forester-promo.ru Open in urlscan Pro
79.143.73.41  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10402.6ZPvG-pI4ozwUhWIIcCRjDPRsaDZytpWZo24fEfVhx0DAD8RgKqNL_K96fN7_uQW.qdYagwEIEDO-ziGdW4JnL55UPj4%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10402.rzy8YYBJ8o9pwhIEdqro4tCNHAZkXHNERBN-GtKw5XSgV3yeprTN-q6g0u43-IIWlmjFnr_a13ckUIHIlu0gXJKemsgsjkgn3bpgcd4GBPmauG8iH52AWi53iolKluOCQXH8xJLYN6KUQq0KsXdGTbMqtSgtIeX7cdp_tGPeqDtj20bebsy_vulYqrCDbHCGjOM_jIupb5PjRoehThsd59R9RUuhEV5go_ofZJmfiFU%2C.9izHdXpEb9pOs7Mh4hw8FW2lTF0%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10402.TOszDn0oWuR0U-3ypBnZtvW8h6e55ADGPT4Orv7DnALAxJ5PdWQraRuNATgL6OFW4qBjGJ3jXLDFMcZzu0FmcSp0J1RLdDp0uj0GilA9YPrUgFNhmI268QC686jr2a_oxPCItnIvZ8wXi1VDGb2jKWG1Oc0EBR8b8ugO10M8SYzkfABCUypyUSMzockaWR5xU-LXmeRGB7uhw-Ckda8EQQ%2C%2C.0zfFRIrCz8HXh1x0lBYf-pLYMtY%2C

Request Chain 43

• https://mc.yandex.com/watch/96969863?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111144%3Aet%3A1718529105%3Ac%3A1%3Arn%3A102526218%3Arqn%3A1%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C110%2C439%2C2%2C0%2C0%2C%2C822%2C2%2C%2C%2C%2C1494%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105%3At%3A%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%20%D1%81%20Forester!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
• https://mc.yandex.com/watch/96969863/1?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111144%3Aet%3A1718529105%3Ac%3A1%3Arn%3A102526218%3Arqn%3A1%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C110%2C439%2C2%2C0%2C0%2C%2C822%2C2%2C%2C%2C%2C1494%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105%3At%3A%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%20%D1%81%20Forester%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response forester-promo.ru/	60 KB 14 KB	646ms 440ms	Document text/html	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash df5395d74f455752dc5ef9081e491e81ee919e9135040e21601d58da7a01daa0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains max-age=31536000 X-Content-Type-Options nosniff nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Sun, 16 Jun 2024 09:11:43 GMT etag W/"df5395d74f455752dc5ef9081e491e81" referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 (Ubuntu) strict-transport-security max-age=31536000; includeSubDomains max-age=31536000 vary Accept-Encoding Origin x-content-type-options nosniff nosniff x-download-options noopen x-permitted-cross-domain-policies none x-request-id 180c27e5-f46d-46d6-8bb0-5a591b831e8a x-runtime 0.376081 x-xss-protection 1; mode=block
GET H2	200	2278-0badd39e-5041-4559-a698-45ea7f67f988.css forester-promo.ru/uploads/channel/stylesheet/2278/	470 KB 39 KB	76ms 74ms	Stylesheet text/css	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash cd2c299f2803db0f6c8992d27f005f8cc5c14b1627891d76c4255cb4bd385d5f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:43 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 14 Jun 2024 17:20:36 GMT server nginx/1.18.0 (Ubuntu) content-encoding gzip etag W/"666c7be4-7589a" vary Accept-Encoding content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.5.1.min.js Show response cdn.bafsy.com/builder/scripts/	87 KB 88 KB	515ms 72ms	Script text/javascript	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com/builder/scripts/jquery-3.5.1.min.js Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 1854 x-cached-since 2024-06-15T18:25:56+00:00 content-length 89476 x-trans-id 17d88ff1cb92d4ad x-node dh-up-gc20 last-modified Thu, 13 Jun 2024 12:25:27 GMT server nginx etag "dc5e7f18c8d36ac1d3d4753a87c98d0a" content-type text/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1718281526.50808 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	swiper-bundle.min.css cdn.jsdelivr.net/npm/swiper@8/	16 KB 5 KB	32ms 9ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.css Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 322d15d99efb792c941a5202fa8fc7ee9e932847227383ff9605163338a08eac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 16 Jun 2024 09:11:43 GMT x-content-type-options nosniff content-encoding br age 16669 x-jsd-version 8.4.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 4878 x-served-by cache-fra-eddf8230151-FRA x-jsd-version-type version etag W/"406d-rwCOh5O6dcNGNg6U6W482jFM4n8" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	31e1e05b0d3d3c21867f2f871be72910947a2c17.png platform.bafsy.com/files/	18 KB 18 KB	256ms 67ms	Image image/png	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/31e1e05b0d3d3c21867f2f871be72910947a2c17.png Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash cb003eed2d0f0a7c9f4d7c539a0c1d92095ac9e792deb643fd7b4f68810d7a12 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:43 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 18 Apr 2024 18:37:02 GMT server nginx/1.18.0 (Ubuntu) etag "6621684e-47c8" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 18376 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	104 B 396 B	806ms 368ms	Script text/javascript	2606:4700:3110::6812:3303 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?features=Promise%2CIntersectionObserver Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:3303 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cdn-server Global date Sun, 16 Jun 2024 09:11:44 GMT content-encoding gzip cf-cache-status EXPIRED last-modified Sat, 15 Jun 2024 18:07:06 GMT server cloudflare vary Accept-Encoding, User-Agent access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 8949ac943836a06d-FRA expires Sun, 16 Jun 2024 10:11:44 GMT
GET H2	200	swiper-bundle.min.js Show response cdn.jsdelivr.net/npm/swiper@8/	140 KB 41 KB	7ms 7ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/swiper@8/swiper-bundle.min.js Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 16 Jun 2024 09:11:43 GMT x-content-type-options nosniff content-encoding br age 24111 x-jsd-version 8.4.7 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 41862 x-served-by cache-fra-eddf8230151-FRA x-jsd-version-type version etag W/"2315a-9NyNRghnOcWBIRhbLQ9OGQcQ8Rs" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	2278-6a8ec29e-7bdd-458a-a63e-4407b722e3f7.js Show response forester-promo.ru/uploads/channel/javascript/2278/	523 KB 138 KB	61ms 60ms	Script application/javascript	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://forester-promo.ru/uploads/channel/javascript/2278/2278-6a8ec29e-7bdd-458a-a63e-4407b722e3f7.js Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a10d9ae742215dc6caa93084a1275fd23a48ab28e63b1657195992b6ae714da6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 14 Jun 2024 17:20:36 GMT server nginx/1.18.0 (Ubuntu) content-encoding gzip etag W/"666c7be4-82d46" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	201 KB 70 KB	234ms 120ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 5032e6e296efe960663b74e7a1d53cc0b8b2d27bca1b8c2035d01cd472678fef Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Thu, 13 Jun 2024 13:11:00 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "666aefe4-11375" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 70517 expires Sun, 16 Jun 2024 10:11:44 GMT
GET H2	200	65b41864f20b2643d48aee34472b694c84d0e6e8.jpg platform.bafsy.com/files/	327 KB 328 KB	95ms 95ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/65b41864f20b2643d48aee34472b694c84d0e6e8.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 7d5fc878f4fdb914060155dc7b41b48ae9d9b7c5bafa833c21331b5380e33e70 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 14 Apr 2024 23:47:19 GMT server nginx/1.18.0 (Ubuntu) etag "661c6b07-51be0" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 334816 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	10a7b64c470492ccd773a7171fbb3c86a98f9125.jpg platform.bafsy.com/files/	62 KB 62 KB	207ms 205ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/10a7b64c470492ccd773a7171fbb3c86a98f9125.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash f637974e3596f300a988dbe576463aec21f77755146728e946e93bc9867b700e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 15 Apr 2024 00:03:51 GMT server nginx/1.18.0 (Ubuntu) etag "661c6ee7-f89f" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 63647 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	91fe979faa2b2522a9df8460746af1b3533f5dc9.jpg platform.bafsy.com/files/	15 KB 15 KB	207ms 205ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/91fe979faa2b2522a9df8460746af1b3533f5dc9.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash e4cbb59c491be62f4fecdb9bdaf75b91b550f557c5a821bd7b96ebe8cd2887a7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 14 Apr 2024 23:52:14 GMT server nginx/1.18.0 (Ubuntu) etag "661c6c2e-3a91" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 14993 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	42770bef054e6abd2bea858c6938e5f069d81dcd.jpg platform.bafsy.com/files/	199 KB 199 KB	207ms 206ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/42770bef054e6abd2bea858c6938e5f069d81dcd.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 13422325018e58d30994dfefbd298e7e4d4fba0f7693c2a67847f686e1c62727 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 14 Apr 2024 23:52:24 GMT server nginx/1.18.0 (Ubuntu) etag "661c6c38-31b5a" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 203610 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	d1d4596527c601349972bccbffcbc99d5fbb13fa.jpg platform.bafsy.com/files/	21 KB 21 KB	207ms 206ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/d1d4596527c601349972bccbffcbc99d5fbb13fa.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash e2e1e17a6be60154ca3cf04b1e033ab4c7c97e133a10034fb362ba606411fa40 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 15 Apr 2024 21:30:19 GMT server nginx/1.18.0 (Ubuntu) etag "661d9c6b-54a2" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 21666 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	9eec561b1641bf2997315a40a8edfa6a9753dc7e.jpg platform.bafsy.com/files/	41 KB 41 KB	207ms 206ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/9eec561b1641bf2997315a40a8edfa6a9753dc7e.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash ae7db7160f531d05f0ff83bc0e3032088e4be7fde637b59d2aa025301f30a65d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 15 Apr 2024 21:29:55 GMT server nginx/1.18.0 (Ubuntu) etag "661d9c53-a34f" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 41807 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	595f421b1c6d5b8c02e4d95f9f6cd57b3ee83dd2.svg platform.bafsy.com/files/	213 B 461 B	207ms 206ms	Image image/svg+xml	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/595f421b1c6d5b8c02e4d95f9f6cd57b3ee83dd2.svg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 330357238130846d33047571312ad19ce9659dc63dec232c699937fb94ca74eb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 15 Apr 2024 22:24:07 GMT server nginx/1.18.0 (Ubuntu) etag "661da907-d5" content-type image/svg+xml cache-control max-age=315360000 accept-ranges bytes content-length 213 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	c82e04cf1af44a438702e3d102cf353926ca8460.svg platform.bafsy.com/files/	218 B 466 B	207ms 206ms	Image image/svg+xml	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/c82e04cf1af44a438702e3d102cf353926ca8460.svg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 9a3169e0beb0fd9a0ca633dd5439358a90c5b5820af3eeb0001296a890d8bab1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 15 Apr 2024 22:38:26 GMT server nginx/1.18.0 (Ubuntu) etag "661dac62-da" content-type image/svg+xml cache-control max-age=315360000 accept-ranges bytes content-length 218 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	223c72ef578f813029c9f0f8c581ad4d0c131c12.png platform.bafsy.com/files/	520 KB 521 KB	208ms 207ms	Image image/png	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/223c72ef578f813029c9f0f8c581ad4d0c131c12.png Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash fa93a4a35572c49c1c3e78c2ec2426a08204e2f58c1a3dfd2555130e7dd538c1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Wed, 17 Apr 2024 20:40:35 GMT server nginx/1.18.0 (Ubuntu) etag "662033c3-8217f" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 532863 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	c1171ac45e0f68b0c95acb46b68c621a2f5f9723.jpg platform.bafsy.com/files/	62 KB 62 KB	208ms 207ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/c1171ac45e0f68b0c95acb46b68c621a2f5f9723.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 6e617bdef894559759da6caec44098dc8066d1724e1ed7807835a2c7c6367979 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 16 Apr 2024 21:49:31 GMT server nginx/1.18.0 (Ubuntu) etag "661ef26b-f799" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 63385 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	27a309f6324567f52512f3eb73d377d1060f1a5c.png platform.bafsy.com/files/	16 KB 16 KB	277ms 276ms	Image image/png	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/27a309f6324567f52512f3eb73d377d1060f1a5c.png Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 328bbe5eb4dd65aaf1605c430c555d5d820f260258078419ea7db85a70660296 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 16 Apr 2024 21:48:56 GMT server nginx/1.18.0 (Ubuntu) etag "661ef248-4014" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 16404 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	9aa5e2fbe4a225b9d5c5f6acfc044335bff48e8b.jpg platform.bafsy.com/files/	27 KB 28 KB	277ms 276ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/9aa5e2fbe4a225b9d5c5f6acfc044335bff48e8b.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 2997cc3cd73c43533634cdbc0b297965c95e4a084553833f6950627778db77c7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Wed, 17 Apr 2024 21:29:12 GMT server nginx/1.18.0 (Ubuntu) etag "66203f28-6d89" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 28041 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	126c1f76a434473345c27c271d2b31a48ec26283.jpg platform.bafsy.com/files/	43 KB 43 KB	277ms 277ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/126c1f76a434473345c27c271d2b31a48ec26283.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash c076a81748bafd8f9f7a14b3d21ad4870bfb92d330dfab29b018d8a8a623369e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Wed, 17 Apr 2024 21:29:27 GMT server nginx/1.18.0 (Ubuntu) etag "66203f37-aac1" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 43713 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	dfcd278cc602b0805a0c22be6457d64277e5c43a.jpg platform.bafsy.com/files/	52 KB 52 KB	277ms 277ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/dfcd278cc602b0805a0c22be6457d64277e5c43a.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 813455bbb6a23d5312157d80f4e24c6323eeb8d8800a6793607be836965a4421 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 14 Apr 2024 23:32:27 GMT server nginx/1.18.0 (Ubuntu) etag "661c678b-cfa9" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 53161 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0559a27880ce7acf4e7d67a686803660683a3dc7.jpg platform.bafsy.com/files/	75 KB 75 KB	277ms 277ms	Image image/jpeg	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/0559a27880ce7acf4e7d67a686803660683a3dc7.jpg Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 6168e80d6c364d8a132ba680d27087485cfffacb1b9715b711c3afcbb2712369 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 19 Apr 2024 18:55:59 GMT server nginx/1.18.0 (Ubuntu) etag "6622be3f-12a66" content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 76390 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ajax-loader.gif forester-promo.ru/bristol/images/	11 KB 11 KB	93ms 93ms	Image image/gif	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://forester-promo.ru/bristol/images/ajax-loader.gif Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 8f9207dd3f61e48f62650799df1284d8ca00a7b153f2d41b9caa0cd2d1a55886 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 07 Jun 2024 08:58:26 GMT server nginx/1.18.0 (Ubuntu) etag "6662cbb2-2aa8" content-type image/gif cache-control max-age=315360000 accept-ranges bytes content-length 10920 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	DINPro.woff2 cdn.bafsy.com//builder/fonts/	34 KB 35 KB	77ms 77ms	Font application/octet-stream	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com//builder/fonts/DINPro.woff2 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 6044f6ef97820636893cce740e06ec21d7e938729238e35363b01f5da0167365 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 0 x-cached-since 2024-06-15T19:39:33+00:00 content-length 35216 x-trans-id 167160cd740f8565 x-node dh-up-gc20 last-modified Wed, 31 Mar 2021 08:42:57 GMT server nginx etag "1b526b4182a1045647530d7aae7adc17" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1617180176.78898 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	DINPro-Bold.woff2 cdn.bafsy.com//builder/fonts/	34 KB 34 KB	85ms 84ms	Font application/octet-stream	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com//builder/fonts/DINPro-Bold.woff2 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 06cbd292aae9c215ff0dba6c03e6dd1a8bdbc716e83ec829487a9a9d71e3806c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 0 x-cached-since 2024-06-15T19:39:33+00:00 content-length 35036 x-trans-id 167160cdcfac5f30 x-node dh-up-gc20 last-modified Wed, 31 Mar 2021 08:42:59 GMT server nginx etag "2edfa21f4d41a69c1b2dd3f886d393fa" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1617180178.29151 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	DINPro-Medium.woff2 cdn.bafsy.com//builder/fonts/	35 KB 35 KB	98ms 98ms	Font application/octet-stream	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com//builder/fonts/DINPro-Medium.woff2 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash f428062aa55829eeebfda9c449413bfe490556b047c1cbd1c827f5490a48a3a1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 0 x-cached-since 2024-06-15T19:39:33+00:00 content-length 35348 x-trans-id 167160cfa4ac165a x-node dh-up-gc20 last-modified Wed, 31 Mar 2021 08:43:07 GMT server nginx etag "b4bfb9fd037daa21989241bc920fa33c" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1617180186.16482 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	Montserrat-Regular.woff2 cdn.bafsy.com//builder/fonts/	87 KB 87 KB	99ms 99ms	Font application/octet-stream	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com//builder/fonts/Montserrat-Regular.woff2 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 9137 x-cached-since 2024-06-16T07:55:41+00:00 content-length 88804 x-trans-id 166c811af4013b17 x-node dh-up-gc20 last-modified Mon, 15 Mar 2021 11:38:40 GMT server nginx etag "6c8807219b0ecffdf96122b80df3e62c" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1615808319.09346 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	Montserrat-Bold.woff2 cdn.bafsy.com//builder/fonts/	87 KB 87 KB	99ms 99ms	Font application/octet-stream	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com//builder/fonts/Montserrat-Bold.woff2 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/uploads/channel/stylesheet/2278/2278-0badd39e-5041-4559-a698-45ea7f67f988.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash 5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 0 x-cached-since 2024-06-15T19:39:33+00:00 content-length 88708 x-trans-id 166c8116c09ed791 x-node dh-up-gc20 last-modified Mon, 15 Mar 2021 11:38:22 GMT server nginx etag "1eaf59537a9c317acaa4b2c144cd89d6" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1615808301.04323 cache HIT x-container-storage-policy-index 0 accept-ranges bytes
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f Request headers Referer Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	actions.js Show response platform.bafsy.com/cdp/	7 KB 3 KB	166ms 166ms	Script application/javascript	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/cdp/actions.js Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 4029b7bf5e4f78b9d567f0e8aa8367d22cb7516c43b57027ec2dd1ea9dc15329 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff, nosniff content-encoding gzip x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 80881da5-56a9-4020-8682-8160adcda068 x-runtime 0.001818 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 (Ubuntu) etag W/"4029b7bf5e4f78b9d567f0e8aa8367d2" x-download-options noopen vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control max-age=0, private, must-revalidate
GET H2	200	v3 Show response openfpcdn.io/fingerprintjs/	33 KB 14 KB	59ms 14ms	Script text/javascript	54.230.228.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://openfpcdn.io/fingerprintjs/v3 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-51.muc50.r.cloudfront.net Software CloudFront / Resource Hash 57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Origin https://forester-promo.ru Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 16 Jun 2024 08:36:54 GMT via 1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 2250 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 server CloudFront etag W/"hurxpFJ1hzJm8rhSSUCMgpelT2E" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=617371, s-maxage=11135 x-amz-cf-id Rf0yCb5Zw4jicV-5yDqlxEdiwuibn6xQwTIMGhYnMzUH_lBbGhIs1g==
OPTIONS H2	200	winners platform.promo-kit.ru/api/v4/ Frame	0 0	236ms 52ms	Preflight	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.promo-kit.ru/api/v4/winners?engage%5Bproject_id%5D=263&engage%5Benv%5D=production&per_page=10&page=1&start_date=2024-04-22&end_date=2024-05-26&prize%5Bcategories%5D%5B%5D=3&prize%5Bcategories%5D%5B%5D=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash Request headers Accept */* Access-Control-Request-Headers api-key Access-Control-Request-Method GET Origin https://forester-promo.ru Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers api-key access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS access-control-allow-origin * access-control-expose-headers access-control-max-age 1728000 date Sun, 16 Jun 2024 09:11:44 GMT server nginx/1.18.0 (Ubuntu)
GET H3	200	vue@2.6.14 Show response cdn.jsdelivr.net/npm/	92 KB 35 KB	9ms 9ms	Script application/javascript	151.101.1.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/vue@2.6.14?_=1718529104190 Requested by Host: cdn.bafsy.com URL: https://cdn.bafsy.com/builder/scripts/jquery-3.5.1.min.js Protocol H3 Security QUIC, , AES_256_GCM Server 151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 16 Jun 2024 09:11:44 GMT x-content-type-options nosniff content-encoding br age 3384639 x-jsd-version 2.6.14 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 35858 x-served-by cache-fra-eddf8230111-FRA x-jsd-version-type version etag W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	VueQrcodeReader.umd.min.js Show response cdn.bafsy.com/builder/scripts/	238 KB 239 KB	388ms 256ms	Script application/javascript	2a11:27c0::93 EDGECENTERLLC
General Check archive.org Show headers Download Go to Full URL https://cdn.bafsy.com/builder/scripts/VueQrcodeReader.umd.min.js?_=1718529104191 Requested by Host: cdn.bafsy.com URL: https://cdn.bafsy.com/builder/scripts/jquery-3.5.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU), Reverse DNS Software nginx / Resource Hash dd0c6119bab8ef24ed5556d2e9310f9b0f9dd84e1650e6b75aed4be2799ebd76 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-container-storage-policy-name Policy-0 date Sun, 16 Jun 2024 09:11:44 GMT age 2085 content-length 243798 x-trans-id 170a3a6cf4135da0 x-node dh-up-gc20 last-modified Thu, 11 Aug 2022 07:40:53 GMT server nginx etag "e6ab202fa937277f2f4aea2b12183ff4" content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges x-timestamp 1660203652.26712 cache MISS x-container-storage-policy-index 0 accept-ranges bytes
GET H2	200	winners Show response platform.promo-kit.ru/api/v4/	2 KB 1 KB	95ms 95ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.promo-kit.ru/api/v4/winners?engage%5Bproject_id%5D=263&engage%5Benv%5D=production&per_page=10&page=1&start_date=2024-04-22&end_date=2024-05-26&prize%5Bcategories%5D%5B%5D=3&prize%5Bcategories%5D%5B%5D=1 Requested by Host: cdn.bafsy.com URL: https://cdn.bafsy.com/builder/scripts/jquery-3.5.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash de91a6528fce169d538bd16816fa6720958032330c29b7252103fe434a5271eb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Accept */* Referer https://forester-promo.ru/ Api-Key ZgSjh8YjUfPCiYkksRaT0g sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id ae3b52b6-106f-46c4-a1d8-01daae51398c x-runtime 0.044094 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 (Ubuntu) etag W/"de91a6528fce169d538bd16816fa6720" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 1728000 access-control-allow-methods GET, POST, PUT, PATCH, OPTIONS access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 vary Origin
GET H2	200	50c4e7f7d38463e3dd6c7981972179888547f467.png platform.bafsy.com/files/	61 KB 61 KB	130ms 130ms	Image image/png	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Show image Full URL https://platform.bafsy.com/files/50c4e7f7d38463e3dd6c7981972179888547f467.png Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash e4f00847e811d053bc081561836c0088d2e37d8cf3925d0f3c0c2ccffbbe1907 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 14 Apr 2024 23:51:53 GMT server nginx/1.18.0 (Ubuntu) etag "661c6c19-f284" content-type image/png cache-control max-age=315360000 accept-ranges bytes content-length 62084 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	sync_cookie_image_finish mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10402.6ZPvG-pI4ozwUhWIIcCRjDPRsaDZytpWZo24fEfVhx0DAD8RgKqNL_K96fN7_uQW.qdYagwEIEDO-ziGdW4JnL55UPj4%2C https://mc.yandex.com/sync_cookie_image_decide?token=10402.rzy8YYBJ8o9pwhIEdqro4tCNHAZkXHNERBN-GtKw5XSgV3yeprTN-q6g0u43-IIWlmjFnr_a13ckUIHIlu0gXJKemsgsjkgn3bpgcd4GBPmauG8iH52AWi53iolKluOCQXH8xJLYN6... https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10402.TOszDn0oWuR0U-3ypBnZtvW8h6e55ADGPT4Orv7DnALAxJ5PdWQraRuNATgL6OFW4qBjGJ3jXLDFMcZzu0FmcSp0J1RLdDp0uj0GilA9YPrUg...	43 B 613 B	59ms 58ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10402.TOszDn0oWuR0U-3ypBnZtvW8h6e55ADGPT4Orv7DnALAxJ5PdWQraRuNATgL6OFW4qBjGJ3jXLDFMcZzu0FmcSp0J1RLdDp0uj0GilA9YPrUgFNhmI268QC686jr2a_oxPCItnIvZ8wXi1VDGb2jKWG1Oc0EBR8b8ugO10M8SYzkfABCUypyUSMzockaWR5xU-LXmeRGB7uhw-Ckda8EQQ%2C%2C.0zfFRIrCz8HXh1x0lBYf-pLYMtY%2C Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://forester-promo.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10402.TOszDn0oWuR0U-3ypBnZtvW8h6e55ADGPT4Orv7DnALAxJ5PdWQraRuNATgL6OFW4qBjGJ3jXLDFMcZzu0FmcSp0J1RLdDp0uj0GilA9YPrUgFNhmI268QC686jr2a_oxPCItnIvZ8wXi1VDGb2jKWG1Oc0EBR8b8ugO10M8SYzkfABCUypyUSMzockaWR5xU-LXmeRGB7uhw-Ckda8EQQ%2C%2C.0zfFRIrCz8HXh1x0lBYf-pLYMtY%2C date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 458 B	116ms 116ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 last-modified Thu, 13 Jun 2024 13:11:00 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "666aefe4-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Sun, 16 Jun 2024 10:11:44 GMT
GET H3	200	browser-polyfill.min.js Show response cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/	83 KB 21 KB	43ms 29ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/babel-core/5.6.15/browser-polyfill.min.js Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9c15a2727855b6b24591dc43d1c522d04a3859180ea246f4c990d4de63af0db Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 31806 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 21126 last-modified Mon, 04 May 2020 16:06:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d6a-14cd3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEAEPpYqteDC3ITF%2Fs4yffM1lNb08Rwamq4zr6QN5w8osWrPZhhPjgvQD29KmfF9mwJHH4xhyg7u3P69XiviSMFX4%2BeB6cmPlH2s7ovQJhRxdCz4bx%2BVaau6Ya0jO0dQtgnbvKMy"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8949ac98af859000-FRA expires Fri, 06 Jun 2025 09:11:44 GMT
GET H3	200	url-search-params.js Show response cdnjs.cloudflare.com/ajax/libs/url-search-params/1.1.0/	7 KB 2 KB	32ms 19ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/url-search-params/1.1.0/url-search-params.js Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2119346 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1821 last-modified Mon, 04 May 2020 16:17:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04016-1a88" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSp1NwzTVeYgWFoQDX080FaWfaW7YUz2rsuE1F0cYAJK612h58Fbmh1gn4eTcFmuOqeroFS1ODZ%2FxEdfn31lIhWWhrM5VxPY%2B52CzopKgeHQrrEjudszjazL6G5f%2B6YsvkpZNHvU"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8949ac98af839000-FRA expires Fri, 06 Jun 2025 09:11:44 GMT
GET H2	200	metrika_match.html mc.yandex.com/metrika/ Frame 9E99	0 0	176ms 67ms	Document text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/metrika/metrika_match.html Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://forester-promo.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-origin * cache-control max-age=3600 content-encoding br content-length 1048 content-type text/html date Sun, 16 Jun 2024 09:11:44 GMT etag "666aefe4-418" expires Sun, 16 Jun 2024 10:11:44 GMT last-modified Thu, 13 Jun 2024 13:11:00 GMT strict-transport-security max-age=31536000 timing-allow-origin *
POST H2	200	profiles Show response platform.bafsy.com/api/v1/cdp/	389 B 726 B	160ms 58ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/profiles Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash b2fc27f81549a98e01665568703fddb936d37fd309f2aee176bfb5e2b795cecf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.006605 date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"b2fc27f81549a98e01665568703fddb9" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id 9192ca55-cd8b-4177-ba1a-e0515aca5ac3
GET H2	200	1 Show response mc.yandex.com/watch/96969863/ Redirect Chain https://mc.yandex.com/watch/96969863?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chrom... https://mc.yandex.com/watch/96969863/1?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chr...	447 B 566 B	63ms 63ms	Fetch application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/96969863/1?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111144%3Aet%3A1718529105%3Ac%3A1%3Arn%3A102526218%3Arqn%3A1%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C110%2C439%2C2%2C0%2C0%2C%2C822%2C2%2C%2C%2C%2C1494%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105%3At%3A%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%20%D1%81%20Forester%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 Requested by Host: forester-promo.ru URL: https://forester-promo.ru/ Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash cb855b0d71f5cf2babfb002d1d15a200c5e7ac420dd339f5630a57897a8f1476 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://forester-promo.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Sun, 16-Jun-2024 09:11:44 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:44 GMT Redirect headers pragma no-cache date Sun, 16 Jun 2024 09:11:44 GMT strict-transport-security max-age=31536000 last-modified Sun, 16-Jun-2024 09:11:44 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/96969863/1?wmode=7&page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A0%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111144%3Aet%3A1718529105%3Ac%3A1%3Arn%3A102526218%3Arqn%3A1%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1329%3Awv%3A2%3Ads%3A0%2C110%2C439%2C2%2C0%2C0%2C%2C822%2C2%2C%2C%2C%2C1494%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105%3At%3A%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8C%20%D0%B2%D0%BA%D1%83%D1%81%D0%BD%D0%BE%20%D1%81%20Forester%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:44 GMT
POST H2	200	activities Show response platform.bafsy.com/api/v1/cdp/	15 B 503 B	56ms 56ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/activities Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.002635 date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"a29ee2b15c494311c52521766e44af56" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id 437846a1-378d-4f67-81db-e549a6442028
PUT H2	200	666eac5022af6447e3852ed2 Show response platform.bafsy.com/api/v1/cdp/profiles/	919 B 909 B	57ms 57ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/profiles/666eac5022af6447e3852ed2 Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 3feb0d54212bb70711fd2e722c22d184e18ebb7883b358561e03102c69c6a9e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.005887 date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"3feb0d54212bb70711fd2e722c22d184" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id 28a21403-0be1-4a1b-bc08-dd33faacb3e2
OPTIONS H2	200	666eac5022af6447e3852ed2 platform.bafsy.com/api/v1/cdp/profiles/ Frame	0 0	51ms 51ms	Preflight text/plain	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/profiles/666eac5022af6447e3852ed2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method PUT Origin https://forester-promo.ru Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers access-control-max-age 1728000 content-encoding gzip content-type text/plain date Sun, 16 Jun 2024 09:11:45 GMT server nginx/1.18.0 (Ubuntu) strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff
POST H2	200	1 mc.yandex.com/watch/96969863/	43 B 74 B	67ms 66ms	Ping image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/96969863/1?page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&hittoken=1718529104_5730beda4a4d57fc8b7d419c89c30cd887e3f6b5d6ba453ea3b316fe71388cc6&browser-info=pa%3A1%3Aar%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A1%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111145%3Aet%3A1718529105%3Ac%3A1%3Arn%3A378073615%3Arqn%3A2%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105&t=gdpr(14)mc(p-2-ui-1-up-1)clc(0-0-0)rqnt(2)lt(18900)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22user_id%22%3A%22666eac5022af6447e3852ed2%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000 last-modified Sun, 16-Jun-2024 09:11:45 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:45 GMT
POST H2	200	1 mc.yandex.com/watch/96969863/	43 B 158 B	65ms 65ms	Ping image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/96969863/1?page-url=https%3A%2F%2Fforester-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.61%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.61%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.61%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&hittoken=1718529104_5730beda4a4d57fc8b7d419c89c30cd887e3f6b5d6ba453ea3b316fe71388cc6&browser-info=pa%3A1%3Aar%3A1%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1360%3Acn%3A1%3Adp%3A1%3Als%3A929761353756%3Ahid%3A538195087%3Az%3A120%3Ai%3A20240616111145%3Aet%3A1718529105%3Ac%3A1%3Arn%3A894929305%3Arqn%3A3%3Au%3A1718529105241464980%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1718529102935%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1718529105&t=gdpr(14)mc(p-2-ui-1-up-1)clc(0-0-0)rqnt(3)lt(18900)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22__ymu%22%3A%7B%22UserID%22%3A%22666eac5022af6447e3852ed2%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000 last-modified Sun, 16-Jun-2024 09:11:45 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type image/gif access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:45 GMT
GET H2	200	81b4122eb9ad8bb0f11553fe352f23c880cb1237.ico platform.bafsy.com/files/	42 KB 42 KB	68ms 68ms	Other image/x-icon	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/files/81b4122eb9ad8bb0f11553fe352f23c880cb1237.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash 75094ac791604e5e51d4cedb6f100560850499e34c362f5073660421bd8ce429 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Tue, 08 Nov 2022 15:05:45 GMT server nginx/1.18.0 (Ubuntu) etag "636a7049-a79e" content-type image/x-icon cache-control max-age=315360000 accept-ranges bytes content-length 42910 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	activities Show response platform.bafsy.com/api/v1/cdp/	15 B 503 B	72ms 72ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/activities Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.016497 date Sun, 16 Jun 2024 09:11:45 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"a29ee2b15c494311c52521766e44af56" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id 458d4aea-cf7b-4b40-b975-c5bce8efc019
POST H2	200	activities Show response platform.bafsy.com/api/v1/cdp/	15 B 503 B	55ms 55ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/activities Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.003463 date Sun, 16 Jun 2024 09:11:46 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"a29ee2b15c494311c52521766e44af56" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id 09c6880c-bbdd-4593-9b4a-d8c8808fa0b5
POST H2	200	96969863 mc.yandex.com/webvisor/	43 B 0	220ms 166ms	Fetch image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/96969863?wv-part=1&wv-type=7&wmode=0&wv-hit=538195087&page-url=https%3A%2F%2Fforester-promo.ru%2F&rn=1029085877&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1718529108%3Aw%3A1600x1200%3Av%3A1360%3Az%3A120%3Ai%3A20240616111147%3Au%3A1718529105241464980%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Ast%3A1718529108&t=gdpr(14)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 16 Jun 2024 09:11:47 GMT strict-transport-security max-age=31536000 last-modified Sun, 16-Jun-2024 09:11:47 GMT content-type image/gif access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:47 GMT
POST H2	200	activities Show response platform.bafsy.com/api/v1/cdp/	15 B 503 B	55ms 55ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/activities Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.003413 date Sun, 16 Jun 2024 09:11:47 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"a29ee2b15c494311c52521766e44af56" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id b79da98f-f893-4a51-8d9e-0c3897030417
POST H2	200	96969863 mc.yandex.com/webvisor/	43 B 0	59ms 59ms	Fetch image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/96969863?wv-part=1&wv-type=7&wmode=0&wv-hit=538195087&page-url=https%3A%2F%2Fforester-promo.ru%2F&rn=182591850&browser-info=we%3A1%3Aet%3A1718529108%3Aw%3A1600x1200%3Av%3A1360%3Az%3A120%3Ai%3A20240616111147%3Au%3A1718529105241464980%3Avf%3A1htavzoec77bpowqcyzjxzh9ln%3Ast%3A1718529108&t=gdpr(14)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 16 Jun 2024 09:11:47 GMT strict-transport-security max-age=31536000 last-modified Sun, 16-Jun-2024 09:11:47 GMT content-type image/gif access-control-allow-origin https://forester-promo.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sun, 16-Jun-2024 09:11:47 GMT
POST H2	200	activities Show response platform.bafsy.com/api/v1/cdp/	15 B 503 B	54ms 53ms	XHR application/json	79.143.73.41 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://platform.bafsy.com/api/v1/cdp/activities Requested by Host: platform.bafsy.com URL: https://platform.bafsy.com/cdp/actions.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.143.73.41 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS new.bafsy Software nginx/1.18.0 (Ubuntu) / Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://forester-promo.ru/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers x-runtime 0.002168 date Sun, 16 Jun 2024 09:11:48 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000 x-content-type-options nosniff content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"a29ee2b15c494311c52521766e44af56" access-control-max-age 1728000 vary Accept-Encoding, Origin access-control-allow-methods GET, POST, OPTIONS, PUT access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate content-type application/json; charset=utf-8 x-request-id c346527a-5bd1-4698-8da6-98dc4cda47e8