16ms 16ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/code1.php?app_type=1&id=20598911&title=%5Bobject%20HTMLTitleElement%5D&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20mars%3D2494d0f88dc7462984cc4b5e57dee19b%3B%20pxlvisit%3D20598911%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%252C12%255D%3B%20tmr_reqNum%3D3%3B%20dbl%3D02f2d50ae77e4f48ab4b1da380c3f167%3B%20lptChatClientId%3D1638135285938-78604 Requested by Host: rupertino.ru URL: https://rupertino.ru/app/code.php?app_type=1&id=20598911 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 1c03de6ce9f2136c2c6b24e506f93aa7bb4f1983a5fb6726b15511b6d6ef8e43 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	type1.php Show response rupertino.ru/app/ Redirect Chain https://rupertino.ru/app/run.php?type=1&vid=53726406 https://statistik1.ru/pixel/ph/pixel/pixel17.php?vid=53726406 https://rupertino.ru/app/type1.php?vid=53726406&pixel=1683783728	0 224 B	12ms 11ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/type1.php?vid=53726406&pixel=1683783728 Protocol HTTP/1.1 Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Location https://rupertino.ru/app/type1.php?vid=53726406&pixel=1683783728 Date Sun, 28 Nov 2021 21:36:22 GMT Transfer-Encoding chunked Server nginx/1.16.0 Connection keep-alive Strict-Transport-Security max-age=31536000; Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	wantres.gif Show response counter.yadro.ru/corresp/ Redirect Chain https://rupertino.ru/app/run.php?type=4&vid=53726406 https://counter.yadro.ru/corresp/wantres.gif?id=k53726406	43 B 232 B	68ms 68ms	Script image/gif	88.212.201.216 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://counter.yadro.ru/corresp/wantres.gif?id=k53726406 Protocol HTTP/1.1 Server 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash 877c124faacc2592ac4fefbf8061bf84aa72863e774b03c80cb8052d11a62436 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Server nginx/1.17.9 Connection keep-alive Content-Length 43 Strict-Transport-Security max-age=86400 Content-Type image/gif Redirect headers Location https://counter.yadro.ru/corresp/wantres.gif?id=k53726406 Date Sun, 28 Nov 2021 21:34:48 GMT Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	run.php Show response rupertino.ru/app/	165 B 360 B	35ms 13ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/run.php?type=7&vid=53726406 Requested by Host: rupertino.ru URL: https://rupertino.ru/app/code1.php?app_type=1&id=20598911&title=%5Bobject%20HTMLTitleElement%5D&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20mars%3D2494d0f88dc7462984cc4b5e57dee19b%3B%20pxlvisit%3D20598911%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%252C12%255D%3B%20tmr_reqNum%3D3%3B%20dbl%3D02f2d50ae77e4f48ab4b1da380c3f167%3B%20lptChatClientId%3D1638135285938-78604 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash 5bb8c928da0da8f29a8787441be8a62615643e6675a565c91f39cb4eaecec8a4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	run.php Show response rupertino.ru/app/	1 KB 754 B	36ms 13ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/run.php?type=8&vid=53726406 Requested by Host: rupertino.ru URL: https://rupertino.ru/app/code1.php?app_type=1&id=20598911&title=%5Bobject%20HTMLTitleElement%5D&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20mars%3D2494d0f88dc7462984cc4b5e57dee19b%3B%20pxlvisit%3D20598911%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%252C12%255D%3B%20tmr_reqNum%3D3%3B%20dbl%3D02f2d50ae77e4f48ab4b1da380c3f167%3B%20lptChatClientId%3D1638135285938-78604 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash bb04ae1416338a304b1d221caf9f7f669edc56240536f41484580c5f6246ffcb Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	run.php Show response rupertino.ru/app/	0 224 B	38ms 15ms	Script text/html	138.201.251.56 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://rupertino.ru/app/run.php?type=9&vid=53726406 Requested by Host: rupertino.ru URL: https://rupertino.ru/app/code1.php?app_type=1&id=20598911&title=%5Bobject%20HTMLTitleElement%5D&url=https://www.billing.novostroy-gid.ru/&ref=&cookie=_ga%3DGA1.3.573967421.1638135278%3B%20_gid%3DGA1.3.1376015553.1638135278%3B%20_dc_gtm_UA-52809280-1%3D1%3B%20_ym_uid%3D1638135279642793507%3B%20_ym_d%3D1638135279%3B%20_ym_visorc%3Dw%3B%20_gcl_au%3D1.1.145709278.1638135280%3B%20_ym_isad%3D2%3B%20tmr_lvid%3Dc125781a4f89dbe724aa011e99a63e3b%3B%20tmr_lvidTS%3D1638135280242%3B%20dmp_cc%3D61a3f5f0a50396.89269707%3B%20_dmp_key_t%3DnqcttohZCX28itoYalYYHsr9MzKxjM%2BC6rbauQMSNoQO65GfhzWt56zOcXks4M3mK5CsezQn6RIhMg%3D%3D%3B%20mycook1idd_442845%3D433815869%3B%20my1visits1idd1%3D425422862%3B%20newstat38%3D78511287%3B%20tmr_detect%3D0%257C1638135282838%3B%20etaguid%3Dundefined%3B%20mars%3D2494d0f88dc7462984cc4b5e57dee19b%3B%20pxlvisit%3D20598911%3B%20_ppsidc%3D%255B1%252C2%252C3%252C4%252C5%252C7%252C8%252C10%252C11%252C12%255D%3B%20tmr_reqNum%3D3%3B%20dbl%3D02f2d50ae77e4f48ab4b1da380c3f167%3B%20lptChatClientId%3D1638135285938-78604 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 138.201.251.56 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.56.251.201.138.clients.your-server.de Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Sun, 28 Nov 2021 21:34:48 GMT Content-Encoding gzip Server nginx/1.6.2 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	404	wr iphlr.ru/v3/	0 0	596ms 48ms	Image text/html	185.20.78.174
General Check archive.org Show headers Download Go to Show image Full URL https://iphlr.ru/v3/wr?redirect_url=https://ruperstat.ru/ext/datastore/m5.php&v=17&id=53726406 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.20.78.174 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers
GET H/1.1	200 OK	ufp.php perstat.ru/pixel/ Redirect Chain https://statik-us.info/loadfp?uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&colord=24&screenw=1600&screenh=1200&devicememory=8&hardwareconcu... https://perstat.ru/pixel/ufp.php?webglvendor=w&webglrenderer=w&token=58dd1de450b9a100b3a63850dc086905&uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gi...	49 B 256 B	261ms 52ms	Image image/png	185.184.79.77
General Check archive.org Show headers Download Go to Show image Full URL https://perstat.ru/pixel/ufp.php?webglvendor=w&webglrenderer=w&token=58dd1de450b9a100b3a63850dc086905&uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&colord=24&screenw=1600&screenh=1200&devicememory=8&hardwareconcurrency=4&platform=Linux%20x86_64&timeoffset=0&webglvendor=Intel%20Inc.&webglrenderer=Intel%20Iris%20OpenGL%20Engine Protocol HTTP/1.1 Server 185.184.79.77 -, , ASN (), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.billing.novostroy-gid.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 28 Nov 2021 21:34:48 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type image/png Redirect headers Access-Control-Allow-Origin * Date Sun, 28 Nov 2021 21:34:48 GMT Transfer-Encoding chunked Server nginx/1.10.3 (Ubuntu) Connection keep-alive Location https://perstat.ru/pixel/ufp.php?webglvendor=w&webglrenderer=w&token=58dd1de450b9a100b3a63850dc086905&uuid=53726406&token=58dd1de450b9a100b3a63850dc086905&url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&colord=24&screenw=1600&screenh=1200&devicememory=8&hardwareconcurrency=4&platform=Linux%20x86_64&timeoffset=0&webglvendor=Intel%20Inc.&webglrenderer=Intel%20Iris%20OpenGL%20Engine Content-Type text/html; charset=UTF-8
POST H2	200	22562989 Show response mc.yandex.com/webvisor/	43 B 145 B	41ms 41ms	XHR image/gif	2a02:6b8::1:119 YNDX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/22562989?wmode=0&wv-part=5&wv-hit=164184842&page-url=https%3A%2F%2Fwww.billing.novostroy-gid.ru%2F&rn=653775219&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1638135289%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211128213449%3Au%3A1638135279642793507%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1638135289&t=gdpr(14)ti(2) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.billing.novostroy-gid.ru/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 28 Nov 2021 21:34:49 GMT last-modified Sun, 28-Nov-2021 21:34:49 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.billing.novostroy-gid.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 28-Nov-2021 21:34:49 GMT