allo499.ru Open in urlscan Pro
2606:4700:3037::ac43:c745 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://allo499.ru/
Submission Tags: l4ing gov ru mx h8 Search All
Submission: On March 10 via api (March 10th 2023, 2:12:05 am UTC) from CH — Scanned from DE

Summary HTTP 271 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 55 IPs in 12 countries across 66 domains to perform 271 HTTP transactions. The main IP is 2606:4700:3037::ac43:c745, located in United States and belongs to CLOUDFLARENET, US. The main domain is allo499.ru.

This is the only time allo499.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
54	2606:4700:303... 2606:4700:3037::ac43:c745	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 1	194.182.66.153 194.182.66.153	24806 (INTERNET-...) (INTERNET-CZ Ktis 2)
1 1	81.177.34.158 81.177.34.158	8342 (RTCOMM-AS) (RTCOMM-AS)
1	81.177.34.136 81.177.34.136	8342 (RTCOMM-AS) (RTCOMM-AS)
1	2a02:6b8::17f 2a02:6b8::17f	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::14 2a02:6b8::14	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::130 2a02:6b8::130	208722 (GLOBAL_DC) (GLOBAL_DC)
4 19	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3 4	185.167.120.17 185.167.120.17	207056 (BONCH-IT) (BONCH-IT)
3 21	193.3.184.226 193.3.184.226	50214 (QWARTA) (QWARTA)
1 2	178.57.217.166 178.57.217.166	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
10 44	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5 5	46.4.121.26 46.4.121.26	24940 (HETZNER-AS) (HETZNER-AS)
14	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
3 5	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.218 193.3.184.218	50214 (QWARTA) (QWARTA)
3 3	193.232.150.150 193.232.150.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
2 2	195.209.108.55 195.209.108.55	52007 (ADRIVER-AS) (ADRIVER-AS)
2 4	81.222.128.213 81.222.128.213	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.18.103.22 37.18.103.22	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
3 3	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2 2	212.76.129.181 212.76.129.181	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	45.9.26.83 45.9.26.83	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.43.131 5.200.43.131	48096 (ITGRAD) (ITGRAD)
4 4	217.66.147.41 217.66.147.41	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
2 2	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
3 4	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
2 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 3	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
5 9	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	62.109.24.241 62.109.24.241	29182 (RU-JSCIOT) (RU-JSCIOT)
1 2	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1 1	167.235.97.173 167.235.97.173	24940 (HETZNER-AS) (HETZNER-AS)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 2	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
1	95.163.92.180 95.163.92.180	12695 (DINET-AS) (DINET-AS)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
3 8	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::28d 2a02:6b8::28d	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
1 2	52.212.210.65 52.212.210.65	16509 (AMAZON-02) (AMAZON-02)
4 6	54.228.83.115 54.228.83.115	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
4 4	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
1 1	87.242.95.200 87.242.95.200	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	91.192.149.30 91.192.149.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.243.172.93 46.243.172.93	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	188.72.109.103 188.72.109.103	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	80.87.198.111 80.87.198.111	29182 (RU-JSCIOT) (RU-JSCIOT)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
271	55

54 2606:4700:3037::ac43:c745 (United States)

ASN13335 (CLOUDFLARENET, US)

allo499.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.182.66.153 (Italy) 1 redirects

ASN24806 (INTERNET-CZ Ktis 2, 384 03 Ktis, CZ)
PTR: host153-66-182-194.serverdedicati.aruba.it

www.forexpf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.177.34.158 (Moscow, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)

www.profinance.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.177.34.136 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

informers.forexpf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::17f (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

info.weather.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::14 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

clck.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::130 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

info.maps.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.120.17 (Russian Federation) 3 redirects

ASN207056 (BONCH-IT, RU)

img.ignio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ignio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ignio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 193.3.184.226 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.57.217.166 (Russian Federation) 1 redirects

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: hosted-by.relevate.ru

allorus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.allorus.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a02:6b8::90 (Moscow, Russian Federation) 10 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.121.26 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271109.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

dd.ce.b7.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.196.115 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.218 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.150.150 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.55 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.222.128.213 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.22 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.237.106 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.76.129.181 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.26.83 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr03.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.43.131 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.41 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-41-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.200 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.196.197.130 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.120.76 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 31.172.81.158 (Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.24.241 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync05.platforma.id

f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.12.14 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.97.173 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.173.97.235.167.clients.your-server.de

sp.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.117.41 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.92.180 (Russian Federation)

ASN12695 (DINET-AS, RU)

match.qtarget.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::28d (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

log.strm.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.210.65 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-210-65.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.228.83.115 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-83-115.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.147 (Russian Federation) 4 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.127.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.95.200 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.172.93 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr17.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.109.103 (Sucre, Bolivia, Plurinational State Of) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.83.142.19 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.87.198.111 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync06.platforma.id

f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	allo499.ru allo499.ru	244 KB
53	yandex.ru 11 redirects clck.yandex.ru — Cisco Umbrella Rank: 54976 informer.yandex.ru — Cisco Umbrella Rank: 74152 an.yandex.ru — Cisco Umbrella Rank: 3616 mc.yandex.ru — Cisco Umbrella Rank: 3716 log.strm.yandex.ru — Cisco Umbrella Rank: 20809 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 29343 yandex.ru — Cisco Umbrella Rank: 1718	258 KB
26	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	140 KB
26	acint.net 8 redirects www.acint.net — Cisco Umbrella Rank: 31893 acint.net — Cisco Umbrella Rank: 26170	33 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	321 KB
15	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9434	5 KB
14	yastatic.net yastatic.net — Cisco Umbrella Rank: 7338	278 KB
11	bumlam.com 7 redirects sync.bumlam.com — Cisco Umbrella Rank: 3330 pix.bumlam.com — Cisco Umbrella Rank: 86966 f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com	6 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	162 KB
10	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 65 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8682 www.google.de — Cisco Umbrella Rank: 6027	2 KB
6	360yield.com 4 redirects match.360yield.com — Cisco Umbrella Rank: 2215 euw-ice.360yield.com — Cisco Umbrella Rank: 12737	2 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 39010 tech.rtb.mts.ru — Cisco Umbrella Rank: 46557	4 KB
6	digitaltarget.ru 4 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 135519 dmg.digitaltarget.ru — Cisco Umbrella Rank: 23821	21 KB
6	adriver.ru 4 redirects ev.adriver.ru — Cisco Umbrella Rank: 40482 ssp.adriver.ru — Cisco Umbrella Rank: 28285	2 KB
5	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1569	3 KB
5	yandex.net info.weather.yandex.net — Cisco Umbrella Rank: 857368 info.maps.yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 9007 favicon.yandex.net — Cisco Umbrella Rank: 11737	58 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	195 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
4	aidata.io 3 redirects x01.aidata.io — Cisco Umbrella Rank: 17821	2 KB
4	rutarget.ru 4 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 194784 solta-sync.rutarget.ru — Cisco Umbrella Rank: 94302 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 74853 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 75032	2 KB
4	mail.ru 1 redirects dd.ce.b7.a1.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10426 ad.mail.ru — Cisco Umbrella Rank: 9726	4 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 863 www.googleadservices.com — Cisco Umbrella Rank: 171	17 KB
4	ignio.com 3 redirects img.ignio.com ignio.com www.ignio.com	9 KB
3	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 23877	876 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 39045	2 KB
3	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 16782 dm.hybrid.ai — Cisco Umbrella Rank: 33606	798 B
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 18180	1 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 380	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 271	797 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 423	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 717	1 KB
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 73667	978 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11505	593 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 37504	995 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	programmatica.com 1 redirects sync.programmatica.com — Cisco Umbrella Rank: 201986	461 B
2	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 5050	786 B
2	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10284	619 B
2	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 37832	477 B
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10532	412 B
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 23331	354 B
2	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 14948	309 B
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 78181	453 B
2	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 19911	137 B
2	allorus.ru 1 redirects allorus.ru www.allorus.ru	2 KB
2	forexpf.ru 1 redirects www.forexpf.ru informers.forexpf.ru — Cisco Umbrella Rank: 881534	930 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 705	338 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 73168	841 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 48430	244 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 74025	386 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1760	465 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12529	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 69588	317 B
1	qtarget.tech match.qtarget.tech — Cisco Umbrella Rank: 89106	215 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1499	160 B
1	ohmy.bid 1 redirects sp.ohmy.bid — Cisco Umbrella Rank: 74620	414 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 112659	753 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 70565	201 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 72134	289 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 58580	793 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 31092	633 B
1	profinance.ru 1 redirects www.profinance.ru — Cisco Umbrella Rank: 608385	261 B
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	bidvol.com Failed ssp.bidvol.com Failed
271	66

	Domain	Requested by
54	allo499.ru	allo499.ru
44	an.yandex.ru	10 redirects allo499.ru an.yandex.ru www.acint.net
21	www.acint.net	7 redirects allo499.ru www.acint.net
18	tpc.googlesyndication.com	googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.googleadservices.com
15	mc.yandex.com	3 redirects allo499.ru mc.yandex.ru
14	yastatic.net	an.yandex.ru allo499.ru yastatic.net
10	cm.g.doubleclick.net	allo499.ru googleads.g.doubleclick.net
8	www.google.com	3 redirects googleads.g.doubleclick.net allo499.ru
8	pagead2.googlesyndication.com	allo499.ru pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	www.google.de	allo499.ru
6	fonts.gstatic.com	fonts.googleapis.com
5	pix.bumlam.com	3 redirects www.acint.net
5	acint.net	1 redirects www.acint.net
5	ads.betweendigital.com	3 redirects www.acint.net allo499.ru
4	dmg.digitaltarget.ru	4 redirects
4	match.360yield.com	2 redirects allo499.ru
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	sync.bumlam.com	2 redirects www.acint.net allo499.ru
4	x01.aidata.io	3 redirects www.acint.net
4	sm.rtb.mts.ru	4 redirects
4	ssp.adriver.ru	2 redirects www.acint.net
3	www.googleadservices.com	2 redirects yastatic.net
3	sync.gonet-ads.com	2 redirects www.acint.net
3	sync.upravel.com	3 redirects
3	px.adhigh.net	3 redirects
3	mc.yandex.ru	1 redirects allo499.ru yastatic.net
2	secure.adnxs.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sonar.semantiqo.com	1 redirects allo499.ru
2	redirect.frontend.weborama.fr	2 redirects
2	kimberlite.io	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dm.hybrid.ai	allo499.ru
2	dpm.demdex.net	1 redirects allo499.ru
2	avatars.mds.yandex.net	allo499.ru
2	sync.programmatica.com	1 redirects www.acint.net
2	nr.bidderstack.com	1 redirects www.acint.net
2	counter.yadro.ru	2 redirects
2	match.new-programmatic.com	1 redirects www.acint.net
2	s.uuidksinc.net	2 redirects
2	exchange.buzzoola.com	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	sync.1dmp.io	www.acint.net allo499.ru
2	sync.adspend.space	2 redirects
2	sync.dmp.otm-r.com	www.acint.net allo499.ru
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ev.adriver.ru	2 redirects
2	top-fwz1.mail.ru	allo499.ru www.acint.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	ignio.com	1 redirects allo499.ru
2	clck.yandex.ru	allo499.ru
1	yandex.ru	yastatic.net
1	f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com	1 redirects
1	onetag-sys.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	rtb-eu-warsaw.intent.ai	allo499.ru
1	profile.ssp.rambler.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	allo499.ru
1	im.bluevoox.com	allo499.ru
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	allo499.ru
1	log.strm.yandex.ru	an.yandex.ru
1	favicon.yandex.net	allo499.ru
1	match.qtarget.tech	www.acint.net
1	sync.adkernel.com	www.acint.net
1	sp.ohmy.bid	1 redirects
1	cs.agency2.ru	1 redirects
1	f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	dd.ce.b7.a1.top.mail.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.allorus.ru	allo499.ru
1	allorus.ru	1 redirects
1	www.ignio.com	1 redirects
1	img.ignio.com	1 redirects
1	informer.yandex.ru	allo499.ru
1	info.maps.yandex.net	allo499.ru
1	info.weather.yandex.net	allo499.ru
1	informers.forexpf.ru	allo499.ru
1	www.profinance.ru	1 redirects
1	www.forexpf.ru	1 redirects
0	mitdmp.whiteboxdigital.ru Failed	allo499.ru
0	ssp.bidvol.com Failed	www.acint.net
271	99

This site contains links to these domains. Also see Links.

Domain
www.allorus.ru
allorus.ru
giprint.ru
www.allo499.ru
www.forexpf.ru
clck.yandex.ru
top.mail.ru
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.acint.net R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2023-01-16` - `2023-04-16`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
new-programmatic.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2022-11-20` - `2023-11-18`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
dsp.qtarget.tech R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-01-14` - `2023-06-15`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
log.strm.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-12-16` - `2023-05-15`	5 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://allo499.ru/
Frame ID: E254CAA43631C3C54548807239A213DC
Requests: 107 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=7582981508&adk=1916336945&adf=4218598984&pi=t.ma~as.7582981508&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317857&bpp=27&bdt=416&idt=152&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=4542000379673&frm=20&pv=2&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=289&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LkpOAv5fMo&p=http%3A//allo499.ru&dtd=199
Frame ID: 3B70D97D1E0CCBDA5CBB1FC048E60AC3
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=5249484045&adk=2481849862&adf=1058600793&pi=t.ma~as.5249484045&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317889&bpp=24&bdt=448&idt=181&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OX7O0iytNT&p=http%3A//allo499.ru&dtd=194
Frame ID: 9D3853BB9A1E2CACA17B58CA77A9A601
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=600&slotname=9693253600&adk=3432251827&adf=441479644&pi=t.ma~as.9693253600&w=160&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317923&bpp=24&bdt=482&idt=168&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508%2C5249484045&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1426&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1Mw0RugrD0&p=http%3A//allo499.ru&dtd=192
Frame ID: 017F13CEE7B17EBF1ECCDC1C9E49884A
Requests: 15 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: C95B2284CBC675AF68F57402630D4475
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22
Frame ID: 2ABFFF54AF384F93972B0A5456A7D120
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B0FFCE3A084E195507DD5AEABD760C90
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BBCC7C98C4F1D14427126C59B64FD4C8
Requests: 64 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: B682792CA12D32385FB5CEFF90DF1997
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: 46E0D273CF1385471B2D40C3FDED3199
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 712074003BCFB54007B69E141F8D08BF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: D7EDF670FFDD133C13D0C3AC19D71322
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: 665B794199964E55BCCC07127DFAC866
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Москва. Весь город в твоих руках!

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

271
Requests

51 %
HTTPS

31 %
IPv6

66
Domains

99
Subdomains

55
IPs

12
Countries

1755 kB
Transfer

4403 kB
Size

115
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: http://www.allorus.ru/
Title: Вопросы и ответы

Search URL Search Domain Scan URL

URL: http://allorus.ru/cat/question/5843
Title: Нужно обновить систему и настроить для расчета заработной.

Search URL Search Domain Scan URL

URL: http://allorus.ru/cat/question/5842
Title: Появилось желание отбелить зубы.

Search URL Search Domain Scan URL

URL: http://allorus.ru/cat/question/5841
Title: Проблемы со стоматологией

Search URL Search Domain Scan URL

URL: https://giprint.ru/buklety/
Title: Печать буклетов от Giprint

Search URL Search Domain Scan URL

URL: http://www.allo499.ru/guidemaps/43/69/
Title: Транспорт

Search URL Search Domain Scan URL

URL: http://www.allo499.ru/transport/89/
Title: Маршруты маршрутных такси

Search URL Search Domain Scan URL

URL: http://www.allo499.ru/info/101/
Title: Выставки в Москве

Search URL Search Domain Scan URL

URL: http://www.allo499.ru/metro/83/
Title: Метро

Search URL Search Domain Scan URL

URL: http://www.allo499.ru/metro/728/
Title: Стоимость проезда на метро

Search URL Search Domain Scan URL

URL: http://www.forexpf.ru/chart/usdrub/
Title: USD/RUB

Search URL Search Domain Scan URL

URL: http://www.forexpf.ru/chart/eurrub/
Title: EUR/RUB

Search URL Search Domain Scan URL

URL: http://www.forexpf.ru/
Title: Курсы валют

Search URL Search Domain Scan URL

URL: http://clck.yandex.ru/redir/dtype=stred/pid=7/cid=1228/*http://weather.yandex.ru/index.xml?city=27612

Search URL Search Domain Scan URL

URL: http://clck.yandex.ru/redir/dtype=stred/pid=30/cid=533/*http://maps.yandex.ru/moscow_traffic

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1568100

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=72940384&from=informer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://www.forexpf.ru/_informer_/euusrub.php HTTP 301
http://www.profinance.ru/_informer_/euusrub.php HTTP 301
http://informers.forexpf.ru/export/euusrub.js

Request Chain 27

http://img.ignio.com/r/informer/1.html HTTP 301
https://ignio.com/r/informer/1.html HTTP 301
http://www.ignio.com/r/export/win/informer/daily/com.js HTTP 301
https://ignio.com/r/export/win/informer/daily/com.js

Request Chain 48

http://allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script HTTP 301
https://www.allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script

Request Chain 70

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 71

http://www.acint.net/oci.js?t=1678414318150 HTTP 302
https://www.acint.net/oci.js?t=1678414318150

Request Chain 72

http://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&oE=1&oP=1&dT=2023-03-10T02%3A11%3A58.145&fu=9e85cd58-d36b-47a4-bba8-4fca6a25f587 HTTP 302
https://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&oE=1&oP=1&dT=2023-03-10T02%3A11%3A58.145&fu=9e85cd58-d36b-47a4-bba8-4fca6a25f587

Request Chain 85

http://dd.ce.b7.a1.top.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491 HTTP 302
https://top-fwz1.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491

Request Chain 87

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30&crf=1

Request Chain 88

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=4502420AEE910A643B00549502598292

Request Chain 89

https://px.adhigh.net/p/cm/sape?u=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://px.adhigh.net/p/cm/sape?u=1503420AEE910A64DF04976D0218CA30&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=P591Tpy82H8.AikABlGGyUoNVA

Request Chain 91

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5399256160 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=A1dj-fYB0-mS_MSPlcP95lg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420AEE910A64EA04806E02F55C37

Request Chain 96

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=005c0158-796e-45fd-9260-b95ee49ba9c6

Request Chain 98

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=FFJYCECW

Request Chain 99

https://sync.adspend.space/sape?uid=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd9b3ec55-2132-419e-b0c0-04e399615511 HTTP 302
https://www.acint.net/match?dp=98&euid=d9b3ec55-2132-419e-b0c0-04e399615511

Request Chain 101

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=oh7A1L4MQ5H7

Request Chain 102

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=f031e00f-34c8-5245-a111-9b96c51b0a78

Request Chain 103

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=4cb721f785764e01ac2d8fbdad184962

Request Chain 104

https://sm.rtb.mts.ru/p?ssp=sape&id=1503420AEE910A64DF04976D0218CA30 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420AEE910A64DF04976D0218CA30 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=25f56e00-3fae-4fdb-b5c9-d105927f408d&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJfVuAD-uT9u1ydEFkn9AjQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D131688643 HTTP 302
https://an.yandex.ru/setud/mts_banner/JfVuAD-uT9u1ydEFkn9AjQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=131688643

Request Chain 105

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=95acba21-26d2-4727-54b4-0265268d7675

Request Chain 106

https://s.uuidksinc.net/match/396/?remote_uid=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://www.acint.net/match?dp=127&euid=wjoQppwj5IYldlQhDnfk

Request Chain 109

https://x01.aidata.io/0.gif?pid=9401454&id=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=1503420AEE910A64DF04976D0218CA30&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 110

https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30&chk=1

Request Chain 111

https://sync.bumlam.com/?src=sap1&uid=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjvo6qgBmIgMTUwMzQyMEFFRTkxMEE2NERGMDQ5NzZEMDIxOENBMzCiARDwcjXGvugR7YbgACWQwGR8

Request Chain 112

https://pix.bumlam.com/sync/sape/check?sspuid=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=f07235c6-bee8-11ed-86e0-002590c0647c HTTP 302
https://f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 113

https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30 HTTP 302
https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30?redir-setuniq=1

Request Chain 115

https://cs.agency2.ru/p?ssp=sp&uid=1503420AEE910A64DF04976D0218CA30 HTTP 301
https://www.acint.net/match?dp=186&euid=f059f451-b141-4a0c-93f6-fcec3aa4fd1f

Request Chain 116

https://sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=6dd6bf13-60ed-483f-b6a9-b50833476452

Request Chain 118

https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30 HTTP 302
https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30&chk=1

Request Chain 147

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9937.ri4TY9mkoEYAFsMAfgbMUHKw3VAXq_DR8h6r6CZ7zPtXUP1ii6Rixzh_fZB6tCv_.-QV84Te0UTRqi-tK7AepZkokR9E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9937.zbLc8o1cGgFFHftx2cJbN5Fh9XawoNtArd-OGy8gKroOhHDOe1qNxE6mWuXzMffsOirBcHsT6baQEIVpFZOhKVyYgiWnZd6HPaL4uC_Xr7R05RtiuyebwjTXVd5eZn_lbV-NzLMl1FtHi3DwaGnChFC-GJXMzrQG93KH6v2GiF6QZh0SCuIZ698jEf0A9nbbYO5hWSPNeDy7aax81Ten3iSAiEYICF9KnJOHdO8nWWA%2C.HHjzuAOrtn23KrwW2YD7pu9x6YI%2C

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 188

https://mc.yandex.com/watch/48407?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414319%3Ac%3A1%3Arn%3A48791072%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&t=gdpr(14)mc(p-1)clc(0-0-0)lt(31300)aw(1)ecs(0)ti(2) HTTP 302
https://mc.yandex.com/watch/48407/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414319%3Ac%3A1%3Arn%3A48791072%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2831300%29aw%281%29ecs%280%29ti%282%29

Request Chain 189

https://mc.yandex.com/watch/72940384?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A75122429326%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021158%3Aet%3A1678414319%3Ac%3A1%3Arn%3A409457272%3Arqn%3A1%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A48%2C7%2C607%2C26%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/72940384/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A75122429326%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021158%3Aet%3A1678414319%3Ac%3A1%3Arn%3A409457272%3Arqn%3A1%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A48%2C7%2C607%2C26%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 191

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/de515266c23a027cc419ba

Request Chain 192

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64EA04806E02F55C37

Request Chain 193

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/f031e00f-34c8-5245-a111-9b96c51b0a78

Request Chain 194

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=ABE438BA3C98E83E HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABE438BA3C98E83E

Request Chain 195

https://an.yandex.ru/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 197

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=D64D3E1794DEE522

Request Chain 198

https://an.yandex.ru/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=6A3DDFB1A8368377

Request Chain 200

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 201

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 202

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 203

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=83B9958887D66931

Request Chain 205

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/6cd9e7268f2cb723e748cb3da92c74dabe2c614d99dba3de0ecddeec1d856c14

Request Chain 208

https://dmg.digitaltarget.ru/1/119/i/i?i=1678414318 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678414319759&i=1678414318 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/b2NGdfTNk2C9-JF7emQb

Request Chain 209

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/0dcf84cf-3a33-4f76-835a-c3de0c7c8f22 HTTP 302
https://match.360yield.com/match?external_user_id=0dcf84cf-3a33-4f76-835a-c3de0c7c8f22&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 210

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/12d0d00b-7b19-473c-6232-0d8b8f9e9c12

Request Chain 211

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=oh7A1L4MQ5H7 HTTP 307
https://an.yandex.ru/mapuid/soltadspis/ZAqR73DPXzE

Request Chain 212

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 214

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/a90d39e8-91aa-4bce-84a6-6e816ebaea74

Request Chain 215

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 216

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://an.yandex.ru/mapuid/getintentis/P591Tpy82H8.AikABlGGyUoNVA

Request Chain 217

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1969488566 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/6MlzuitBTPAmL.Q2RkWOKe

Request Chain 219

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/wjoQppwj5IYldlQhDnfk

Request Chain 220

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=25f56e00-3fae-4fdb-b5c9-d105927f408d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F25f56e00-3fae-4fdb-b5c9-d105927f408d HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/25f56e00-3fae-4fdb-b5c9-d105927f408d

Request Chain 221

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=a908fab6336e495b948885bd2365975f HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a908fab6336e495b948885bd2365975f

Request Chain 222

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 HTTP 302
https://an.yandex.ru/mapuid/dmpadriver/1dj-fYB0-mS_MSPlcP95lg?sign=3994544756

Request Chain 223

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 HTTP 302
https://an.yandex.ru/mapuid/adriveris/A1dj-fYB0-mS_MSPlcP95lg

Request Chain 227

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 228

https://sync.upravel.com/yandex/sync HTTP 302
https://an.yandex.ru/mapuid/upravelis/005c0158-796e-45fd-9260-b95ee49ba9c6

Request Chain 229

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/T7CvITpFc7KmXdKQx2c7bA?sign=1985750216

Request Chain 230

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/oh7A1L4MQ5H7?sign=1005980410

Request Chain 231

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/oh7A1L4MQ5H7

Request Chain 234

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdHUbYmzpTDITcQ0HoPj2g&google_cver=1&google_push=Aa02lx-MRJUZSgwhLdYERwOVRx0Q3ZeOK3rugqbAlRb8VBH3p66lugOJt5LdGbG_QXiaE8434LWDrvZTDkPt7frWFIES1GSVcs5_NQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKdHUbYmzpTDITcQ0HoPj2g&google_cver=1&google_push=Aa02lx-MRJUZSgwhLdYERwOVRx0Q3ZeOK3rugqbAlRb8VBH3p66lugOJt5LdGbG_QXiaE8434LWDrvZTDkPt7frWFIES1GSVcs5_NQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6W9z4vbR4eXgoOGX33TDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-MRJUZSgwhLdYERwOVRx0Q3ZeOK3rugqbAlRb8VBH3p66lugOJt5LdGbG_QXiaE8434LWDrvZTDkPt7frWFIES1GSVcs5_NQ

Request Chain 235

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_cver=1&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1tkvIJE3wS6GiIDFJ8U1zhcnQXMecr3v9uEEEQxAibXmkwEU_OS1pFfFAqyhtXxyfQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1tkvIJE3wS6GiIDFJ8U1zhcnQXMecr3v9uEEEQxAibXmkwEU_OS1pFfFAqyhtXxyfQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_hm=ZAqR71YKuEkED9LMy0TICAAADUIAAAAB&google_nid=index&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1tkvIJE3wS6GiIDFJ8U1zhcnQXMecr3v9uEEEQxAibXmkwEU_OS1pFfFAqyhtXxyfQ

Request Chain 236

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBC-TnJzTAvfdd0XbT0--_M&google_cver=1&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15sbYIYhaE76AnQCjzTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15sbYIYhaE76AnQCjzTA

Request Chain 237

https://match.360yield.com/match/ebda?google_gid=CAESEECtz1iTCq7kUx-yQpWpWus&google_cver=1&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ6j7yCqrLnqOuUww HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Dc-EzzozT3aDWsPeDHyPIg&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ6j7yCqrLnqOuUww

Request Chain 238

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH170nXku_t9rXYcVLdnRnc&google_cver=1&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctMs7oOWLOW-JEqBqyV0zhiOADaIzQw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH170nXku_t9rXYcVLdnRnc&google_cver=1&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctMs7oOWLOW-JEqBqyV0zhiOADaIzQw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pYUlGMjZ0RTJ1SHF0cHpwaThvYlVhTnhSdWtZRUdoSX5B&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctMs7oOWLOW-JEqBqyV0zhiOADaIzQw

Request Chain 239

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQMwi364Vjfs29lQfF7Yfa3dlczHFdXBUHNCXYJOxZnSrQh4PtPf4sOBZw_vvbmpM9mEUbvLDYQb9sOADhmgU7A HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJOm8X_H2CGDMi8ANrN25xg%26google_cver%3D1%26google_push%3DAa02lx85IP9vK1EQQMwi364Vjfs29lQfF7Yfa3dlczHFdXBUHNCXYJOxZnSrQh4PtPf4sOBZw_vvbmpM9mEUbvLDYQb9sOADhmgU7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU1MDI1NDg1NjU4NDgzODczNw%3D%3D&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQMwi364Vjfs29lQfF7Yfa3dlczHFdXBUHNCXYJOxZnSrQh4PtPf4sOBZw_vvbmpM9mEUbvLDYQb9sOADhmgU7A

Request Chain 242

https://dmg.digitaltarget.ru/1/1093/i/i?i=288932275097850.62414264864362&a=77&e=1503420AEE910A64DF04976D0218CA30&pref=http%3A%2F%2Fallo499.ru%2F&c=ss:77.up:1503420AEE910A64DF04976D0218CA30.sync:up.xdua:duX7lfvrJughV9JX1QB0hAoC.xps:xpsB_3iF3dPxUvkO1nbduZEBw.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=b2NGdfTNk2C9-JF7emQb

Request Chain 243

https://dmg.digitaltarget.ru/1/1093/i/i?i=288932275097850.909619915065332&a=77&e=1503420AEE910A64DF04976D0218CA30&pref=http%3A%2F%2Fallo499.ru%2F&c=ss:77.up:1503420AEE910A64DF04976D0218CA30.sync:up.xdua:duX7lfvrJughV9JX1QB0hAoC.xps:xpsB_3iF3dPxUvkO1nbduZEBw.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://pix.bumlam.com/sync/amb4/check?uid=b2NGdfTNk2C9-JF7emQb HTTP 302
https://f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=amb4 HTTP 302
https://pix.bumlam.com/sync/amb4/done

Request Chain 247

http://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f HTTP 302
https://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f

Request Chain 249

http://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150 HTTP 302
https://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150

Request Chain 254

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8ZEKZN3OJKDCmLAPhNyVaA&random=1737493491&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412&ipr=y

Request Chain 255

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8ZEKZJvOJI-vmLAPqtuOqAo&random=435285464&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000&ipr=y

271 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
allo499.ru/ 35 KB
12 KB 673ms
608ms Document
text/html 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HostCMS 332067455 -499468159 -781104471
Resource Hash: 3767fe0b3855eaaf43e74fff933f9bd9c4743ba6a7630336fb2cccb1701c91e9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7a5807a55850913d-FRA
Cache-control: public, max-age=300
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Mar 2023 02:11:56 GMT
Expires: Fri, 10 Mar 2023 02:16:56 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6WbeXieddwJIc6%2B2XU0lPR%2BXOZ%2FGMOLq3O73PRZtCd8I3slB0F2ymmsBN29topKhRMaJE6Q%2BMCjgnTuqVQLHUsXj5PF2rXRtcYStiAvV09u%2Bv4kU7hI4rQs3S86Lb5xtbMHnK2Ne4IB"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: HostCMS 332067455 -499468159 -781104471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK style.css
allo499.ru/templates/template29/ 17 KB
4 KB 93ms
93ms Stylesheet
text/css 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/templates/template29/style.css?1355128328
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 883b601cc7ee3fb9759785285b6ba6cd159bacb569c70c5e7744a3824cda84d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 11 Dec 2013 11:26:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"52a84bd4-4589"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b87ulUjAhJhC44M%2FTbol2mMzEXCS%2BAPrwcSI%2BAYqQGsH49UR3JiNYrO949ryDiQaxCe7MBuxh9vkQgHSjL4vjK8Y3L%2BEiXocPv0fNb01LGtnvUVt90MAst26sr%2B64TMUUFvQlQkNpGnQ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac0cfd913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 404
Not Found style.css
allo499.ru/templates/template36/ 0
0 273ms
245ms Stylesheet
text/html 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/templates/template36/style.css?1355128328
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / HostCMS 332067455 -499468159 -781104471
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: BYPASS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
X-Powered-By: HostCMS 332067455 -499468159 -781104471
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pragma: no-cache
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L92ZWMqT6tOOT%2Bef71L%2FrZmEoWbTojVvY6vJDqU%2BjJnwea%2F%2FDmK4XVI7Rw51oVO1FU3C%2Bi%2FlTZJm%2F1tPU1Wg8OViM%2BYNWpS4WToWioBgmyQW05HjCLwZYlV0wZkGaR4OLboVEniGSlrs"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
CF-RAY: 7a5807ac3c4530d5-FRA
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK hostcms.js Show response
allo499.ru/templates/template1/ 4 KB
2 KB 123ms
95ms Script
application/javascript 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/templates/template1/hostcms.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9923ef32328e2d75ea829160658017dd9194d12d5da207ea68a8f2c7ff03765f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 04 Apr 2012 09:20:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"4f7c125f-e16"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLz5pvPLdO%2Bhk3dlx8s2sAHV2c7yJbRnHv3o6Ym%2FDF8olDPa8unmKOPy4jDkLqiGiqfjyjwBpo0I%2BhB93cJA9XupAyFOqgn0UG7L1X4ZaYCtaf2v1QsqSJPAqZpowhC27Ogny7%2FsS40%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac3f6a2c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK JsHttpRequest.js Show response
allo499.ru/hostcmsfiles/ajax/ 27 KB
9 KB 173ms
145ms Script
application/javascript 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/hostcmsfiles/ajax/JsHttpRequest.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45c46faa08c595334124feba5aa656968c031cd5b0cac0cefe087a1fca2556b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 01 Nov 2007 11:56:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"4729befe-6a37"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J4ikrJPbq%2Bd%2FUuGjmqQXuOjQCdNu1oh04IUTlAgKYV06RwoTcLBvcguB74OvP4stGiqhqycJA2XCvpJSQQLcjxWa0v02cRSpv77n9CJDSSCGwo4HWcunb%2BH1KiAh2%2BGbPPvFwdlVTco"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac3b77920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK ajax.js Show response
allo499.ru/hostcmsfiles/ajax/ 8 KB
3 KB 127ms
100ms Script
application/javascript 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/hostcmsfiles/ajax/ajax.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c5d641f96c5615a23b864a6bcc9d4c9d5714d3f066a9f31d3a6ab711a8b1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 10 Sep 2012 10:31:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"504dc18f-1e26"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsPcSnsLN%2Fc4wjvw9iNrdV293Ca2xISBIjWC1BMR0ZnYvokjM70jHAhLzHO1qNAOjQAZsy3x29JiqYshnfWTezGlCuWHNim4aiIDw8cdS2gkzaj7dySD8Pyf%2BMK62qCwI7nfoTNiEkgn"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac3bc0372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK JsHttpRequest.js Show response
allo499.ru/hostcmsfiles/ 14 KB
5 KB 231ms
138ms Script
application/javascript 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/hostcmsfiles/JsHttpRequest.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b10b1eda24aa562e47f895f454495328533c39d53ede77f4f53c1fc612e04c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 04 Apr 2012 09:20:30 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"4f7c125e-3647"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3Gf8JEZiELOnXC0JnC1uq2%2FA%2Fwb0Hpz3jRyIxFJC4IhOkHA3cOJf5kjtq93DGUN4SKaW5FKgcPDHROwB3bDiFkI%2FsUNTpm4xsMwneCC%2BxDbjzYFs83jIqtww6zXXeQichqeM3EZ5m4n"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac9d5b913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK main.js Show response
allo499.ru/hostcmsfiles/ 17 KB
5 KB 270ms
138ms Script
application/javascript 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/hostcmsfiles/main.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d64d0d2fe956a121db0a50f070ce2c676d9f510b5f9671124196e36674ec10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 07 Nov 2012 10:40:24 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"509a3a98-42bd"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxmGTLcvWm5ZFIFgUeLEAXhMGVu4D9DMOIcxDWROrQVYS3hUw8JNcVKqqurAEjaSHPXXvPsPgrDIb4ijn5VsZXZ38if0Z2f7m7ir5WW6LXnHo9jREwZCjtbB2RSN9NDvUJVRkK%2FZYAE1"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807acdfea2c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK style.css
allo499.ru/hostcmsfiles/ 5 KB
2 KB 128ms
102ms Stylesheet
text/css 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://allo499.ru/hostcmsfiles/style.css
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a51f47d09726d2dcd7dbb73ca7b23a9bdde39d0e50498c80fba7c8a8b08d6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 04 Jul 2012 09:38:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"4ff40f26-1427"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsSVFqtFs8%2FwR1MwEwYzHIeN2ccgJ68A4%2BxL0Vue88it0ZafqWHFX%2BLiiTyc%2Fy9iyt2YmIh7j7rzuPQMDrV3ySscmlE%2Fpa7YwMLajn7KEnNMASaPbElUSNqD1it2jQi2vyjl5HVrrr4g"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7a5807ac3b56913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK logo.png
allo499.ru/images/allo499/ 2 KB
3 KB 149ms
100ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/logo.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4225948c1c20f6b9d85d72197bde883ef602fa9f704474bbf1cc99985c8c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-94c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46DmX%2FOxUmGfafHpp9YDaZAgYJcKasDKJ9hpd61pKDiuJ1TApmJ8UyQbqk2JT8NdkJIWMUzyHBRrrLh%2FWu11BdJa0XvEBmNzjzgFoU8kJCxLjVtdaCZAZl%2B28jseVMk%2Fs6hEWG2DEkOY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae2d9230d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2380

GET
H/1.1 200
OK top_sign.gif
allo499.ru/images/allo499/ 3 KB
4 KB 141ms
92ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top_sign.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2be2c75a144709f6b4b081b7b18d7eafa100c602c2c09060079da841bb9024

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-c47"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxZd7l6xc6NZomQTm93zBoC7Prdb5TwZ%2BFJN7VhdtgBzuuQJsuK627WT4wXRu4fh5pXo4Q9OIXWka0vHUYsg%2F1kZ%2FkS5fQNQiyG7%2FT5dDM5GnB%2Bh%2F%2BhdywC3bSKcB437FzSNUKzprksE"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae28a62c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3143

GET
H/1.1 200
OK small_information_groups_160.jpg
allo499.ru/upload/information_system_22/1/6/0/group_160/ 5 KB
6 KB 141ms
92ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_22/1/6/0/group_160/small_information_groups_160.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b93124a9f2dd309ab71cb6c19b4462dae9e5bb3a4b9265209ebf63aeaa6653d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 11 Feb 2020 14:27:26 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5e42b9ce-13f3"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPN%2BVuF72%2BSK4rRMy6cgdlfKfcOVjttmwEcEuDJjn7zdyTJIdt0YYHu1kl7aVtljSf8yzhu3Cn21SWl3f6%2FcE1yL%2FhBOQdZVt2gZ%2BwiAVwXwcDQAmOwLsOqBdYYAySV%2F2%2Bk1upTH41SY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae2e8e913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5107

GET
H/1.1 200
OK small_information_groups_159.jpg
allo499.ru/upload/information_system_22/1/5/9/group_159/ 5 KB
6 KB 146ms
96ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_22/1/5/9/group_159/small_information_groups_159.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f923f0b2ee0d86a78637dc4eafc8b47c09d09ae5044e87997eb6b2c2fbae5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 10 Mar 2018 10:53:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5aa3b90d-1484"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNzfO04p5M2mMmg3xxD4utEuLVCKuEXWCiXbXgwLbskD942KydINlrSo89%2FwfTBWlECHCXSVQGDtEfhmE6taR56icIWdBcnj2Sxf%2FL7Z6tnRZEhADMAlft6rfrOb8i2kbSgS7eGzYpoK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae2c04920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5252

GET
H/1.1 200
OK small_information_items_967.jpg
allo499.ru/upload/information_system_22/9/6/7/item_967/ 6 KB
7 KB 141ms
90ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_22/9/6/7/item_967/small_information_items_967.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba6053d37dcf1ff0102e5ce3b7da0ef321df2a45befaa9e37c5f9460834f16f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 31 Aug 2017 14:17:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "59a81a70-19a5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPTAXQhFFgAk2L2WJy91xCKe2BQ8X8r7WXRXBPcHrqVrGqgtVPtdmT07TD1TbUmmOFUWHJ%2BkxP4rP05LqTzHFcW7aBg9gk09k%2B2aO9%2Fho02BNLtr3HK48Lr%2BqIO24EQM6ixJRxtDmxk0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae2cef913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6565

GET
H/1.1 200
OK small_information_items_962.jpg
allo499.ru/upload/information_system_22/9/6/2/item_962/ 5 KB
6 KB 143ms
91ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_22/9/6/2/item_962/small_information_items_962.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830e888d5958121c86bdae274c9848b01d97195d10e6ddbc4399d1f2ddc1d751

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Tue, 17 Nov 2015 10:40:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "564b042a-1576"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUkZJLQ6AeCoRZhnJKhZGQLRinUpTxUUWiXI4M8fiINBWKe7SLv25noli7ercF6jOmPE%2BQy%2BQv6boqsETF5onREhWFUt%2B3Rd2oHEC%2B0gTsA8IgXyFXxlMDYQvgNcM6D4izbO0MNElW%2F6"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807ae2d2f372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5494

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 96 KB
33 KB 106ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcb2cc0120007b9f25e6bb5dfab4d13dbd3b16c01e35767a69a2298c1b2fcb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32853
x-xss-protection: 0
server: cafe
etag: 14815262673978934582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:57 GMT

GET
H/1.1 200
OK small_information_items_337.jpg
allo499.ru/upload/information_system_27/3/3/7/item_337/ 24 KB
24 KB 500ms
129ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_27/3/3/7/item_337/small_information_items_337.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f6db3be8bae33992e92f2e5f19cb28bcf928aef490462b0060e5695b5b76e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Tue, 17 Nov 2015 10:33:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "564b025c-5f16"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyt42KPQ8KmH2eBlfBg9%2BHk%2Bvtcqm5J8V%2FxIgrOW3btRXDw%2FDr%2BjJdgkP6Hz5PTGd9p2P1mFe7LjFtv3zXZlniko2416whXU8jJRo9QALwJNGpnUSivybxjIcM5jwrvHe8jMpz%2Fk0ysu"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b14a6a2c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 24342

GET
H/1.1 200
OK orr_arr2.gif
allo499.ru/images/allo499/ 52 B
779 B 403ms
102ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/orr_arr2.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca5a70e346d269766c4bdf556309ee89162d2f73918555973706bb0fcb65769

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-34"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6By3%2F3n2HyhzNM39%2BMZNcf6ziMOVb5lpzTimmSxFgbILbeJFZrkWIgybjiz8CroBZEYXFwjIXnr2oK3RLKjfxYwyfJlJjFapPMchum%2FfjHY2Dah6BoS9cOtbP2R58FwfMfnA3%2F0rvAf"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b0df9230d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 52

GET
H/1.1 200
OK small_information_items_739.jpg
allo499.ru/upload/information_system_27/7/3/9/item_739/ 27 KB
28 KB 335ms
138ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_27/7/3/9/item_739/small_information_items_739.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ab57534e80b65a495befb1f14d981bd6562eeee72ea74b15f843f3d360603a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 28 Sep 2016 21:08:23 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "57ec3147-6c67"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N055CJ19PI7OPALyvXoJAC%2FFDr9HrjNmravIU0ElodaJ7izfgDFjZtjRkKhk6x0xkHH4i%2BVHGoUBhRe5LjN42ViIdYW%2BAtT4vDvajR4DA2kWhk9jBqITdj3PTMoJW9d0DBA5TRQL%2FHw9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b02cae920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 27751

GET
H/1.1 200
OK small_information_items_952.jpg
allo499.ru/upload/information_system_27/9/5/2/item_952/ 28 KB
28 KB 429ms
132ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_27/9/5/2/item_952/small_information_items_952.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bccebc1c44a2e9e01d5f9e0a3528b106b8451090a521a7499e7430d10525ecb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 04 Apr 2019 11:56:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5ca5f0d0-6e6a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXoSg1t4%2Bp6O79zKI0qG9zQqfA6QCdcHkobJQkRwZJLe1AINuBGwqYpza13vip9NvCbZ0g%2BJr0rhP6SLz9yJ%2F%2BoZrXMqZ5WaidmnLdSTqpC%2BiCb5ya%2F3tkaJ26SdjHRIV3Cu0yOahEdJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b0ce83913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28266

GET
H/1.1 200
OK small_information_items_959.jpg
allo499.ru/upload/information_system_27/9/5/9/item_959/ 26 KB
27 KB 474ms
130ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_27/9/5/9/item_959/small_information_items_959.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44140a8ed63ae318b195ca6fc89bb1322bfb1eab05447e4f299f726bf904d163

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 06 Dec 2019 17:02:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5dea89b5-67db"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hG7YXWONoxz6eosIIswjyz8sgRqB4INLf%2BVYc%2FxZJ77Txv6%2F5uX52MdzxdlF5fuzwS0YKI%2Bc0UdlSyCJlwTINjzd1G0C6HBWiNV4IS%2BaZ98RRYNPkoygeWhasXaUjZ0pObIjpiuOqiV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b11d0c920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 26587

GET
H/1.1 200
OK small_information_items_852.jpg
allo499.ru/upload/information_system_28/8/5/2/item_852/ 25 KB
26 KB 131ms
131ms Image
image/jpeg 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/upload/information_system_28/8/5/2/item_852/small_information_items_852.jpg
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc003eb7cee302c17e837c6838a3ddc3e4bf5057d21099985302e472e68fcbca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 11 Apr 2011 00:31:11 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4da24bcf-632d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0VKZrzGswwPJ94iirYM6puXwJ8kIbmhXKvwd83EPY8RmP1Wxz26gnwH59gObZHx26HSXXlvcJZoLPQinfliobBoebd%2FoYxh871GTiLP9Cz7TsJAcE3WgYMR4FWpYPdnDygYejbMnQOB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b2297b913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25389

GET
H/1.1

200
OK

euusrub.js Show response
informers.forexpf.ru/export/
Redirect Chain

http://www.forexpf.ru/_informer_/euusrub.php
http://www.profinance.ru/_informer_/euusrub.php
http://informers.forexpf.ru/export/euusrub.js

424 B
715 B

374ms
48ms

Script
application/javascript

81.177.34.136
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://informers.forexpf.ru/export/euusrub.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 81.177.34.136 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 271bab9fc21efce9ccad0b0b7e24f3a55b0e0c6ca40865f057a72bd3099304d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
Last-Modified: Fri, 10 Mar 2023 02:10:01 GMT
Server: nginx
ETag: "640a9179-1a8"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 424

Redirect headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
Server: nginx
Content-Type: text/html
Location: http://informers.forexpf.ru/export/euusrub.js
Connection: keep-alive
Keep-Alive: timeout=45
Content-Length: 162
x-conf: www-profinance

GET
H/1.1 404
Not found 27612.png
info.weather.yandex.net/informer/150x150_white/ 0
45 B 187ms
62ms Image
text/plain 2a02:6b8::17f
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://info.weather.yandex.net/informer/150x150_white/27612.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2a02:6b8::17f Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 0

GET
H/1.0 200
Ok pix.gif
clck.yandex.ru/click/dtype=stred/pid=7/cid=1227/*http://img.yandex.ru/i/ 43 B
380 B 113ms
55ms Image
image/gif 2a02:6b8::14
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clck.yandex.ru/click/dtype=stred/pid=7/cid=1227/*http://img.yandex.ru/i/pix.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.0

Server

2a02:6b8::14 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Cache-Control: no-cache
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Content-Type: image/gif

GET
H/1.1 404
Not Found current_traffic_150.gif
info.maps.yandex.net/traffic/moscow/ 0
0 444ms
66ms Image
text/html 2a02:6b8::130
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://info.maps.yandex.net/traffic/moscow/current_traffic_150.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2a02:6b8::130 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 200
OK smile.gif
allo499.ru/images/allo499/ 1 KB
2 KB 106ms
106ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/smile.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7b2694fade487338193a9f1df8c6bab7630d8269932611503b4e8e43f21ccff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-4f6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jylbnw6zdwcv7GkicpiqFsRJP2VMS756rIv2Rb8qcPakP5MggqlR6TkKHDcQHnOh%2FgSFlMeuR%2BRjhGd%2BQDfkVbPmrqrEw61ugYV0NOw6I70Xg9uYv0M%2FfDpA2c0jP3zITdve4siwEUmg"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b22ae92c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1270

GET
H2 200 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/72940384/ 1 KB
1 KB 215ms
73ms Image
image/png 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/72940384/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

10e4800bb8797bfe5648743ab240b419817efd521026fa21a0dded2cfc541490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:57 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1287
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:57 GMT

GET
H/1.1

200
OK

com.js Show response
ignio.com/r/export/win/informer/daily/
Redirect Chain

http://img.ignio.com/r/informer/1.html
https://ignio.com/r/informer/1.html
http://www.ignio.com/r/export/win/informer/daily/com.js
https://ignio.com/r/export/win/informer/daily/com.js

8 KB
9 KB

46ms
46ms

Script
application/x-javascript

185.167.120.17
BONCH-IT

General

Check archive.org

Show headers Download Go to

Full URL: https://ignio.com/r/export/win/informer/daily/com.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 185.167.120.17 , Russian Federation, ASN207056 (BONCH-IT, RU),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: 407ab4663cc18665c9b1eb1c0efb2651a2fbe480a3a46ef9ccd150afa96ef155

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Last-Modified: Thu, 09 Mar 2023 19:24:29 GMT
Server: nginx/1.10.3
ETag: "640a326d-21d0"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8656

Redirect headers

Location: https://ignio.com/r/export/win/informer/daily/com.js
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
H/1.1 200
OK tl_angle_pull_down.png
allo499.ru/images/ 217 B
951 B 97ms
97ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/tl_angle_pull_down.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2799fddbc7bff356222f93b8041ee564d4bc76394527eaf2a0f001be14938a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 04 Dec 2008 14:28:21 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4937e905-d9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCML7mheaTbJ3NwEglV8BixtQ%2BJ%2F3CvSqV38bh7ix4sBEyO%2Bm8L%2FzGWt9lXW5u%2BLPaHg5MqC22EfrjEpHmkPqKTbACIf9XbU%2BpIM58hZTVAMepP0E5IFn7vpEwDqHeV22gP%2BXfeTarFn"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b23f83913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 217

GET
H/1.1 200
OK tr_angle_pull_down.png
allo499.ru/images/ 215 B
948 B 51ms
51ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/tr_angle_pull_down.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67421d6fb8796772d0d42b3565cd383983fe6ba74e0c8da4d7d2a31b4e8d949d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 04 Dec 2008 14:28:21 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4937e905-d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZCYYsUpQ09IKVs4MywThWpjSt9uRv21oi%2BLWn1z7vgGq2UnsOFWsYTnQv1flFKV1y09RB9b3G1ZNNBu7p4cq3rRH24EEq%2BrgZ8DVviHTC47vy5UZaF%2BrtD9jh8bXk4ZCZWuiNapuPFJ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b2db642c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 215

GET
H/1.1 200
OK bl_angle_pull_down.png
allo499.ru/images/ 221 B
950 B 102ms
102ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/bl_angle_pull_down.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 867d38c4d68d7d0df97ec4071e3c2a83860fb1ccb7a3063bac0f7040da3d8304

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 04 Dec 2008 14:28:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4937e904-dd"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxzCDYTXJHNa71RBMWkgrsARCJnEzZXS0ctaCTYS18Yiu8XzDRcdGBr%2FuUD8H18OsAr8hgAtgbhwFRs9utvn8YPSKhv6U0vP8200YMhIZGk2WdrTkL7DFZo8I7vQsZkxq6LnIrAsB05D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b2dfe5913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 221

GET
H/1.1 200
OK br_angle_pull_down.png
allo499.ru/images/ 209 B
950 B 97ms
96ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/br_angle_pull_down.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b6efc3fe5f1f4aa3d3bf4f7eba99e758a928dea5de912039b3120806d34dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 04 Dec 2008 14:28:20 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4937e904-d1"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE%2FwAMfpklbVuYNcYqzjJN5RzG23b8ay%2FwyLivR6Q7xmjxJ%2FFbOSgljw%2BVuzBmb%2Bgb6IW%2F43hiRBbCuNK8HIAsWJKmhMcm1SArYflvYxaJHbPZkBj3t0Bpm8nx3z7bSsujUugRnBq6jR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b2fa45913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 209

GET
H/1.1 200
OK top_vline.png
allo499.ru/images/allo499/ 185 B
915 B 171ms
94ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top_vline.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df9a51eaeaee1aa2f2020dea3b9d72348d56a958641c1e6d75516d6f72f646f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-b9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naILQSGV1h7Uh7BnIsGciamxGd%2F6V1%2BT9NFH68xVifg1aL%2B%2FyMTUxR1NfrBIGmSnzUMwANfQoWdmSKl44HFk9a1uDiJrwhMVBYt6qNYZnLN2egXR2%2B0omvgPEKP2HwE780tlWPp3H9yR"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aebef5913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 185

GET
H/1.1 200
OK topmenu_sq.gif
allo499.ru/images/allo499/ 45 B
768 B 179ms
94ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/topmenu_sq.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80afc31ffccfcac4e40b1c21b5ddbb83ffec0454629c05fcde1e27e669db98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-2d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shqQ83s%2BtpW4f4kgnR6D6TGCHPJgLetBnMu4ImmZ0hKyeG8NpoW360w5EkFu7ftfSorauY1NrXbLSiqR8ANj3Uq0MHKHWVQQ1lsWUD1zQ52Ewnkqg7wgVFq%2Fd90GVtTLhMOfqVdY7nz5"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aecc36920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 45

GET
H/1.1 200
OK r_sq.gif
allo499.ru/images/allo499/ 88 B
824 B 283ms
93ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/r_sq.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7679030d55ecf998de3c31a1a33d9d66b19e71f77d3805d77a218db193ce2693

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-58"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf7gqlv%2BaXIK1Dlut8qg3NLKRuPtVVpF3KU%2Fg%2F8F5Z%2FmyVjmWBmhdWdxL4ZxVoJU9zpx9dEm5f%2FNhM91p6oL6z4noee5jjxTZkSMQJD6bymNPMEkurJp9jvltOfJLY67sEtPErMoEI2S"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af6e9a30d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 88

GET
H/1.1 200
OK srch_bgd.png
allo499.ru/images/allo499/ 203 B
934 B 169ms
91ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/srch_bgd.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2013d9928d92c48d14a7af80e45f91281d14f69e352662eab641c8fb986b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-cb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvSBzoayiVmsvorzhETiuXCXnagZJAfQktQE3zYl0MavMq99cfrdajHtA69kCYpjMEBMpaegQcoGUPhjnw%2Bqu%2FEww5OFcCMjiPxQhAU572a5fhCLHdnDBwCqYDPELTNrFUin6tsJDyjp"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aeb8ef2c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 203

GET
H/1.1 200
OK srch_left.png
allo499.ru/images/allo499/ 3 KB
4 KB 178ms
93ms Image
image/png 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/srch_left.png
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5ccb362c77e29e09fefe404a2270da25db304e2f4a34af48d4325e6a2ee56a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-d84"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6t7KPFuLJERu2RaobW1Y4Ci4yoDockUTLKHW3pBbvZPIZo59forV9QuvHRwvRqHQbp4VDlOiAYDwYmf8X1uSK95XqQd%2FecVoNYZlcKj9hO4E8wR0FbYIiTU83N8VFqkkf75wwuadyCSO"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aece0430d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3460

GET
H/1.1 200
OK home.gif
allo499.ru/images/allo499/ 97 B
831 B 370ms
63ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/home.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a2ee320011306c36ecf013fbd1552d09f3298c2799bbeb1d6dc28cf275ad7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-61"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwTYe5QrsTv4Ay3qWq2ytQys50PMx6FnM80WC9sm24mqwTcqN2eqQedhKKybhnvbh6GskQ%2B0mIqLUMvtfwAcXPQafLMtRf7g3kKyTx5xZqfwSZSYogojdEb%2FSi27%2FEHVJN%2BjpPRhy8EV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b029d22c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 97

GET
H/1.1 200
OK map.gif
allo499.ru/images/allo499/ 73 B
800 B 406ms
99ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/map.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00de0281484ce822c9e7f964e49977408cf15013f33f157ff4e1073cdc54767e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-49"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KA9FZ5OK3P5NsLjdrhQIjlpVvt%2BPfVLnYQlQcvM75Nm0l6fvCdvCC55YFA4SpI0twh3%2BT3htn9w2kCNj7MqZEQuOA1EXcr24RkSR%2Fjk4rAmBjL%2BItXyeRW83GPxcgYTwWYpPLYIZJ5Ry"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b02e33913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 73

GET
H/1.1 200
OK email.gif
allo499.ru/images/allo499/ 67 B
792 B 399ms
92ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/email.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a1dad13f7e1307071cc30c2bd741b846cd1366dc44c5e90d9bfa00a735fa10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-43"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtTsg4WG82aK0LAbCFWhEB2V9gpeuL7k14Yn9qCZZXvBbqOKyu%2FVYKub4jjimIltH9gzQai3hqrEw3S%2FjKgRX0B2RydaDS%2Bl7So6SiePgTKVUhl72UogzYftaQE5T7cFNKWbhgE9bwwU"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b02e30372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 67

GET
H/1.1 200
OK srch_btn.gif
allo499.ru/images/allo499/ 2 KB
3 KB 287ms
102ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/srch_btn.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d6d2f30e4e00720a9b4af99777a5f3c05293d68fb797d0af6cb7c2f22bde8ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-84e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqonb0dHYNgZBP5I%2BkKdHu0wQ5Rn4f9XQmLTaKDp4qLDfODUf17CDLKM66EvNqf4DZ3M5lOP01nn9XJHOz1HfIMuM8xYiTOPSLs7FcavDlrY4B%2FxtRrDWIZyEPAbkpdRYSWaf0%2B41ldh"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af6c72920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2126

GET
H/1.1 200
OK lmenu_line.gif
allo499.ru/images/allo499/ 48 B
776 B 173ms
95ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/lmenu_line.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917ba90fd530eca085683c3147a056ecf10239787189b1661ad68743672a6a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-30"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73XKrUEVA4ZV5VijC1eTk2nGAbJRuNqGGuSqvr1892pCrndQ2ZjET2QhNX2xWlr%2FG3e8MvKc4EnkSfUwt0Ev0639JEF6TxRPWaIExZTXR1uGGWjlkjThqS2penbGKeUZ3GA8BCHv1wVQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aebd45913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 48

GET
H/1.1 200
OK menu_hline.gif
allo499.ru/images/allo499/ 44 B
774 B 174ms
94ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/menu_hline.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d077dd5a8c304646a3cb1d4c027ac40260d4d2fba5e10a74ebfafc3d7fa2784

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:57 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-2c"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6A7djtusXkcObi2WGnjv09C1%2BnTm6Om8rP3wemVZWVTzJLyDIJZ5dw92hauCLEaEuN1eWPYle2KeqFlVuln9tBdR%2Btve3RDLouqn542Fhc9WGGPcIolAuIYqMdUoUhp9poNnVkCdTGL"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807aebd76372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 44

GET
H/1.1 200
OK top-left.gif
allo499.ru/images/allo499/ 114 B
842 B 277ms
97ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-left.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e819871952dadcf4058ed71cd682f6341c7b3974b0c0cc51d55b45900db1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-72"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQPEFY7D6fHpz8%2F4m2Z89PDqPKAR5rl1xnmK3i%2BmiQVlcIZfX4Vb%2BGnlObkpK2Nakjo392p1UG2JuKZa1sI7lgX%2BGlfndyxS8Vwy6A8Imx7x2zbrKGKkCMLGSNzvgDaxly90kdAjRwbm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af59462c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 114

GET
H/1.1 200
OK bottom-right.gif
allo499.ru/images/allo499/ 112 B
838 B 283ms
101ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/bottom-right.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89de9fa70df699893b535329929ab5e2b7f5a828b62edda4d0f2c98473bdd548

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-70"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gym0qc%2BLsTJ50SHlasXtO7f6DGT03yHXWop0RPzvx8ADgweYPeikeS%2F7xtFRCMuDIAh8eIBUi63H12O0r8ns7g14odNHDUalPr05mil%2F9wIJESRHy1rdsvVrurvGmkO7dWfshgcO4vRV"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af6f6f913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 112

GET
H/1.1 200
OK top-right.gif
allo499.ru/images/allo499/ 113 B
847 B 411ms
104ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-right.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771550485ceecb921c357f6f54be3679cd7f6533ad948acedd9b67c6a5e13b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-71"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFMuUH%2BYG6rmh4rwzanOlU8ddvdKaoWZsTdnlJrr1qrAOz%2BbtlCFd3MzIIJv%2FoiZbTRnyF5s2BF3N0MtHQW%2F57jC8NT9vIAVkMI4doFbpvwhqD%2FE2KsUn4D7Zh0onkB%2Bc0hm4%2B3dUXmr"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b02f1e30d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 113

GET
H/1.1 200
OK vline_blue.gif
allo499.ru/images/allo499/ 50 B
777 B 278ms
96ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/vline_blue.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf1493cfbd5eb28bede27fe0d0e7c64db876c909dd249199e69054461ab5c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-32"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlnbbwJbaWxqUD6OzrAiXvUhhTLBi17E%2FXqlY5T9OmhxK3dit2sLQYthwf6VHWd4HP9%2BjdDn2RYhFu0nr%2BxFTRgyO3BONbgLt0uM3SarK9eswXNxImBTOCLqRlywmEf9kSGwtG9k%2FMUv"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af6d9f913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 50

GET
H2 200 aci.js Show response
www.acint.net/ 24 KB
8 KB 233ms
72ms Script
application/x-javascript 193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:57 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 13:54:08 GMT
server: openresty
etag: "63dbc080-1e68"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7784
expires: Fri, 10 Mar 2023 14:11:57 GMT

GET
H/1.1

200
OK

ajax.php Show response
www.allorus.ru/
Redirect Chain

http://allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script
https://www.allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script

924 B
1 KB

632ms
164ms

Script
text/javascript

178.57.217.166
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.1

Server

178.57.217.166 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

hosted-by.relevate.ru

Software

nginx/1.20.2 /

Resource Hash

fd247690eac72e4b15bc1401a7806ca38b8059b8eae4531cf850962e8cf5347c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 02:11:58 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx/1.20.2
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location: https://www.allorus.ru/ajax.php?PHPSESSID=4prnk8oab1fuh0tto8a9gapol5&func=get_last_q&JsHttpRequest=16784143177511-script
Date: Fri, 10 Mar 2023 02:11:58 GMT
Server: nginx/1.20.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bottom-left.gif
allo499.ru/images/allo499/ 111 B
848 B 405ms
97ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/bottom-left.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d837beb5564ed703916b86819379b4c01f53ea9b9aeae075da4e7137e86494

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-6f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZBU00wjv3t5cahCLhARwpl14rPbapbSEwz2sMu96vuvm3%2FwF2VWdYzAOQlX0vzjoBIKYGPhyC%2B4o45pV0y%2Bn1%2FP%2FBvVRarX2xnResNe2xktb67TSvzVXq82909zodXFGrQAAZtlpHBe"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b02ff6913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 111

GET
H/1.1 200
OK arrows.gif
allo499.ru/images/allo499/ 51 B
782 B 279ms
96ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/arrows.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a26ba71be3b5f4d17460372dedd5572d61d6a8f102f975557243644f275d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-33"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2nwmwGfr80S4%2Be1RBsGgJrZQd3CNiIVYNQRF7Q3DPa6N%2B8F5BrS4UJTBFqKIX%2BeCTCk9PacJeG%2BdCKfsDsJw3gNDOD6lkwrdqdJLNlZ7pUJVZtz4Ovnu4sQWCOHbGSrzEKc%2Bdg%2BcK4d"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807af6dcc372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 51

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1350936919961502&plah=allo499.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9c7e70f03906de2620a6c6dcc8fe75c602f5a39240777618fd32f4b5043a6bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121460
x-xss-protection: 0
server: cafe
etag: 11659252196810109509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:57 GMT

GET
H/1.1 200
Ok context.js Show response
an.yandex.ru/system/ 283 KB
85 KB 150ms
76ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

http://an.yandex.ru/system/context.js

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b6d7dc20935e9f6d9c5d14c27335dd9cda044118bebf96a3d68f37d3e29f2d40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Yandex-Req-Id: 1678414317989896-531245095096400618200122-production-app-host-sas-pcode-464
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Keep-Alive: timeout=600
X-Robots-Tag: noindex, noarchive, nofollow
Expires: Fri, 10 Mar 2023 03:11:57 GMT

GET
H/1.1 200
OK top-left4.gif
allo499.ru/images/allo499/ 112 B
844 B 379ms
91ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-left4.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10ca1a5fb2ca07965237b4cbd18775a79bee5454b07872e5311184c4a84f2cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-70"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww8ZZvHwj1sbG1tt2%2FElhtpozBhwptMPCylDMXesNfnKD%2FE7FTHTzpvqjWW%2Fen3N%2BvMZNcjMKeaQG60y7ShWkl95ucxXcMVux50htnx8e%2BXErMMS1VRxXifSlAKqYBBu763%2B6b08G0hw"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b0ce81372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 112

GET
H/1.1 200
OK bottom-right2.gif
allo499.ru/images/allo499/ 853 B
2 KB 390ms
94ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/bottom-right2.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97de20a5373f52ef872fc451ea42716453c5b77d5c96f5dc46b2958c5216f288

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-355"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE%2B%2Fo7lDR4bkhCP56ed9mKyaUj%2B%2FXftkXHl6p9l3hRner6Xkhsxg4Fvyiv%2FOJC6ZghexRHsAlkvclXlLkcNcOjuvNaTTpXdUVDbKHjTRR1ZSo4aZ2jcF6NFCb6mGhicwElFmzYmI4BHP"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b0c860913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 853

GET
H/1.1 200
OK top-right4.gif
allo499.ru/images/allo499/ 112 B
848 B 507ms
115ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-right4.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f0d63c49587e6fa78489150472b5e408e841fc019b842959a9c8ba8802de6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-70"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trwhr44%2BkvFhu%2B5XDqwuRAvFqJ%2FVNCk5JbUnYnC%2B4ujo0iX7ZyuY0CHAkkdNON7gEaLBGdbmmBmbhSQSO0FWoI1%2FCERf%2BaYsGs5xKBh%2F6k3obriYLoZZYxcPe%2Bz97vQR10CFv7GwNpRK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b168dd913d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 112

GET
H/1.1 200
OK org_arr.gif
allo499.ru/images/allo499/ 46 B
771 B 367ms
99ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/org_arr.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6535ca45d7e2f15c6da759ed9f54b5feaff988342e1a244d14086934d9e057d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-2e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MraczT3Lw%2B38HgXHzDqcyOpXiB2I9V5INGfotRhFq4zRHuw7Plh7QoqRrFwaOGNHH0Bh0sxHrbO84vvC0ePfvg6sPK1BlfUblbZQ%2FV5KisW2fLabwc1qniTYz51Ybgd%2BJu7qJ592Wu5R"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b09a102c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 46

GET
H/1.1 200
OK bottom-left2.gif
allo499.ru/images/allo499/ 116 B
842 B 475ms
95ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/bottom-left2.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eaade5c2030227244f63d3f6e65425add4ff310bc7e69b67bd1a59ce57de9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-74"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncqODEAYhopFuPo6Gn2yKfEMkt9DiJwhfm%2FNID1Qviav2GoAQPuz%2FjyxbatpErGg0U1iLTzRRGPsX6cZfubKmg3MGCAUNEiz0oD320OoIcqlbHOn3Ba%2FCG6ZSr5qwRavmbZNYaaL2kQZ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b15ecb372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 116

GET
H/1.1 200
OK vline_orange.gif
allo499.ru/images/allo499/ 50 B
777 B 495ms
92ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/vline_orange.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8629350a9dfca70ce7c76b89b02a1697759026411576ba08d7a28e4f26a3332e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-32"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9RRrgsqN%2FYd6DISP8lvdNHaJ0T%2FnoFaFjZKa310IIcZHg5FMy7ifYhNZANyYAEeh0ovN3GwUPilkJcqQTsKRDrAyABJS2kHVJuRS9ml08Xt9CjeT0r9dYrlk155gMlGPmm%2B4jTD2%2BjB"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b1781830d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 50

GET
H/1.1 200
OK top-left2.gif
allo499.ru/images/allo499/ 115 B
849 B 497ms
56ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-left2.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa177d4132d8a6bfb33ec6536238b0f8346b7af86659e32a347637893ee47be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-73"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXrwcAkR88S5HTj4WpiG546zyEQIKMkzMTDJIj0MmxphxOZXUrqYfzfbVJY4XfLyGhctNLOYHoxDYih12hMZNlKs%2ByHRBtOeLO%2F%2FUUoAb20YT%2FVN0t1BAQ5EZMvAm%2FeyEZX%2BP%2BsbyU4J"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b1ed48920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 115

GET
H/1.1 200
OK user_icon.gif
allo499.ru/images/allo499/ 426 B
1 KB 489ms
91ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/user_icon.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c2e01e93a2448e879d69877681ea4bc9150d8f1918710a918e953b6dd887cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-1aa"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VeW1FUzYG4RP%2FpWm2j9Oip2ufJq%2FfEfDwaXPYMEz6GzV4H9Aubmxv%2FrVAQxV65yIH3L%2FYe08V%2BNFPd6yeeU%2FQlgIdV6YeCgLTWfNRmUQtkAkgW54o6gaaDesWj6Fewu8xfwlJg2GJK%2F"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b1af13913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 426

GET
H/1.1 200
OK enter_btn.gif
allo499.ru/images/allo499/ 960 B
2 KB 532ms
91ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/enter_btn.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44edaf520b99acbf1d27ba44aed813e42bf028e1a9796e5870feed8968aa107c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Sat, 27 Dec 2008 02:40:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ae-3c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZez4zK8UpJ8It9m5UlShIEib3k6wckv9yMzF4Ftu6GeeGvhfK82qSvWy2ZLsPAFuPCcIpaL3fCuzHUR5cKhBXPYM%2B9o%2FAs5DNBYH2fblujKvvIxXFNkDOk7bR%2F4nk7hSSU83zAM%2FwKx"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b1ef1d372d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 960

GET
H/1.1 200
OK top-left3.gif
allo499.ru/images/allo499/ 169 B
893 B 468ms
92ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/top-left3.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f24d8ad038e5a33e05fb6a1d6cf6ed6895763e6d28547a7a47d16493495247c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:47 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595af-a9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ojsCE%2FR7k1QhhcmiQpJUYAl0c7gHFzFRlt3pnMmlNtkBageLjQHZlYp7ocZs3Fee3%2FGykpIb9kigTvdx2dW5FEEXePRfb1RjMpyUgXJ0cNGpIpJuX27na3GLYCPmhakArsN135VtUwA"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b2088530d5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 169

GET
H/1.1 200
OK bottom-left3.gif
allo499.ru/images/allo499/ 169 B
901 B 95ms
95ms Image
image/gif 2606:4700:3037::ac43:c745
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://allo499.ru/images/allo499/bottom-left3.gif
Requested by: Host: allo499.ru
URL: http://allo499.ru/templates/template29/style.css?1355128328
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:c745 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db4f215d165c45e10d3105b078a84a163e32a0f063ee655c537a796580992f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/templates/template29/style.css?1355128328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
CF-Cache-Status: MISS
Last-Modified: Sat, 27 Dec 2008 02:40:45 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "495595ad-a9"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQAaieFnd%2BES538ipRuK1rj9HA9I2KvAxM26GpzQwgw9ZQY%2BAKwyIb7rf%2BvEcsytXbNoyIqGT3pqtNywJGqZKInHj58Qw0ofcgFs%2Bhdswj%2BvoVB5pwk%2BuSDAyUjOoGtfZuVxySbK20MQ"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7a5807b32b982c2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 169

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 84ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=allo499.ru&callback=_gfp_s_&client=ca-pub-1350936919961502

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1350936919961502&plah=allo499.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6aa05b8acad62acebc1904602adb51c5451d486962474223fa7f18b87e04446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 98ms
30ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=allo499.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 92ms
25ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allo499.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B70 89 KB
32 KB 399ms
315ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=7582981508&adk=1916336945&adf=4218598984&pi=t.ma~as.7582981508&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317857&bpp=27&bdt=416&idt=152&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=4542000379673&frm=20&pv=2&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=289&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LkpOAv5fMo&p=http%3A//allo499.ru&dtd=199

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f05de7f7f9e6ed8d5ad8815e01a59df765d0f0ef05c917f3b053ea79df06754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33055
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:58 GMT
expires: Fri, 10 Mar 2023 02:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D38 89 KB
32 KB 355ms
301ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=5249484045&adk=2481849862&adf=1058600793&pi=t.ma~as.5249484045&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317889&bpp=24&bdt=448&idt=181&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OX7O0iytNT&p=http%3A//allo499.ru&dtd=194

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9add681f010f4dcdf40f2cb0d13309351f4eea0395b40ba149903d2fced18b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32941
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:58 GMT
expires: Fri, 10 Mar 2023 02:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 017F 92 KB
33 KB 322ms
297ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=600&slotname=9693253600&adk=3432251827&adf=441479644&pi=t.ma~as.9693253600&w=160&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317923&bpp=24&bdt=482&idt=168&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508%2C5249484045&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1426&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1Mw0RugrD0&p=http%3A//allo499.ru&dtd=192

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50f92230ec02e52d38bf747282a29c1b4112fa1e7f715a29fcdbc8daecb76ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:58 GMT
expires: Fri, 10 Mar 2023 02:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/ Show response
www.acint.net/mc/ Frame C95B
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

56ms
55ms

Document
text/html

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: 064b963a6c7701a3c70ea15b40c573d1994e3aebbfc0414f1e8b5fb324d11ed3

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 10 Mar 2023 02:11:58 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Fri, 10 Mar 2023 02:11:58 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2

200

oci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/oci.js?t=1678414318150
https://www.acint.net/oci.js?t=1678414318150

31 KB
14 KB

58ms
56ms

Script
application/x-javascript

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1678414318150
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: 7b9e0e0ec0063298da91bc1f82f0f51c7a0ff146e273ee3a1ae49af2b29c8369

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 08:01:14 GMT
server: openresty
etag: W/"63bbc9ca-7dac"
content-type: application/x-javascript

Redirect headers

Location: https://www.acint.net/oci.js?t=1678414318150
Date: Fri, 10 Mar 2023 02:11:58 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0...
https://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D...

43 B
341 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&oE=1&oP=1&dT=2023-03-10T02%3A11%3A58.145&fu=9e85cd58-d36b-47a4-bba8-4fca6a25f587
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Mar 2023 02:11:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=14837132&u=http%3A%2F%2Fallo499.ru%2F&r=&rs=1600x1200&t=%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&oE=1&oP=1&dT=2023-03-10T02%3A11%3A58.145&fu=9e85cd58-d36b-47a4-bba8-4fca6a25f587
Date: Fri, 10 Mar 2023 02:11:58 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/734142/ 14 KB
5 KB 541ms
101ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/1c0942547d39e10f5f56.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bd2d7b6dcb0d1bbb7db3189ae86f888ce8e7ab0186d56dd778449191775baff7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4801
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "cb6611cb694c743d9a6ee95208c99e49"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:52 GMT

GET
H2 200 5674f683a13b2c6259e7.js Show response
yastatic.net/partner-code-bundles/734142/ 112 KB
24 KB 559ms
121ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/5674f683a13b2c6259e7.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bd7331f7e556587cb369aff2cf0ee414810aa896688446accd96b4725e9c9356

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24264
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "2576154970087eed73d17c5678dc51c2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:45:30 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 580ms
145ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:21 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 512ms
79ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: a54940fc5fc73192
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 08:00:33 GMT

GET
H2 200 48407 Show response
an.yandex.ru/meta/ 135 KB
35 KB 562ms
248ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/48407?target-ref=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C75%3B730322%2C0%2C55%3B729111%2C0%2C50%3B729105%2C0%2C43%3B672079%2C0%2C7%3B732231%2C0%2C57%3B734894%2C0%2C20%3B734142%2C0%2C60%3B681843%2C0%2C29&pcode-flags-map=eJydWF1z2zYQ%2FCsdPWdcfoKi30ASlDAiCRYArSiZDEaJFVsdSe44duo6k%2F%2FeA0HZJG1DaZ9MUbrFAdjb2%2FOPyQUWSszZUuFMFTghhcoZV7RSCa4qwifnH39Mvq9395vJ%2BUTyhkzeTe423%2B7oJXxGyPeDaPLz07tnmJqzrEmlUKxSNW4EsSJEbhz4BoFUOCmIIikrn0EKKqRO5oJmhOkH%2BDZhCvNyALt5%2BGuEGvphi5pR0cKmrKmk4iSjnKQaEte1PTPPCQLvaW%2BwEVU2haScFQWgVVI%2FEK6WWKZzkilJS6JYngsi7bi%2B50S9M5NteheEC8qqQWTku5ETDmNDxzE5NRUtGM4gAX1duBxs5u72ftMLC7ypHzsmDLYhRHu%2Fo5jxGfaCgBmCkEqxRBB%2BMeLE5rD%2BvNsMIn3kxWaHOX2vSlhrTuhsLlUl7UsGoR%2B7beAKVxl5r3ijMlZiWtnCQifyfPS0XsLZApKFtdSM08wa6UbhFL26oALiSE4Ta7jnOihowz%2BQylN5A9RY0kzOFS3xjFhjAzeYOs%2BxR54mjOtL5TijjfjtFxFWWOdtEla4WOKVsEf6UXfOWV5DUYiaVUAMTWHWDOnrOY4zjA0c3%2By5TlmmCwtCK2lfLwSYjko5g1MmmrvH9RR5b6UFLBlF3stwmmvNWuoiAnb%2BH4RjAhe4aAa35TuvRxcE80qVjEPFYk7xaN%2FeYFGo1e6Ua04Zp3KlkhUoGVnWjNsPDEWoq70jLzrdSgW3BsZuNO0xkgqVYs6ZVDhN4ZaERSXC2A9ddxDbslgApeVcH1ONs4xWMztIEAYm81ZxgcpyVRPl27MOplHYu56Sp3BOgia0gFOzLxdH6M1I3YPSgqaLE6sfMVqBN31PgcDmFHSd6k3kOLVXczz1OlE3eXQgpm1JpolaF3iV4HTRax42SOR4ge8NrmNOWsGHJkYEnVkZj9zQQ%2BYeKrKEkByqfK4KNqOpPW7qd5IGaeaUl5qznFTHTlNzkthFFYEqeu6AvNB1ODAJGjC0SjgBLZQi5bqnCGGtfeTGbhAMwOZUtpn0QOA8FpLZgfzI8%2Fy%2B0RhZiozkGK4fXuS0opIA29MFOBproaIgdBAapCdKzKX6oyEN0eCn9hcihMInNyDnHCzUKDMCBcw1lWkFQkWhGRcnsorcqKNOiqElsaq7QJzrgqQ5x%2BBVWvtgv8loGqP4yTfknAJMsVImXluI2r65YXyyUIJ%2BsNYRQrHfXXcvQrT3PTwV%2B7px4ERPKCDamUawWkaEpgFyxyurEgwjtq%2FleZ0l6xFSG49fYuUUBa5%2FLDfo32B6YatAGgU20RiKVsCMN3jpyF%2FgRVP%2F5S7kzL4HuKap268NrRlGZF45%2BrYfnLLgKPZQ505MRYgFrZXkrQCekmQUw1RggkdL5wXTdjdTJtETINOuCt4Cack1wPi6fVD79YO63myvru%2FegGuHB7UgCU4UOE7rJOJAaxuUoqnm5RxY0iNMBS26FdxZA%2FKukkbPKimhF%2FYKjVwn6Don58oovWzAophKbw%2B6FZVmNj8xhwGSKdUCf1i14qBag9cP%2BzH5urn7cl2ub6%2B2h8m5G4JN2t983u424st6tz1cTc69nwPUEPpijwRGFsHvqaTQTNDjXX%2BBj5P9ers7u72H3P5ZHy43D%2FD8%2B3a%2Fvtp8G7y6Wu%2FbN5ePm4P5%2Bfr79u7GPO7Peh8uD9vurUZ%2BQoAXt%2BvH3c3jdff14635e3%2B7Pjts%2Fv724gd%2Frm%2F22zb00%2Btb7Ffc89Xarw8deT4I1vzEJy4eIt2x7OAGrEZasNHQDVPpcLKFCc2QpsISKAYqx2ed1imJZ9bhATqL1xNKzTk5J6UeBArGjVS3l30CxQGcF8KXMqFtEihMkSVQKZTYUbzY7SzraygrrCCRxWgg%2F3K3G2M4ffPZWTda1WBZtHf7r8YtggE%2FfhOwp7AgiXYT94wkJFTySmuW9hRznIFNgEHVujE44I4iup%2BY0V1JUsJ%2BpFU5Iz%2BYxr0Zbzzyw%2Fdu4I0i3PafJT%2F%2FBXvDZIk%3D&pcode-icookie=N74ZZxvFPkTz4aBjnqwlh3DdGKZ7M0V6SI6dA2brCGoA5RoQtvORp%2Fr%2F0xuWKo1rFG0puL8FGTq9S2txshw7ndp6AO8%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=526666069704706&ad-session-id=3418081678414318305&target-id=20093165&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fallo499.ru&top-ancestor-undetermined=0&pcode-version=734142&pcodever=734142&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1067%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A306%2C%22top%22%3A782%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjozNX0KKqSksOOo7YEIUBczLFH7jDw7jrunlkpUgjDVMJd_dnLN-fscsg35fM4JJc4nTkxpck4OpSZIqnyYs8wszLcB-iIAl1RBVSyCBcl_bGhqmmcWwVixYqyqoCLxEp_A53pkvsDH8SNN7MP2hR6ZBy_2ISwccp_ri2IfJ_bEC4Xrhx5J7JF7pMsl8kjARM2MTIJUysSMTCanY2KW0EqkMiYgv5FZ3duZkcok8phGjlQGqpZORkFPSUsloaWm0cb01DQSGY0EVK0P2RcuW74f-YHP87lsfuhj-6JdLV7ofA_ex-f6wni5Q1i4PE-8k5-qWOsTLjO-z2WPD5O7YEIPkR-Bqd158D3EBxkus927zOD7WMtvQWF5Yq3aPiKIMuBAoKako0imTAnAHu9m3u4bUgQ74mzi7jy9y8cc6Dv-Uhs7DD347DNJTZcsHCrUjScM1HTALW7IGaSymF4qp6AAVYtUTkujXZgFlXIB0GWIEmoq5UKUMy3ecn3c3YCzRBNPnwdjg5062kFDD-47TOZj7jjDl-sRDwxfwKyWLx0SugFOmTcwMdPRAtylQEaDZOhGIk1gMzJIqelBXDhS2lOQtDEaOnMXTwORR9L0DpdiDtCFuPW9XKMex87ezAPq8kToh-jhucR473lbVuQefDM_vOnv0OOHZogQ3z9SP3Agq5FsvqsXpzHE0m0pI51cIltcpkAqly5TkLZ4mZQqjYpVo1ApWJnVh8-sLii9K91OQUmPTDssKZFW1VtbcC47l8teJtUal381H_fd4E3C-sImr0Nyp2opJAzS6YxDRHXRpa7h1T2uBe8tPA3HyXRLZSBJtOYSZSw4gztu57gvrcmbbvBQpVJmKtKeQpqX394gTrNPryy-WmG8GopH-m-eAxUN9n1VSgurMVvYy2consHgx1OK3H-ucPsP32GFypgVxPOa7HKf32HPYsweVvGL4v_wMNqGeADziJYRf05vyYblLAcjWZ6WkB14bj0DJb2t05IpegwJ2AvMwNBDPeNQDtXHX4rxfbztG4x4jxuGT8hMQSWncZlJkWzO_iGgLUD8PbHhhL9gYPhA-YTaTdvlkak4mP1oUQ6vwU4xRb8gyfqPt7oXRxY3gyVvvPj4N99Y-uTGmY_oKMo-z81_Ch_kFjfx926tDZZvek7zEZzW43OX32wN5ogLA-f_xPn5eibnsmhkIFAwIqekRkLlXhYzw2LCbkY4dNSNHCvyeJFHNLGRZAg_3IN3e2lcWBOlgfJhMasZmF7ypxDwKsC5OOvUKmeKofzJNnPnKE4gnGM9hhRBf2XDmRC0EQXhAsHqoDugEFV-Llz-sSZc-FjpZg6zvHSSKs-3xKrUqEDfj1KizBzck6OmlEgV2kwy4YSbhGTTmQcPJ4SMT86f1tiDSLwrQP-Ucnsf7yVrnVksUypRapTKmZIFTVO-LT3tAMXcGtyh0wG3_3ZPO95i4G9_N2MXEpjaTeyTzwfvi3Z_ED-6BwMAY3KneYu_wbqL8ec8zy_oMDXgXBeQo6_bpVx5POk2k2PeweQ9nXcMTKMHenotN3CQN-aUyzhwbc7qVtdg4JbaMJrWBVt8CXM_XJ7YH_kgNbY3l6evLJmohbMrhDkpK_bml03jF1ifodYSJI1fcYp_nwJ7IrDlJc0FyqpRoZwCBUOvQKFM8Hs8n8IV9neICn_uuv42a9IpSKdWhTNzUCGa3x4o72wEE-ydkqbK9YwXK5XxuGMvuplzK1sTN2aBg2xIB6Yz3ylwCLAsl7X-mF28P5sakucQzj7Z0gBjNzbBM00u1dErxSNbavtTyMatncrLXLruBFt5iZ0udOkbg1j8PyN_EU32hzNROMse94ULvyn4gbirljHRZHBHXrJbxnCc0L2JPjG38Xjs5IoECDJpCB7FoPkwF2sh-TAbP4fkE23J2Jb9Yu_eP-46gVW0DbRbWkU-bTv8KQ3uw1qYZna1qcgf2bFo5ozbtb9HxnVDNjjIrCjtPWrSmuv_gUnQzvJ4Fbm6eB-b6NYh0XFgJvqFO1Zf4JEuE1j1k6I3kvuaLEjde6g_hrXXIJ7b3GrKPQ-3H9_AnH-n4piDrKrKQZ2PANpx2uKaIHuDMxm8ISbutlc0_9e3UA72T80D9uUjfvl2dH22Va-mkMSN4bPvxO5Suwe-hFQqFZa32PQ6561D3KnAyS2Wzq2fUsLAuJi_rmp6MAP8cCiydxg92V3S74xwB9IaX2YiH55DZFKw_Znk0YDMx-A7_pDJzKSVAC9BpdUbcSIdybi1sePIzFgYT-rMbx23p6NyIRzUlFti08mkjGO8xhRyqgniPpwrovntXIyn-fsO7_dnPfi9_vAviNUtiQ86sTgm0f-2mvgG7u4jzu3CdSjvDNiMigFJS0VJSyMZMrG3ozO-CILWT5fPoWfMl81lJyW9jEZCybiWlrWxDFIwtEYNS-BUTTEzOPkmp0EuyxFoEnd8MrPGPqnABua4FRTI6OUUshq3LE1C16UDK6dzM9HIBlscnRCmHl_JqmCH1NbCPQxuqcajn1vpwiOrc7t7UTjehXmhPgWaxG_Q8QLGzWFTqBQKY-V0ysP5wgYCYa7c2I5mBwu7fWdXzW8aaJLRefd6-ujEjtrvtynix-dJscP04leM02-92BXjSVlRSCipaZBPZDJr0WNXS8a5OLeIer21dqzNJtz6u4v_wBFnt8QhuaNuD5cCYSnrbZrw6FewEMeOmXBrXW1mTXAda9j3W0XbV1Jq1dT6M9IrlqPP2Tec_gOzrcbT0SUat4112wY928vo6qSTCre_XXuXXdduNmnnYIwS5W5e5BgoTdTUQLVXq9xIZ2whs57eFH2k1D3d9tJTBwRd113MDJ1guBh19bmd09z8hGk1yJnQQzzI90sw7xdE2fjehHTNb8FjHr-9kZvmwsf27H1E_xE3AprxHZhs6hSp1lwWm6Ywp_e0AuH4ou0EdaZGd07CRxyd5Laz6dyxr8zWda204sRxwVBBYlb_cPgtOx7I6Rjv60JtC6HvMtrJ7W5LDjV390qA79rcpnbNLuAlWiaOSjiHk1ILhB2C5Wj2O03q8PHe0Vd5owkme7NxlhitsuOYobDKHypt3Uue2JFylkUrNj5l6C8Z4T9tKn19RER_4SeeY5WR3wMUlUdnWCY22R9QSyDEczOP24j7No0_AEqn9C5Jhe_JPRiGw395anMZMe2sPgfbFROhNfaj6tg_myc1RmsbuVpVjUaDjkBvcN0PpHXP1QzeFZymIEXoAduanPITDQ46LFX9M2Op5Xi7rVKZZ0RkhgB0GR7dZlEdKfhc7VaSG9fp5JNowoSHwCgY8EoVCP_5gfW6JnlPAqN1-Nfx54qqIyW_Yc3tMIDeaL6U2F8NnR1kiUvLf6tjjGWMPW3uM4-bFWWt--6g3vpiDmeSvaDBh1ihVKmurxo2OnxGCHFMC0qT2LkfGsu9OMn1OTsVV70K7tvlKO66JlgYi7vQFs7RrNaKjbVaicKRcySnoaQGQauvwFJqVChGe4xKR8Fg1cSNklUwT3j5_eU6mKnLcwWa4KDEbC15mZ-GuRnQAl9XleUM_Vg59OLnh59o7-hW47zYF7KXzLTUF5NSwhIRBS_GUa3d9RS2OhTHDeSCGSERlttJ3X5yy-Nx7ZYohgSeYjtVFq5Zg7M2YScrdqnBgj6o6wlT0-mkH43iaHNF1xKPOmeZkJdbSexqPoNHs4WG7ahen3dEpR4wcPU5V70CRYludaoeP2NouQDwEnmjEgULW2ek-w-TXBiZQdqJmtmO8AVa3Qq_2wrpyKCjXOVsPvSqeF75-cKDEbpFnFo3YUKV0wTOhC4ZNNlgxDIktZIRHGRjBV-BtpF1qxv6rbwxIzAzLnNdH5afahrSAPfuCKbiSzfQiprXB-6sF01hLHzx7w4-aPF9-uB1zr_nPLKUO8tcV_3Aq-avDz0nVjXhwjl9pINovWuu1w6i5c2RpHuiC3XA5ylsxWhT8Sl0dGi2-5QDYLsm6DkPuz49tGjoQ43RUyDSddPA8h8UHOSbkPtJn9oQ3OO7s_OZhFedCQveizLq1LU7EzMSTtZZ3AIktWghoEwlX7z73AkSLh2G-n2CRj5rpaMFZQ4NWUyGeRY4JQQPbIjue-motp2MCwoVI-kEUNLfwoJuDEmlRVbdXaXZxeaQ8uwf5mjkya8Ad6DfdxK2534dt6EAFu9Pd4e5suzIig_NtjLn0NIB82_eIfCqv9HmLcFHji2wIRAUG-3Hq-A06n_-_Yw0VVqiO_OG3Z3XVcS29uc8bYdfwVHmpSsIbvBZr8GINNDy_pE8cCDXqKsRttvvR0Y7AfIiHnwXuLLmyz4zs9iHNW3qnzDa7tKyBCN1hy2vffs73RvfjOTL737rT0RQJiW3Uc_rU-j6WS61ua4j-0roRU5czkMQFJLjRlQtsK-CUlFxV7UssHAiLlmELs5b8R9Agz1sR1KHeZtYqDEU7QORn4tX718CEswnGNESnJeVYVn01OLljtltSYoS9LfGGvv0dmHbfrV9e1Hp24JWTEULF7eMCMOJh-qauAUxNoT8zqUTfrugFJKiV_KLlHukRkTqBjciL82kGHlLIAYRKakP_ttCO53mqUtHOjHnSdeKUT_YoiK8zgrOwRDM4hOUf1FOu1wNEkYLGg4jOOK1yw7Yp-zCg-GfI2GTfoI5-3g-_zPbJOBdB_STXMXY7nB4rL3u2SOqnbyjYSbMRs1dxvCQYM_lZQT7hw3zjcV-ZOjsjEtDHbqL-a0ma_Kl1Fqb70dGdaPrSOsEG7QKoxSGzr0d0RGaMxZFoVFl1ctYADcicrvrfcTcg5r3xCZuhOckF74sXNHNRQjdRSfkbWICVtfNgOjj-wTZAMBpVKOu-KfcKTs67jGU7_VMFIJ7ccaWDdmj7eL8COuHw9Y0totu7q5H-MIQuojdP6EbFiwuKve1gH1jj7j2tciBaEzO8EIBoQ2eEw1IHx_ToVsRdxXn0VQu3BQFAK_8jujIykWvLt4jG_FiGE672iMO8MRDXcsRynOw-noW-NkvjpJzngHJHdSgtqYGYG3_bcWqUE3F&uniformat=true&callback=Ya%5B1806999922804%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e8a043ea6cca72341d32dd1bebfb5eda61bfa514196b216dd5cb2efa9e3c6261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
ssr: true
x-yandex-req-id: 1678414318724125-1077046563691162155300103-production-app-host-sas-pcode-38
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 10 Mar 2023 02:11:58 GMT
uniformat: true
content-type: application/json
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/734142/ 23 KB
8 KB 435ms
149ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/07cea2bf8567304efc16.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b6ec12edc1e21394d03e04ded0988e0177116ce787b837bfc4ab38188a647b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7922
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "618dbdb103f406ee860c26c6e43a5b9f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:52 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/734142/ 7 KB
3 KB 435ms
150ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/2ec9a88e40a26b53acde.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

523ab6b7f44d0e7c1a98dc685128ffe0a17004547329565d9694a3ae17601518

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "005dac7e815571be0cbde1bef24b86e1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:45:30 GMT

GET
H2 200 1edbd55d5de8acab0876.js Show response
yastatic.net/partner-code-bundles/734142/ 571 KB
109 KB 142ms
138ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/1edbd55d5de8acab0876.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b32d71093acf754500ae86096590f11b4457757eeb99a90c4488caa52a6cecbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 110900
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "998f5ad6dee92e33ba0e1866161afbf8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:52 GMT

GET
H/1.0 200
Ok ya.ru
clck.yandex.ru/click/dtype=stred/pid=30/cid=529/*http:// 43 B
380 B 58ms
57ms Image
image/gif 2a02:6b8::14
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clck.yandex.ru/click/dtype=stred/pid=30/cid=529/*http://ya.ru

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.0

Server

2a02:6b8::14 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Cache-Control: no-cache
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 21ms
20ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=allo499.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allo499.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2ABF 95 KB
35 KB 391ms
355ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cbe23a5fc39014760a92247acaa5cf3825cc1d84ce0349cc0f0086adad6e524

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35197
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:59 GMT
expires: Fri, 10 Mar 2023 02:11:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

counter
top-fwz1.mail.ru/
Redirect Chain

http://dd.ce.b7.a1.top.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491
https://top-fwz1.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491

543 B
1 KB

188ms
58ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

de77e509f71e32b76d7681e2751c8a4359ed62421ddcb507330b4912a6a3dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 543
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Accept-CH-Lifetime: 86400
Location: https://top-fwz1.mail.ru/counter?id=1568100;t=55;js=13;r=;j=false;s=1600*1200;d=24;rand=0.378928967263491
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Access-Control-Allow-Headers: *

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
72 KB 130ms
124ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Fri, 10 Mar 2023 03:11:58 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame C95B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30&crf=1

68 B
607 B

32ms
1ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=1503420AEE910A64DF04976D0218CA30&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame C95B
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=4502420AEE910A643B00549502598292

43 B
269 B

77ms
56ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=4502420AEE910A643B00549502598292
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=4502420AEE910A643B00549502598292
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame C95B
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=1503420AEE910A64DF04976D0218CA30
https://px.adhigh.net/p/cm/sape?u=1503420AEE910A64DF04976D0218CA30&bounced=1
https://acint.net/match?dp=17&euid=P591Tpy82H8.AikABlGGyUoNVA

43 B
269 B

56ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=P591Tpy82H8.AikABlGGyUoNVA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:58 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=P591Tpy82H8.AikABlGGyUoNVA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame C95B 43 B
764 B 301ms
65ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Last-Modified: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 10 Mar 2023 08:11:59 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C95B
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5399256160
https://www.acint.net/rmatch?dp=45&euid=A1dj-fYB0-mS_MSPlcP95lg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420AEE910A64EA04806E02F55C37

42 B
201 B

85ms
84ms

Image
image/gif

81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420AEE910A64EA04806E02F55C37
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Fri, 10 Mar 2023 02:11:59 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=1503420AEE910A64EA04806E02F55C37
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame C95B 0
793 B 151ms
7ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=Sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnvqXR%2Bd%2BZFbmEpPvecBNlvzb%2BgfEpvv7vBWpw%2FKzvSNCYcE3DyGHvRboXqbh0pVjcIh5JbPmgBLYwgrsKzqPA2WeEjdoG4vHZY9xJYVF3pTrX%2FQH6Y56aOKIkRFhj5PdmoKynvfrmIttuw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 7a5807b4fb3d2c52-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
dm-eu.hybrid.ai/ Frame C95B 0
282 B 167ms
15ms Image
text/plain 37.18.103.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=1503420AEE910A64DF04976D0218CA30

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.22 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 527
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame C95B 3 KB
3 KB 279ms
53ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:58 GMT
Last-Modified: Fri, 10 Mar 2023 02:04:45 GMT
Server: nginx
ETag: "640a903d-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame C95B 0
69 B 195ms
44ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 02:11:58 GMT
server: nginx/1.17.0

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=005c0158-796e-45fd-9260-b95ee49ba9c6

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=005c0158-796e-45fd-9260-b95ee49ba9c6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Fri, 10 Mar 2023 02:07:02 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=005c0158-796e-45fd-9260-b95ee49ba9c6
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C95B 42 B
201 B 416ms
81ms Image
image/gif 81.222.128.213
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad13.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=FFJYCECW

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=FFJYCECW
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=FFJYCECW
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 74
Content-Type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://sync.adspend.space/sape?uid=1503420AEE910A64DF04976D0218CA30
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dd9b3ec55-2132-419e-b0c0-04e399615511
https://www.acint.net/match?dp=98&euid=d9b3ec55-2132-419e-b0c0-04e399615511

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=d9b3ec55-2132-419e-b0c0-04e399615511
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=98&euid=d9b3ec55-2132-419e-b0c0-04e399615511
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 102
content-type: text/html; charset=utf-8

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame C95B 12 B
155 B 171ms
51ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=oh7A1L4MQ5H7

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=oh7A1L4MQ5H7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=oh7A1L4MQ5H7
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame C95B
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=f031e00f-34c8-5245-a111-9b96c51b0a78

43 B
269 B

78ms
56ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=f031e00f-34c8-5245-a111-9b96c51b0a78
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=f031e00f-34c8-5245-a111-9b96c51b0a78
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame C95B
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=4cb721f785764e01ac2d8fbdad184962

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=4cb721f785764e01ac2d8fbdad184962
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=4cb721f785764e01ac2d8fbdad184962
date: Fri, 10 Mar 2023 02:11:58 GMT
server: Microsoft-IIS/10.0

GET
H2

404

JfVuAD-uT9u1ydEFkn9AjQ
an.yandex.ru/setud/mts_banner/ Frame C95B
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=1503420AEE910A64DF04976D0218CA30
https://sm.rtb.mts.ru/match/second?ssp=30&exu=1503420AEE910A64DF04976D0218CA30
https://tech.rtb.mts.ru/?dsp_uid=25f56e00-3fae-4fdb-b5c9-d105927f408d&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FJfVuAD-uT9u1ydEFkn9AjQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/JfVuAD-uT9u1ydEFkn9AjQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=131688643

43 B
104 B

75ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/JfVuAD-uT9u1ydEFkn9AjQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=131688643

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/JfVuAD-uT9u1ydEFkn9AjQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=131688643
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=95acba21-26d2-4727-54b4-0265268d7675

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=95acba21-26d2-4727-54b4-0265268d7675
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=95acba21-26d2-4727-54b4-0265268d7675
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=1503420AEE910A64DF04976D0218CA30
https://www.acint.net/match?dp=127&euid=wjoQppwj5IYldlQhDnfk

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=wjoQppwj5IYldlQhDnfk
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=wjoQppwj5IYldlQhDnfk
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx/1.19.0
content-length: 0

GET usersync
ssp.bidvol.com/ Frame C95B 0
0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame C95B 0
215 B 183ms
58ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Mar 2023 02:11:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame C95B
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=1503420AEE910A64DF04976D0218CA30
https://x01.aidata.io/0.gif?pid=9401454&id=1503420AEE910A64DF04976D0218CA30&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

59ms
58ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Fri, 10 Mar 2023 02:11:58 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Fri, 10 Mar 2023 02:11:58 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Fri, 10 Mar 2023 02:11:59 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame C95B
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30
https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30&chk=1

267 B
267 B

17ms
16ms

Image
application/javascript

188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=1503420AEE910A64DF04976D0218CA30&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame C95B
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=1503420AEE910A64DF04976D0218CA30
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjvo6qgBmIgMTUwMzQyMEFFRTkxMEE2NERGMDQ5NzZEMDIxOENBMzCiARDwcjXGvugR7YbgACWQwGR8

0
523 B

14ms
9ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjvo6qgBmIgMTUwMzQyMEFFRTkxMEE2NERGMDQ5NzZEMDIxOENBMzCiARDwcjXGvugR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Fri, 10 Mar 2023 02:11:59 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
ETag: f07235c6-bee8-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjvo6qgBmIgMTUwMzQyMEFFRTkxMEE2NERGMDQ5NzZEMDIxOENBMzCiARDwcjXGvugR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame C95B
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=1503420AEE910A64DF04976D0218CA30
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=f07235c6-bee8-11ed-86e0-002590c0647c
https://f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

12ms
9ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx/1.22.1
content-length: 0

GET
H2

200

1503420AEE910A64DF04976D0218CA30
an.yandex.ru/mapuid/sapeis/ Frame C95B
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30
https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30?redir-setuniq=1

43 B
99 B

87ms
86ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:58 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64DF04976D0218CA30?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame C95B 44 B
383 B 60ms
19ms Image
image/gif 23.88.12.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.12.14 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.12.88.23.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Mar 2023 02:11:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=1503420AEE910A64DF04976D0218CA30
https://www.acint.net/match?dp=186&euid=f059f451-b141-4a0c-93f6-fcec3aa4fd1f

43 B
269 B

57ms
56ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=f059f451-b141-4a0c-93f6-fcec3aa4fd1f
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=f059f451-b141-4a0c-93f6-fcec3aa4fd1f
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame C95B
Redirect Chain

https://sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=6dd6bf13-60ed-483f-b6a9-b50833476452

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=6dd6bf13-60ed-483f-b6a9-b50833476452
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=217&euid=6dd6bf13-60ed-483f-b6a9-b50833476452
Date: Fri, 10 Mar 2023 02:11:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame C95B 0
160 B 74ms
13ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 02:11:59 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Age: 0
Content-Length: 0

GET
H2

200

RTBSape
sync.programmatica.com/match/ Frame C95B
Redirect Chain

https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30
https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30&chk=1

43 B
259 B

14ms
13ms

Image
image/gif

167.235.117.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

167.235.117.41 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.41.117.235.167.clients.your-server.de

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.programmatica.com/match/RTBSape?id=1503420AEE910A64DF04976D0218CA30&chk=1
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 204
No Content userbind
match.qtarget.tech/ Frame C95B 0
215 B 275ms
53ms Image
text/plain 95.163.92.180
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.qtarget.tech/userbind?src=sape&id=1503420AEE910A64DF04976D0218CA30
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.92.180 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 10 Mar 2023 07:11:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 css
fonts.googleapis.com/ Frame 017F 6 KB
745 B 88ms
37ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=600&slotname=9693253600&adk=3432251827&adf=441479644&pi=t.ma~as.9693253600&w=160&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317923&bpp=24&bdt=482&idt=168&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508%2C5249484045&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1426&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1Mw0RugrD0&p=http%3A//allo499.ru&dtd=192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 02:03:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 017F 2 KB
846 B 74ms
23ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame 017F 22 KB
9 KB 61ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:12:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 017F 3 KB
1 KB 32ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 017F 20 KB
8 KB 63ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 017F 158 KB
49 KB 93ms
42ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 017F 34 KB
14 KB 90ms
0ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 08:24:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9D38 4 KB
1 KB 67ms
34ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=5249484045&adk=2481849862&adf=1058600793&pi=t.ma~as.5249484045&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317889&bpp=24&bdt=448&idt=181&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OX7O0iytNT&p=http%3A//allo499.ru&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 01:58:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 9D38 2 KB
799 B 61ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame 9D38 22 KB
9 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:12:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 9D38 3 KB
1 KB 32ms
0ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 9D38 20 KB
8 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D38 158 KB
49 KB 83ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 9D38 34 KB
14 KB 93ms
2ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 22:10:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 22:18:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3B70 8 KB
968 B 38ms
35ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=7582981508&adk=1916336945&adf=4218598984&pi=t.ma~as.7582981508&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317857&bpp=27&bdt=416&idt=152&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=4542000379673&frm=20&pv=2&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=289&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LkpOAv5fMo&p=http%3A//allo499.ru&dtd=199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 02:01:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 3B70 2 KB
799 B 33ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12095
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame 3B70 22 KB
9 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:12:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 3B70 3 KB
1 KB 47ms
2ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 3B70 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25251
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B70 158 KB
49 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 3B70 34 KB
14 KB 84ms
0ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 08:24:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3B70 0
0 75ms
62ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtYHj7pEKZLT3CabYx_AP3reK4AbHnLasb7etia-aEaHCxfWfDhABILa16xFgleKQgqAHoAHB_MLgKMgBAakC-X6JdJ_CsT6oAwHIA8sEqgTDAU_Q0yZAuswfM9qXIBHxh5prlr3OH7Nwoh69PH5PW2AK8pTo5YsmLHioXOesXD9RuzKtjMIpIKJW_P1oLeKpbWxsFyWSWOYOV6f7a1uUYJc1Oz75-gjqbxQ9EnM_vRG8y2a2Mo6g90wKK9FYKaY86F5VCpryygT8ciQR7yaFK8MjujpV79AQJGfIjXBF8LeDElpEVgKMMy88tsJgYx_Mhmk4aYDRxYiYCIzQpFUaws1qYF1MpMuaOZ-g3rvKqlAY1yP8kcAE6uWuu5IEkgUECAQYAZIFBAgFGASAB8G0k8ADqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQi90p0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMTM1MDkzNjkxOTk2MTUwMhgA&sigh=3Mcf-tDcvcY&uach_m=[UACH]&cid=CAQSGwDUE5ymMI4Nb5I_kVNoUX6jxgR45JLVW0tzFhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=7582981508&adk=1916336945&adf=4218598984&pi=t.ma~as.7582981508&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317857&bpp=27&bdt=416&idt=152&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=4542000379673&frm=20&pv=2&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=289&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LkpOAv5fMo&p=http%3A//allo499.ru&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 02:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 017F 0
0 87ms
56ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy52M7pEKZO6dCvTmx_AP9PS16Ai4_Jj_bKe4mY7TEK2Y0M2ABxABILa16xFgleKQgqAHoAGg1JP9KMgBCakCrebOtjfAsT6oAwHIA8sEqgTVAU_Q_zqfKJ9ucm-YXLz6sW7pOt75gmnmjwOIsibMbdD0wlKJZCrSwlvcGIUcRzXrWRGiNcI2LPqpEHVdMOU2hZksGe3RVAA7Vkqkmu6AI3n6sw8VMPEVrweWymLrfFgxla40L3cC0n_GPPh5zaHmER-_Ud7KTXYoTAUgi5MXmfWWCtQYe8FiJZD1X24gBKhUawTAitZ77Wh2ZrJ08UlUQ8uU67Fd-o0kS5dKJR97eSTbDkM50diCKYRH3N2QTdXuHpjRgXXd6MbLuWli-Z13gUg8SThCd8AEtNzQ-6QEkgUECAQYAZIFBAgFGASgBi6AB6CM5NwDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQv-Ef0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTEzNTA5MzY5MTk5NjE1MDIYAA&sigh=Q7Cc3Ml4Hlo&uach_m=[UACH]&cid=CAQSGwDUE5ymqMCtGxMa6bD-6TWS2n204Qwc9ATg_xgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=600&slotname=9693253600&adk=3432251827&adf=441479644&pi=t.ma~as.9693253600&w=160&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317923&bpp=24&bdt=482&idt=168&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508%2C5249484045&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1426&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=1Mw0RugrD0&p=http%3A//allo499.ru&dtd=192
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 02:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9D38 0
0 91ms
56ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrJ_37pEKZNPvCdmh-gayz624Cbj8mP9smvLOy_IQhs7_lYQbEAEgtrXrEWCV4pCCoAegAaDUk_0oyAEJqQL5fol0n8KxPqgDAcgDywSqBNQBT9AB1oWTgLaARb_j8DYQ14ayJpBnG1-gHZabKW8X5Ymg7Bgd2UJxXxEIANI3Zbnn4jerU96uKSaAyEDZk6MgIXiFVntcRoXlD-5d7TAc61yaFVfwLiHQSk4FX1Nw4wXQtL-_eHuGKN2Um4Ofxg456vcmvYSslfKKd9rBsfsoU9LnMvi6A4W_cIcQRZCPPBtzQERURj9dTvjMzsHyn133EjEtfsmVAVU4uMWWHefeGOoeGMHD-jSAzbaZyKPzxTBXHaaQiKzVcw3YGREydZM_MTHBTXTABLTc0PukBJIFBAgEGAGSBQQIBRgEoAYugAegjOTcA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENqYBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi0xMzUwOTM2OTE5OTYxNTAyGAA&sigh=UVlPq9bNGmM&uach_m=[UACH]&cid=CAQSGwDUE5ymcVE_YexnvvSWC5DyWLtJk7GfXUfmIxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=5249484045&adk=2481849862&adf=1058600793&pi=t.ma~as.5249484045&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317889&bpp=24&bdt=448&idt=181&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&prev_slotnames=7582981508&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=306&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=OX7O0iytNT&p=http%3A//allo499.ru&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 02:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/14014839715206618191/ Frame 9D38 17 KB
17 KB 47ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14014839715206618191/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7faa74be380234dea8a898b636eafd8c2a791369e59a2f1395714fb62a4c84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:32:06 GMT
x-content-type-options: nosniff
age: 23992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17886
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 09:35:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 19:32:06 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14014839715206618191/ Frame 017F 19 KB
19 KB 37ms
15ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14014839715206618191/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea32030fed14958bf3e670c08e49fc63bfdebefc79a3ac43dfb1b2d5a5c129a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:06:58 GMT
x-content-type-options: nosniff
age: 11100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19120
x-xss-protection: 0
last-modified: Sat, 22 Oct 2022 09:35:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 23:06:58 GMT

GET
DATA 200
OK truncated
/ Frame 017F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9937.ri4TY9mkoEYAFsMAfgbMUHKw3VAXq_DR8h6r6CZ7zPtXUP1ii6Rixzh_fZB6tCv_.-QV84Te0UTRqi-tK7AepZkokR9E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9937.zbLc8o1cGgFFHftx2cJbN5Fh9XawoNtArd-OGy8gKroOhHDOe1qNxE6mWuXzMffsOirBcHsT6baQEIVpFZOhKVyYgiWnZd6HPaL4uC_Xr7R05RtiuyebwjTXVd5eZn_lbV-NzLMl1Ft...

43 B
492 B

60ms
59ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9937.zbLc8o1cGgFFHftx2cJbN5Fh9XawoNtArd-OGy8gKroOhHDOe1qNxE6mWuXzMffsOirBcHsT6baQEIVpFZOhKVyYgiWnZd6HPaL4uC_Xr7R05RtiuyebwjTXVd5eZn_lbV-NzLMl1FtHi3DwaGnChFC-GJXMzrQG93KH6v2GiF6QZh0SCuIZ698jEf0A9nbbYO5hWSPNeDy7aax81Ten3iSAiEYICF9KnJOHdO8nWWA%2C.HHjzuAOrtn23KrwW2YD7pu9x6YI%2C

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9937.zbLc8o1cGgFFHftx2cJbN5Fh9XawoNtArd-OGy8gKroOhHDOe1qNxE6mWuXzMffsOirBcHsT6baQEIVpFZOhKVyYgiWnZd6HPaL4uC_Xr7R05RtiuyebwjTXVd5eZn_lbV-NzLMl1FtHi3DwaGnChFC-GJXMzrQG93KH6v2GiF6QZh0SCuIZ698jEf0A9nbbYO5hWSPNeDy7aax81Ten3iSAiEYICF9KnJOHdO8nWWA%2C.HHjzuAOrtn23KrwW2YD7pu9x6YI%2C
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B0FF 143 B
166 B 12ms
11ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=7582981508&adk=1916336945&adf=4218598984&pi=t.ma~as.7582981508&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414317857&bpp=27&bdt=416&idt=152&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&correlator=4542000379673&frm=20&pv=2&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=289&ady=246&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=LkpOAv5fMo&p=http%3A//allo499.ru&dtd=199
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 01:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3B70 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aaa0e509bd261a82e930c2d97a2eea2a6c5cf39ee5cb419233f93f0759c4a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9D38 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd86084299fb37cbcb34dedb0d9a8d5230740560528b5105be9912bff39c2a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 017F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2739a87279199c9ec81af470de4bc11a3b5ea4a1804161cdff856c8f61944b65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 174ms
63ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://allo499.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://allo499.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
184 B 63ms
63ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ 22 KB
22 KB 242ms
111ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/x450
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 961d65ef493469ff3c06009c02c2c6f73ae82f402d52310369112a2635e6dbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Wed, 11 Aug 2021 14:15:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 22154
x-request-id: 75002cded4565c3

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 182ms
92ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: a7a3ce7d464fb0c6
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:11:54 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5076421/FwcLlv0XPRlU0SFBBoatCA/ 34 KB
34 KB 242ms
112ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5076421/FwcLlv0XPRlU0SFBBoatCA/wy300
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 8ca80cf1a146b9cea5f9746c31b1dbacc3e2ca5c3f867c4b3b2659ee83aca084

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Wed, 22 Feb 2023 16:52:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 34586
x-request-id: 9d56f5b7f1d473ca

GET
H/1.1 200
Ok ritz-carlton-keturah-resort.com
favicon.yandex.net/favicon/ 1 KB
2 KB 222ms
69ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ritz-carlton-keturah-resort.com?size=32&stub=2

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63408511570871a712d79b9ace31e71285c3ce09683e61a74beb8a0c9e95d179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2ABF 4 KB
717 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 02:03:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 2ABF 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 22:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:50:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/ Frame 2ABF 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:12:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:12:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 2ABF 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/ Frame 2ABF 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230307/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 19:11:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2ABF 0
0 48ms
16ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtshnQ6IKwB7e-it3RRxkfNVcI6_v-y1cLtLZVIzheWPZmYWNbXniSN9VuwQnsBTCkZlDSPQA4R2_TKvkX2nca7l1kzQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2ABF 158 KB
49 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 2ABF 34 KB
14 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 08:24:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 05 Jun 2023 08:24:18 GMT

GET
H2 200 02cea12995d91bd47132.js Show response
yastatic.net/partner-code-bundles/734142/ 30 KB
9 KB 39ms
39ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/02cea12995d91bd47132.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6bebbb74e49969f43a4dd1eb68eeb1dfa512f7a3e0db2b0c39ad3185485ed1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8822
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "2ef278de9e4abf6a6d82d080dabe8159"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:45:33 GMT

GET
H2 200 a43861a2d5505f0e2a09.js Show response
yastatic.net/partner-code-bundles/734142/ 22 KB
7 KB 41ms
40ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/a43861a2d5505f0e2a09.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

464f8b993d5d6e4e3ed52013bbfdc4f12c4e764c9869f0be6b0dfa96c8f5703a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6693
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "e0598bf44134934242e765ec05da25fc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:53 GMT

GET
H2 200 8d1a43fc1f1deb2d16bd.js Show response
yastatic.net/partner-code-bundles/734142/ 9 KB
3 KB 42ms
42ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/8d1a43fc1f1deb2d16bd.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a4cc89da7790d1ec677b65a15ea031dd9aad10fe6988787447e498cc7e1ea523

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2947
last-modified: Wed, 08 Mar 2023 13:28:42 GMT
server: nginx/1.17.9
etag: "e763cfa866d22c4200ed93efe05678e4"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:53 GMT

GET
H2 200 ed6dfd98559f0e45b702.js Show response
yastatic.net/partner-code-bundles/734142/ 23 KB
7 KB 43ms
43ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/734142/ed6dfd98559f0e45b702.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3298f8adb2f8ec4ea250ee9cf44733e8a4d0fcd5253556945077d03c6df4fd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Origin: http://allo499.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6604
last-modified: Wed, 08 Mar 2023 13:28:43 GMT
server: nginx/1.17.9
etag: "f8acc3d5cc1376b13a3f335fd38cafab"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Mar 2053 08:47:55 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BBCC 24 KB
7 KB 62ms
48ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://allo499.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Fri, 10 Mar 2023 02:11:59 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 09 Mar 2053 08:44:37 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2ABF 0
0 62ms
61ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C70OS7pEKZPDQK8HggAeD_Zq4CNqh4LNvk6Pi1q8RsdKBvOcCEAEgtrXrEWCV4pCCoAegAfmxr6IpyAEJqAMByAPLBKoEwQFP0LwDaoow5WMcWzWC4XghCs0wf0Ct4v9rXAP5NLT1MywYD_2WVhMZnz7fHO5ZWWv07jWcwWVhoRhI48GKPRFkKVKphOdhyPBJoMKKt-RniTX4MUEGQrOmk17UYWi2uDXfmx8otXIkCBa6qLDeCsKP3yJD0sByH7dnGLafMr5gRK3mkhZ-8X-3NAFq8x-wMj8xbDJ3qOLk_B9kcVrrYeZrvL_SG592yAqV-jWdiwxwvNHJAMproJfhNBO308OzgnaWwASShaO0pgSSBQQIBBgBkgUECAUYBKAGLoAH-en_gQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDlyDfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItMTM1MDkzNjkxOTk2MTUwMhgA&sigh=GVBAwqU9hNQ&uach_m=[UACH]&cid=CAQSOwDUE5ymUU6OrfwE6xkyEe7XFOg1J0E5a1IaVQqH6Wv88iWNDVRjwWsXxpyKeeo4wHIUAOusNP6KwWDqGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Mar 2023 02:11:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 017F 15 KB
16 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 43583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 017F 15 KB
16 KB 37ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 583551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 08:06:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 017F 15 KB
15 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 10973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 23:09:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D38 15 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 583551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 08:06:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9D38 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 43583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 14:05:36 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 3B70 28 KB
28 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:05:31 GMT
x-content-type-options: nosniff
age: 119188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:05:31 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame C95B 16 KB
16 KB 102ms
99ms Script
application/javascript 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=546481772576949
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Last-Modified: Fri, 10 Mar 2023 02:04:46 GMT
Server: nginx
ETag: "640a903e-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame B682 36 KB
14 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 23:42:06 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B0FF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
21ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:59 GMT
expires: Fri, 10 Mar 2023 02:11:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 02:11:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 log Show response
log.strm.yandex.ru/ 0
202 B 182ms
57ms XHR
text/plain 2a02:6b8::28d
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://log.strm.yandex.ru/log?PCODE=pcode_734142&event=INIT_SD_CLIENT_CODE_IN_CONSTRUCTOR_ERROR
Requested by: Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::28d Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://allo499.ru
access-control-expose-headers: Date
date: Fri, 10 Mar 2023 02:11:59 GMT
access-control-allow-credentials: true
timing-allow-origin: http://allo499.ru
content-length: 0
x-request-id: 1678414319627158-9655001322173709942

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame 46E0 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 23:42:06 GMT

GET
H2 200 1TTgjdUq0Gi200000000U9nJV1VR4iYxz7EIOHghOjGzYpn-otSJkL8OWC0J9XBwyCzrerZnlGmCgOn0ySmqrgc18F5I9Y2l5gIsbH54Te9aWO29OIRZPIacC7iXevS0H7GbOmWhXBMNSVvkNeQZOFvPHcQWo5L6aDQxZ0mo30n_6MS1jSvb0eaiPJe5b5xBz0l8F... Show response
an.yandex.ru/rtbcount/ 43 B
91 B 66ms
64ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1TTgjdUq0Gi200000000U9nJV1VR4iYxz7EIOHghOjGzYpn-otSJkL8OWC0J9XBwyCzrerZnlGmCgOn0ySmqrgc18F5I9Y2l5gIsbH54Te9aWO29OIRZPIacC7iXevS0H7GbOmWhXBMNSVvkNeQZOFvPHcQWo5L6aDQxZ0mo30n_6MS1jSvb0eaiPJe5b5xBz0l8Filq7mXUCGcy5reNbCRAo33diuDdqpTMXhzC82DQcK6czp8h0icfp23DSvb1JbW991L0jh9iP7x8fM6lMvwlVvBvNUUXxU-Npr6w2bPv5qp-P7PmueSuccLVi2IOjO9bqmJ63Ip_OO1n1nBx01Bx9Wl4Rn_i7x84VAj-7_h-YlrR5f0F5x3odcJbaE06IrzWRMXeOhd9-lQfeEWnpzMQNrb1kZlO6bXci5qv7Bo0RVkYjRCMtfavzIJZIZQOEGVOF4wmCJzYuotFTx4oC78jzWrCIZT_oGQpyIUSDP7zORppVCCNR-rdiREP6viOcXWjO6VSmCwqWvtd1Blu0_Q71wwUx7pnRcBM3tQU1HoNjtAiu3Ybi87Z2jSE3aO04foj-m00

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://allo499.ru
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 69ms
64ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 66ms
66ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://allo499.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://allo499.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
125 B 61ms
57ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Mar 2023 03:11:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7120 1 KB
643 B 14ms
9ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Fri, 10 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/48407/
Redirect Chain

https://mc.yandex.com/watch/48407?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...
https://mc.yandex.com/watch/48407/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US...

427 B
519 B

64ms
62ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48407/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414319%3Ac%3A1%3Arn%3A48791072%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2831300%29aw%281%29ecs%280%29ti%282%29

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ca7b03d2a19b42dde9e72a891fda96dfbe8a260d11555adfbd8a55dfda716cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/48407/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414319%3Ac%3A1%3Arn%3A48791072%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2831300%29aw%281%29ecs%280%29ti%282%29
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/72940384/
Redirect Chain

https://mc.yandex.com/watch/72940384?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.com/watch/72940384/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

427 B
459 B

64ms
63ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72940384/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A75122429326%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021158%3Aet%3A1678414319%3Ac%3A1%3Arn%3A409457272%3Arqn%3A1%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A48%2C7%2C607%2C26%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

23c9447de24ff8df5fd6873fd9abcd5a39efbb8bb5173af55cd3ecd0f43285ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/72940384/1?wmode=7&page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A75122429326%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021158%3Aet%3A1678414319%3Ac%3A1%3Arn%3A409457272%3Arqn%3A1%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A48%2C7%2C607%2C26%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame BBCC 95 B
400 B 242ms
63ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sat, 11 Mar 2023 02:11:59 GMT

GET
H2

200

de515266c23a027cc419ba
an.yandex.ru/mapuid/arcspireis/ Frame BBCC
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/de515266c23a027cc419ba

43 B
80 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/de515266c23a027cc419ba

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/de515266c23a027cc419ba
date: Fri, 10 Mar 2023 02:11:59 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

1503420AEE910A64EA04806E02F55C37
an.yandex.ru/mapuid/sapeis/ Frame BBCC
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64EA04806E02F55C37

43 B
80 B

65ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64EA04806E02F55C37

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

date: Fri, 10 Mar 2023 02:11:59 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/1503420AEE910A64EA04806E02F55C37
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

f031e00f-34c8-5245-a111-9b96c51b0a78
an.yandex.ru/mapuid/betweendigitalis/ Frame BBCC
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/f031e00f-34c8-5245-a111-9b96c51b0a78

43 B
80 B

68ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/f031e00f-34c8-5245-a111-9b96c51b0a78

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/f031e00f-34c8-5245-a111-9b96c51b0a78
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=ABE438BA3C98E83E
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABE438BA3C98E83E

42 B
942 B

53ms
49ms

Image
image/gif

52.212.210.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABE438BA3C98E83E

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

HTTP/1.1

Server

52.212.210.65 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-210-65.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-00c121bb2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1T+AKBxgTEc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-03617f131.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jHDwV9b4QT4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABE438BA3C98E83E
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

29ms
29ms

Image
image/gif

54.228.83.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 54.228.83.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-83-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 02:11:59 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=D125EEBBD39FE76E&publisher_dsp_id=429&publisher_call_type=redirect
date: Fri, 10 Mar 2023 02:11:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
an.yandex.ru/mapuid/behaviorx/ Frame BBCC 0
0 91ms
66ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/behaviorx/
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=D64D3E1794DEE522

68 B
607 B

15ms
15ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=D64D3E1794DEE522
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=D64D3E1794DEE522
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=6A3DDFB1A8368377

0
241 B

336ms
109ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=6A3DDFB1A8368377
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection: close
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=6A3DDFB1A8368377
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2 200 /
an.yandex.ru/mapuid/eplanningrtb/ Frame BBCC 0
0 91ms
68ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/eplanningrtb/
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

81ms
15ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

80ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=3FC43A8147834A2C&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame BBCC
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=83B9958887D66931

35 B
465 B

115ms
46ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=83B9958887D66931
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=83B9958887D66931
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2 200 /
an.yandex.ru/mapuid/xapadsssp/ Frame BBCC 43 B
80 B 143ms
121ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/xapadsssp/

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2

200

6cd9e7268f2cb723e748cb3da92c74dabe2c614d99dba3de0ecddeec1d856c14
an.yandex.ru/mapuid/mediascope/ Frame BBCC
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/6cd9e7268f2cb723e748cb3da92c74dabe2c614d99dba3de0ecddeec1d856c14

43 B
80 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/6cd9e7268f2cb723e748cb3da92c74dabe2c614d99dba3de0ecddeec1d856c14

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/6cd9e7268f2cb723e748cb3da92c74dabe2c614d99dba3de0ecddeec1d856c14
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame BBCC 0
279 B 181ms
54ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 109
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame BBCC 0
237 B 181ms
55ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 110
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

b2NGdfTNk2C9-JF7emQb
an.yandex.ru/mapuid/dmpamberdata/ Frame BBCC
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1678414318
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678414319759&i=1678414318
https://an.yandex.ru/mapuid/dmpamberdata/b2NGdfTNk2C9-JF7emQb

43 B
80 B

75ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/b2NGdfTNk2C9-JF7emQb

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/b2NGdfTNk2C9-JF7emQb
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame BBCC
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/0dcf84cf-3a33-4f76-835a-c3de0c7c8f22
https://match.360yield.com/match?external_user_id=0dcf84cf-3a33-4f76-835a-c3de0c7c8f22&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

32ms
30ms

Image
image/gif

54.228.83.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=0dcf84cf-3a33-4f76-835a-c3de0c7c8f22&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 54.228.83.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-83-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 02:11:59 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=0dcf84cf-3a33-4f76-835a-c3de0c7c8f22&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

GET
H2

200

12d0d00b-7b19-473c-6232-0d8b8f9e9c12
an.yandex.ru/mapuid/buzzooladspis/ Frame BBCC
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/12d0d00b-7b19-473c-6232-0d8b8f9e9c12

43 B
80 B

67ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/12d0d00b-7b19-473c-6232-0d8b8f9e9c12

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/12d0d00b-7b19-473c-6232-0d8b8f9e9c12
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

ZAqR73DPXzE
an.yandex.ru/mapuid/soltadspis/ Frame BBCC
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=oh7A1L4MQ5H7
https://an.yandex.ru/mapuid/soltadspis/ZAqR73DPXzE

43 B
80 B

64ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/ZAqR73DPXzE

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:12:00 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/soltadspis/ZAqR73DPXzE
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=5;dur=0.0003
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame BBCC
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

66ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx/1.18.0
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame BBCC 0
0

GET
H2

200

a90d39e8-91aa-4bce-84a6-6e816ebaea74
an.yandex.ru/mapuid/hyperdspis/ Frame BBCC
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/a90d39e8-91aa-4bce-84a6-6e816ebaea74

43 B
80 B

63ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/a90d39e8-91aa-4bce-84a6-6e816ebaea74

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/a90d39e8-91aa-4bce-84a6-6e816ebaea74
Access-Control-Allow-Origin: *
Date: Fri, 10 Mar 2023 02:11:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame BBCC
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

72ms
71ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal2
content-length: 0

GET
H2

200

P591Tpy82H8.AikABlGGyUoNVA
an.yandex.ru/mapuid/getintentis/ Frame BBCC
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://an.yandex.ru/mapuid/getintentis/P591Tpy82H8.AikABlGGyUoNVA

43 B
80 B

65ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/P591Tpy82H8.AikABlGGyUoNVA

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/P591Tpy82H8.AikABlGGyUoNVA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

6MlzuitBTPAmL.Q2RkWOKe
an.yandex.ru/mapuid/dmpweborama/ Frame BBCC
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1969488566
https://an.yandex.ru/mapuid/dmpweborama/6MlzuitBTPAmL.Q2RkWOKe

43 B
80 B

75ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/6MlzuitBTPAmL.Q2RkWOKe

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
via: 1.1 google
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/6MlzuitBTPAmL.Q2RkWOKe
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame BBCC 68 B
841 B 88ms
42ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i419yXsT%2FbZ%2FKLfZ5iAIylpLf6vAXeVLFDM%2BNDzq0uzW0Mi1RQFrLnk5C3YGMTeoyAjE1XgE2%2Bw2o7bhY4QeoC%2BVzozvrBZysgatt8cZTduUoXI306uwA7smD8rAtS79t8eOofo%2BV2i%2BxMOvJkSIpkujWwRQ"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7a5807bacf439c0c-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

wjoQppwj5IYldlQhDnfk
an.yandex.ru/mapuid/kadamis/ Frame BBCC
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/wjoQppwj5IYldlQhDnfk

43 B
80 B

67ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/wjoQppwj5IYldlQhDnfk

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/wjoQppwj5IYldlQhDnfk
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

25f56e00-3fae-4fdb-b5c9-d105927f408d
an.yandex.ru/mapuid/mtsdspis/ Frame BBCC
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=25f56e00-3fae-4fdb-b5c9-d105927f408d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F25f56e00-3fae-4fdb-b5c9-d105927f408d
https://an.yandex.ru/mapuid/mtsdspis/25f56e00-3fae-4fdb-b5c9-d105927f408d

43 B
321 B

64ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/25f56e00-3fae-4fdb-b5c9-d105927f408d

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/25f56e00-3fae-4fdb-b5c9-d105927f408d
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame BBCC
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=a908fab6336e495b948885bd2365975f
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a908fab6336e495b948885bd2365975f

0
355 B

35ms
35ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a908fab6336e495b948885bd2365975f
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a908fab6336e495b948885bd2365975f
Date: Fri, 10 Mar 2023 02:12:00 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

1dj-fYB0-mS_MSPlcP95lg
an.yandex.ru/mapuid/dmpadriver/ Frame BBCC
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
https://an.yandex.ru/mapuid/dmpadriver/1dj-fYB0-mS_MSPlcP95lg?sign=3994544756

43 B
80 B

67ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpadriver/1dj-fYB0-mS_MSPlcP95lg?sign=3994544756

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/dmpadriver/1dj-fYB0-mS_MSPlcP95lg?sign=3994544756
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

A1dj-fYB0-mS_MSPlcP95lg
an.yandex.ru/mapuid/adriveris/ Frame BBCC
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
https://an.yandex.ru/mapuid/adriveris/A1dj-fYB0-mS_MSPlcP95lg

43 B
80 B

64ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adriveris/A1dj-fYB0-mS_MSPlcP95lg

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:00 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/adriveris/A1dj-fYB0-mS_MSPlcP95lg
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame BBCC 12 B
154 B 61ms
50ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame BBCC 43 B
552 B 14ms
13ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 10 Mar 2023 02:12:00 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame BBCC 0
68 B 21ms
10ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Mar 2023 02:11:59 GMT
server: nginx/1.17.0

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame BBCC
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

005c0158-796e-45fd-9260-b95ee49ba9c6
an.yandex.ru/mapuid/upravelis/ Frame BBCC
Redirect Chain

https://sync.upravel.com/yandex/sync
https://an.yandex.ru/mapuid/upravelis/005c0158-796e-45fd-9260-b95ee49ba9c6

43 B
80 B

67ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/005c0158-796e-45fd-9260-b95ee49ba9c6

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

date: Fri, 10 Mar 2023 02:07:03 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/005c0158-796e-45fd-9260-b95ee49ba9c6
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

T7CvITpFc7KmXdKQx2c7bA
an.yandex.ru/mapuid/dmpaidatame/ Frame BBCC
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://an.yandex.ru/mapuid/dmpaidatame/T7CvITpFc7KmXdKQx2c7bA?sign=1985750216

43 B
80 B

67ms
67ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/T7CvITpFc7KmXdKQx2c7bA?sign=1985750216

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:11:59 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
last-modified: Fri, 10 Mar 2023 02:11:58 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/T7CvITpFc7KmXdKQx2c7bA?sign=1985750216
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 10 Mar 2023 02:11:58 GMT

GET
H2

200

oh7A1L4MQ5H7
an.yandex.ru/mapuid/dmpsegmento/ Frame BBCC
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/oh7A1L4MQ5H7?sign=1005980410

43 B
80 B

63ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/oh7A1L4MQ5H7?sign=1005980410

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/oh7A1L4MQ5H7?sign=1005980410
Date: Fri, 10 Mar 2023 02:12:00 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

oh7A1L4MQ5H7
an.yandex.ru/mapuid/rutargetis/ Frame BBCC
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/oh7A1L4MQ5H7

43 B
80 B

63ms
63ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/oh7A1L4MQ5H7

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:00 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/oh7A1L4MQ5H7
Date: Fri, 10 Mar 2023 02:12:00 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame D7ED 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 23:42:06 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7120 70 B
265 B 98ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAMhhInGzMCT724Aqb737GM&google_cver=1&google_push=Aa02lx-i_x4E7bTuTHqOjuLAqRzs_PGEdxfO0jwWJqpeb5SeEd1qIVtYAiETFT206ylxha6_Pl07ZS0V7aVMAjsyXB3bB9s9KTHl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1350936919961502&output=html&h=90&slotname=0665815778&adk=691736138&adf=2802373691&pi=t.ma~as.0665815778&w=728&lmt=1678414318&url=http%3A%2F%2Fallo499.ru%2F&wgl=1&dt=1678414318593&bpp=15&bdt=1153&idt=16&shv=r20230307&mjsv=m202302210101&ptt=5&saldr=sa&abxe=1&cookie=ID%3D7ae66ce30a2b630a-22ac0d0048dd00de%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ&gpic=UID%3D00000bc2c9d108b8%3AT%3D1678414318%3ART%3D1678414318%3AS%3DALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw&prev_slotnames=7582981508%2C5249484045%2C9693253600&correlator=4542000379673&frm=20&pv=1&ga_vid=531765962.1678414318&ga_sid=1678414318&ga_hid=1772983910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44777877%2C44759837%2C44759876%2C42531706&oid=2&pvsid=2602475005013272&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Clr%7C&abl=CS&pfx=0&fu=33792&bc=23&ifi=4&uci=a!4&fsb=1&xpc=B1GEXR439d&p=http%3A//allo499.ru&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6W9z4vbR4eXgoOGX33TDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6W9z4vbR4eXgoOGX33TDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-MRJUZSgwhLdYERwOVRx0Q3ZeOK3rugqbAlRb8VBH3p66lugOJt5LdGbG_QXiaE8434LWDrvZTDkPt7frWFIES1GSVcs5_NQ

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=s6W9z4vbR4eXgoOGX33TDg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-MRJUZSgwhLdYERwOVRx0Q3ZeOK3rugqbAlRb8VBH3p66lugOJt5LdGbG_QXiaE8434LWDrvZTDkPt7frWFIES1GSVcs5_NQ
date: Fri, 10 Mar 2023 02:11:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_hm=ZAqR71YKuEkED9LMy0TICAAADUIAAAAB&google_nid=index&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_hm=ZAqR71YKuEkED9LMy0TICAAADUIAAAAB&google_nid=index&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1tkvIJE3wS6GiIDFJ8U1zhcnQXMecr3v9uEEEQxAibXmkwEU_OS1pFfFAqyhtXxyfQ

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 02:11:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMBbtWCcJncdNjtrPnsYsI&google_hm=ZAqR71YKuEkED9LMy0TICAAADUIAAAAB&google_nid=index&google_push=Aa02lx_y0SutetE6fYZxz0Mv1qEyN6RFCVAD1tkvIJE3wS6GiIDFJ8U1zhcnQXMecr3v9uEEEQxAibXmkwEU_OS1pFfFAqyhtXxyfQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBC-TnJzTAvfdd0XbT0--_M&google_cver=1&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15sbYIYhaE76AnQCjzTA

170 B
188 B

55ms
51ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15sbYIYhaE76AnQCjzTA

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_eGCzGIsOqwljkP30fiwKCxE7WIR79gJZzKgji9zgrbtzx6AINKRGDqRAtCLTx-IiR1Z3hASv6tV15sbYIYhaE76AnQCjzTA
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEECtz1iTCq7kUx-yQpWpWus&google_cver=1&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ6j7yCqr...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Dc-EzzozT3aDWsPeDHyPIg&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ...

170 B
188 B

21ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Dc-EzzozT3aDWsPeDHyPIg&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ6j7yCqrLnqOuUww

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Dc-EzzozT3aDWsPeDHyPIg&google_push=Aa02lx_H06OORskQtw5t_yMIGucmECPd3WYpygqUcWB4e-By5Q_fxGRmIti6cCHk80KJB2XQ1NXXYnSKDsQ7ZmQ6j7yCqrLnqOuUww
access-control-allow-origin: *
date: Fri, 10 Mar 2023 02:11:59 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH170nXku_t9rXYcVLdnRnc&google_cver=1&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctM...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEH170nXku_t9rXYcVLdnRnc&google_cver=1&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctM...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pYUlGMjZ0RTJ1SHF0cHpwaThvYlVhTnhSdWtZRUdoSX5B&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL4...

170 B
188 B

23ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pYUlGMjZ0RTJ1SHF0cHpwaThvYlVhTnhSdWtZRUdoSX5B&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctMs7oOWLOW-JEqBqyV0zhiOADaIzQw

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pYUlGMjZ0RTJ1SHF0cHpwaThvYlVhTnhSdWtZRUdoSX5B&google_push=Aa02lx-lARyqgjpeogwQpuPe3AHplSuPdpJ-PMXXu8FYDSZwRGVkqYZL49kWTcTbwkDJ1AFctMs7oOWLOW-JEqBqyV0zhiOADaIzQw
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7120
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQ...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEJOm8X_H2CGDMi8ANrN25xg%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU1MDI1NDg1NjU4NDgzODczNw%3D%3D&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQMwi364Vjfs29lQfF7...

170 B
188 B

22ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU1MDI1NDg1NjU4NDgzODczNw%3D%3D&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQMwi364Vjfs29lQfF7Yfa3dlczHFdXBUHNCXYJOxZnSrQh4PtPf4sOBZw_vvbmpM9mEUbvLDYQb9sOADhmgU7A

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.110; 146.70.117.110; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: eb88279f-d644-4499-a454-a1f8b3890be7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzU1MDI1NDg1NjU4NDgzODczNw%3D%3D&google_gid=CAESEJOm8X_H2CGDMi8ANrN25xg&google_cver=1&google_push=Aa02lx85IP9vK1EQQMwi364Vjfs29lQfF7Yfa3dlczHFdXBUHNCXYJOxZnSrQh4PtPf4sOBZw_vvbmpM9mEUbvLDYQb9sOADhmgU7A
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7120 0
50 B 17ms
13ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kiq4sshhrNwNBywB5Wdf_5s46E8V5KIA7sontLcsUNjOkhkS09vrP7ez0UT_IsKNY_iM9r6jw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame 665B 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 23:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 23:42:06 GMT

GET
H2

200

counter
top-fwz1.mail.ru/ Frame C95B
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=288932275097850.62414264864362&a=77&e=1503420AEE910A64DF04976D0218CA30&pref=http%3A%2F%2Fallo499.ru%2F&c=ss:77.up:1503420AEE910A64DF04976D0218CA30.sync:up....
https://top-fwz1.mail.ru/counter?id=3210372;pid=b2NGdfTNk2C9-JF7emQb

43 B
873 B

67ms
65ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=b2NGdfTNk2C9-JF7emQb

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:11:59 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Fri, 10 Mar 2023 02:11:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=b2NGdfTNk2C9-JF7emQb
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/amb4/ Frame C95B
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=288932275097850.909619915065332&a=77&e=1503420AEE910A64DF04976D0218CA30&pref=http%3A%2F%2Fallo499.ru%2F&c=ss:77.up:1503420AEE910A64DF04976D0218CA30.sync:up...
https://pix.bumlam.com/sync/amb4/check?uid=b2NGdfTNk2C9-JF7emQb
https://f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com/?src=amb4
https://pix.bumlam.com/sync/amb4/done

43 B
673 B

8ms
7ms

Image
image/gif

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/amb4/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Mar 2023 02:12:00 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/amb4/done
date: Fri, 10 Mar 2023 02:12:00 GMT
server: nginx/1.22.1
content-length: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/48407/ 43 B
74 B 81ms
78ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48407/1?page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&cnt-class=1&hittoken=1678414319_04e202c3dd8ddeb45fb3a4794f39e983a5471220f726e056fef38f7063de30a1&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A1474%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414320%3Ac%3A1%3Arn%3A306982289%3Arqn%3A1%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A48%2C7%2C607%2C26%2C0%2C0%2C%2C2503%2C1%2C%2C%2C%2C3212%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Aadb%3A2%3Ast%3A1678414320&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(44700)aw(1)ecs(0)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

GET
H2 200 48407 Show response
mc.yandex.com/watch/ 43 B
86 B 58ms
56ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/48407?page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&cnt-class=1&hittoken=1678414319_04e202c3dd8ddeb45fb3a4794f39e983a5471220f726e056fef38f7063de30a1&browser-info=pv%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A121288625057%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414320%3Ac%3A1%3Arn%3A273735805%3Arqn%3A2%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1678414316304%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678414320%3At%3A%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B0.%20%D0%92%D0%B5%D1%81%D1%8C%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%20%D0%B2%20%D1%82%D0%B2%D0%BE%D0%B8%D1%85%20%D1%80%D1%83%D0%BA%D0%B0%D1%85!&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(44700)aw(1)ecs(0)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/72940384/ 43 B
74 B 67ms
64ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72940384/1?page-url=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&hittoken=1678414319_0a610b266a628e5e464feac19789e4788068ed7f04a3b9e9841fe4f2fb25c293&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A75122429326%3Ahid%3A649567395%3Az%3A0%3Ai%3A20230310021159%3Aet%3A1678414320%3Ac%3A1%3Arn%3A659681650%3Arqn%3A2%3Au%3A1678414319326291535%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C2503%2C1%2C%2C%2C%2C3212%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1678414316304%3Aadb%3A2%3Ast%3A1678414320&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(44700)aw(1)ecs(0)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:11:59 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:11:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:11:59 GMT

GET
H2

200

/
www.acint.net/oci/
Redirect Chain

http://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f
https://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f

43 B
224 B

54ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Mar 2023 02:12:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/oci/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=90477151&oid=19ce9caf7cce25a72a9f8eae68638f8f
Date: Fri, 10 Mar 2023 02:12:00 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3B70 42 B
64 B 59ms
44ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuL7hh0VOyWckf1MbVmU3-VZN7oWzFISg3yvvIR9MMXW-o4mDdLg0ms5FL0KNY5X4DohksNUYvqLumBh_-bpKt_jehnJhxmbQUg4XCUqohQPVJfqokqJKbtHiTWYQ1jn__J-W29aQ&sai=AMfl-YQWt3xxKA8pWcI-zHrXbgPtkL82j3LBcuthlmDP400dbzMKOVirQEKSH5FeWHXtbmH2hMjFevja44pK&sig=Cg0ArKJSzN29kUUu2VHkEAE&cid=CAQSGwDUE5ymMI4Nb5I_kVNoUX6jxgR45JLVW0tzFhgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1916336945&rs=2&la=0&cr=0&vs=4&r=v&rst=1678414318060&rpt=1618&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150
https://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150

43 B
224 B

55ms
54ms

Image
image/gif

193.3.184.226
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150
Requested by: Host: allo499.ru
URL: http://allo499.ru/
Protocol: H2
Server: 193.3.184.226 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://allo499.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Mar 2023 02:12:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.5.1&uid=c20485fe-e852-4474-9cee-b364272ff336&dp=10&tz=%2B00%3A00&nc=54574715&dT=2023-03-10T02%3A12%3A01.150
Date: Fri, 10 Mar 2023 02:12:01 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame BBCC 105 KB
37 KB 55ms
55ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 02ba40a9c39a1634
timing-allow-origin: *
expires: Sun, 12 Mar 2023 14:08:38 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame BBCC 162 KB
57 KB 113ms
111ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Fri, 10 Mar 2023 03:12:01 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame BBCC 403 B
1 KB 272ms
85ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fallo499.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bf47231d0aaa7481ebaab5c92cd4d3d5c37e07c01cf74dbf7ae78c77d7de6d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678414321465967-7869611806427535511-vla1-2882-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BBCC 43 KB
16 KB 79ms
17ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15853
x-xss-protection: 0
server: cafe
etag: 14394192626789988969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 02:12:01 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BBCC
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8ZEKZN3OJKDCmLAPhNyVaA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412&ipr=y

42 B
108 B

23ms
20ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1737493491&crd=&is_vtc=1&random=3896706412&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BBCC
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8ZEKZJvOJI-vmLAPqtuOqA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000&ipr=y

42 B
108 B

26ms
24ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=435285464&crd=&is_vtc=1&random=974588000&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame BBCC 256 B
356 B 61ms
61ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A283231869980%3Ahid%3A885377459%3Az%3A0%3Ai%3A20230310021201%3Aet%3A1678414322%3Ac%3A1%3Arn%3A535710064%3Arqn%3A1%3Au%3A1678414322754156862%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C12%2C49%2C3%2C0%2C0%2C%2C152%2C0%2C219%2C219%2C0%2C218%3Aco%3A0%3Acpf%3A1%3Ans%3A1678414319296%3Ast%3A1678414322&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2d0c99a3aa00608109e6c0da0f1e514d201eebac933e1fd828201798852354dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 02:12:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:12:01 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame BBCC 43 B
101 B 57ms
57ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 02:12:01 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Mar 2023 03:12:01 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BBCC 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678414321622&cv=9&fst=1678414321622&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87dbaf07cb3ecc7d2ab5931f8c598e57323d41f140673f4fc8561d423fd086b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BBCC 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678414321627&cv=9&fst=1678414321627&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d15b1f9c97ea00872cd7a0e09a2c01c3deb1c3ca17912b0572dd75b3beef5a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BBCC 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678414321633&cv=9&fst=1678414321633&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1077259d8a1bcf60f5db3f865f52bc024e75f1a409c2d4ce3287f86e2513e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BBCC 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678414321634&cv=9&fst=1678414321634&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ed74cdaba8dd6a2534032f58e043ff41150c6f49b64711e5a8223beeb63de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BBCC 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678414321627&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=1075697198&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BBCC 42 B
108 B 59ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678414321627&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=1075697198&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BBCC 42 B
64 B 23ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678414321622&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2650759190&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BBCC 42 B
108 B 59ms
23ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678414321622&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2650759190&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BBCC 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1678414321633&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2487424292&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BBCC 42 B
108 B 53ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1678414321633&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2487424292&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BBCC 42 B
64 B 25ms
23ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1678414321634&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2809786104&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BBCC 42 B
455 B 48ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1678414321634&cv=9&fst=1678413600000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fallo499.ru%2F&async=1&fmt=3&is_vtc=1&random=2809786104&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: allo499.ru
URL: http://allo499.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WPGejI_zODu0LGm0H1Kor_pXcDEvx0K0tW4GW8200J7kaGfa000003Ykz0M80WAv0fH9Doi6sdIty0ACbxMJu7Vm1G6W1iW1oGRkNOHH3QNpOga7PWMLKTuuRW-m1u20a3p01-39qiq3q0S2-0S1q0Y2W8200WIg2n3l4gvIPWK109ppG4c2zl0B1k0DWe20WO20W... Show response
an.yandex.ru/count/ 43 B
338 B 82ms
81ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WPGejI_zODu0LGm0H1Kor_pXcDEvx0K0tW4GW8200J7kaGfa000003Ykz0M80WAv0fH9Doi6sdIty0ACbxMJu7Vm1G6W1iW1oGRkNOHH3QNpOga7PWMLKTuuRW-m1u20a3p01-39qiq3q0S2-0S1q0Y2W8200WIg2n3l4gvIPWK109ppG4c2zl0B1k0DWe20WO20W8W4g0_cYeJHvPkEjm-G4FVkoAMIwjt_-W43o17mfEdc0V0I2mNW507m5S6AzkoZZxpyOvWMa9sXe0QWoHRmFzWMWHUe5mtG627u68BBjlpFcEx4P80PYHa860i000000BWP_m706UtBnwZXkDBLAT8P4dbXOdDVSsLoTcLoBt8tEJKjC-WPgmZm6O320vWQrCDJi1j8k1i3WXmDTsz4EZ0oHNDDKM9dD-aS0F0_W1t_V_0V0O0W0eWW3D0X_m7L8l__V_-18m0000000F0_4G20V92AW7RYxs-23ZcahNZdMs9WAaEFcW_0lSw11BjH9RUGA2BnsDevuQX4DTdXy15i3m00~1=WPeejI_zOC40XGm0H1Rzh0aOmG6qYxcspTcxmB81W07sjxVqmEMPkdc80QFwtBwX0P01lA6dqEI0W802c06yeQVGPBW1XjUWdoRO0VYhwwu1u06MbQ-P0UW1FA02Zlg50R03lWM81Qwh3f05hSwy0x05teHnk0NUX7701S6RcmR81PUMoW7G1Udy9AW6o06f1sO5bL7UE6uFk0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oN0fWDjfysmR2GWW6O4OJbBA6vW1I0W884q1JavBnxw1IC0fWMa9sXe0QWoHRmFz0MlA3UlW6O5vUrj2ou5m705xNM0Q0Pm06u6V___m616l__MmK69ekDg1u1i1y1o1_yrRLNgI3wrD-Q-4xaFxWWtjqfa2BNfIoG8jYbB90YmgWia2A3vIoG8eJbB90YYUKirIB__t__WIE98sPcPcPcPjO_a2FXk_Vi-P75yLAO8v_lnCwK-ARB5mm0pnuaHhs6GoO6HcNCYU4m77DXjddP7EkIH6dERgTAQHSFx_jmCHWiYW00~1=WOuejI_zOBy09Gm0L1Ma43eilm66WC2tkTsexiS1W06tivNvy8JYYxy1Y07tYiA4eW6G0QZhl_laW8200fW1gEk_-sIu0RAOzQCcs07woe-l0U01zksQhW7e0S81-07exjw-0Q02v9ot6w031B03amQ81Pgv0v05XgWCi0NpZmIu1VEF1C05njq4o0NgoW7G1OY30QW6o06f1sO5bL7UE6uFk0U01SA0W0RW2BBEsmte2GU02W7e39S2c0ssdpQXe0AO4OJbBA6vY181a181w1IC0fWMa9sXe0QWoHRmFz0MhAxalW6O5ypRYp6u5m705xNM0Q0Pm06u6Vy1WHh__zFSh_jsjw0QeiInqgY-jeGTg1u1i1yQo1-zvSTNk23UtIcG8jUbB90YsAKia2B2g2oG8eFbB90YXEKia2A9vIpL8l__V_-18uaZrZ-G8wVCtyZopQkQxG6O8vlQ-loU_w7yKWq0iHyFTFWWfo6GJ4oCfZ9GNL0Szj0YPFEoa-gImtV6zhea8yFcAgNp2RO9E000~1?stat-id=2&test-tag=526666069760545&banner-sizes=eyI3MjA1NzYwNzU0MzkwODQ0NiI6IjUzMXgzMDAiLCI3MjA1NzYwNzU4OTE5ODU0OCI6IjUzMXgzMDAifQ%3D%3D&format-type=118&actual-format=13&pcodever=734142&banner-test-tags=eyI3MjA1NzYwNzU0MzkwODQ0NiI6IjU4MTY4MSIsIjcyMDU3NjA3NTg5MTk4NTQ4IjoiNTczNjIifQ%3D%3D&constructor-rendered-assets=eyI3MjA1NzYwNzU0MzkwODQ0NiI6MTI5LCI3MjA1NzYwNzU4OTE5ODU0OCI6MTI5fQ&pcode-active-testids=730322%2C0%2C55&width=3443&height=300&confirmTime=2100000&confirmRatio=320000&wmode=0

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 02:12:01 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://allo499.ru
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 02:12:01 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame BBCC 439 B
475 B 58ms
56ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fallo499.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A0%3Als%3A456625507976%3Ahid%3A885377459%3Aphid%3A649567395%3Az%3A0%3Ai%3A20230310021201%3Aet%3A1678414322%3Ac%3A1%3Arn%3A1061858700%3Arqn%3A1%3Au%3A1678414322754156862%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C12%2C49%2C3%2C0%2C0%2C%2C152%2C0%2C219%2C219%2C0%2C218%3Aco%3A0%3Acpf%3A1%3Ans%3A1678414319296%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678414322%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(30600)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

98c7b0c039eb758de186b9b7327566f9397079045bdbcf458fead4670d06c3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 02:12:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:12:01 GMT

POST
H2 200 72940384 Show response
mc.yandex.com/webvisor/ 43 B
160 B 322ms
211ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/72940384?wmode=0&wv-part=1&wv-hit=649567395&page-url=http%3A%2F%2Fallo499.ru%2F&rn=677053973&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678414322%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310021202%3Au%3A1678414319326291535%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678414322&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:02 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:12:02 GMT
content-type: image/gif
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:12:02 GMT

POST
H2 200 72940384 Show response
mc.yandex.com/webvisor/ 43 B
73 B 59ms
59ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/72940384?wmode=0&wv-part=1&wv-hit=649567395&page-url=http%3A%2F%2Fallo499.ru%2F&rn=740189229&wv-type=3&browser-info=we%3A1%3Aet%3A1678414323%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310021202%3Au%3A1678414319326291535%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678414323&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://allo499.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 02:12:02 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 02:12:02 GMT
content-type: image/gif
access-control-allow-origin: http://allo499.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 02:12:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.bidvol.com
URL: https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

115 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:15:00	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:22:12	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 10:15:00	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 10:13:34	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZAqR73DPXzE
kimberlite.io/rtb/sync	1970-01-20 10:13:34	Name: n Value: 1
allo499.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4prnk8oab1fuh0tto8a9gapol5
.allo499.ru/	1970-01-20 18:59:10	Name: PHPSESSID Value: 4prnk8oab1fuh0tto8a9gapol5
allo499.ru/	1970-01-20 19:49:34	Name: fid Value: 9e85cd58-d36b-47a4-bba8-4fca6a25f587
.allo499.ru/	1970-01-20 19:35:10	Name: __gads Value: ID=7ae66ce30a2b630a-22ac0d0048dd00de:T=1678414318:RT=1678414318:S=ALNI_MYKm165hIEy0MN5RRKTY1mOvRKbnQ
.allo499.ru/	1970-01-20 19:35:10	Name: __gpi Value: UID=00000bc2c9d108b8:T=1678414318:RT=1678414318:S=ALNI_MY12tJSjPWsTShM4OqwCa6n53Onxw
.acint.net/	1970-01-20 10:13:34	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 19:49:34	Name: aid Value: CkIDFWQKke5ugATqN1z1AldOexYeSfJv9k6cz7z78px+Z+1u
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp7v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp14v3 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp17 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp32 Value: 1678414318
.acint.net/	1970-01-20 10:15:00	Name: cSyncDp45v4 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp53v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp62 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp67v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp68 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp71 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp85 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp95v3 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp98v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp101 Value: 1678414318
.acint.net/	1970-01-20 10:33:43	Name: cSyncDp104v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp107 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp110 Value: 1678414318
.acint.net/	1970-01-20 10:35:10	Name: cSyncDp125v3 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp126 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp127 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp129 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp136v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp146 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp148v1 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp149v2 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp151 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp178 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp186 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp217 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp221 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp235 Value: 1678414318
.acint.net/	1970-01-20 10:56:46	Name: cSyncDp241 Value: 1678414318
.betweendigital.com/	1970-01-20 18:59:10	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 18:59:10	Name: tuuid Value: f031e00f-34c8-5245-a111-9b96c51b0a78
.betweendigital.com/	1970-01-20 18:59:10	Name: ss Value: 1
.ssp-rtb.sape.ru/	1970-01-20 19:49:34	Name: sspuid Value: CkICRWQKke6VVAA7koJZAhSPT3w2GJmRev6LF45dXmAOJ+Mu
.utraff.com/	1970-01-20 10:56:57	Name: preutid Value: 1
.upravel.com/	1970-01-20 10:13:34	Name: session_tptc Value: 1678414318920
.an.yandex.ru/	1970-01-20 10:23:39	Name: yabs-vdrf Value: A0
.adhigh.net/	1970-01-20 18:59:10	Name: gi_u Value: P591Tpy82H8.AikABlGGyUoNVA
.upravel.com/	1970-01-20 19:49:34	Name: user_id Value: 005c0158-796e-45fd-9260-b95ee49ba9c6
.allo499.ru/	1970-01-20 18:59:10	Name: _ym_uid Value: 1678414319326291535
.allo499.ru/	1970-01-20 18:59:10	Name: _ym_d Value: 1678414319
.adhigh.net/	1970-01-20 18:59:10	Name: sape_sync Value: LKvb
.doubleclick.net/	1970-01-20 19:35:10	Name: IDE Value: AHWqTUnNyU62K1SYq4DyYnZO01Gnivk9VXTmGeVyxfYo-LdxGyFtfBpLp_dASTpnvz4
.mc.yandex.com/	1970-01-20 10:13:34	Name: sync_cookie_csrf Value: 1105010927fake
sync.adspend.space/	1970-01-20 18:59:10	Name: as-user Value: d9b3ec55-2132-419e-b0c0-04e399615511
.mts.ru/	1970-01-20 18:46:12	Name: dspid Value: 25f56e00-3fae-4fdb-b5c9-d105927f408d
.rutarget.ru/	1970-01-20 14:32:46	Name: userId Value: oh7A1L4MQ5H7
.adriver.ru/	1970-01-20 19:49:34	Name: cid Value: A1dj-fYB0-mS_MSPlcP95lg
.uuidksinc.net/	1970-01-20 18:59:10	Name: jcsuuid Value: wjoQppwj5IYldlQhDnfk
.mc.yandex.ru/	1970-01-20 10:13:34	Name: sync_cookie_csrf Value: 2788596510fake
.bumlam.com/	1970-01-20 19:49:34	Name: suuid3 Value: IiRmMDcyMzVjNi1iZWU4LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.yandex.com/	1970-01-20 18:59:10	Name: yandexuid Value: 4368545801678414318
.yandex.com/	1970-01-20 18:59:10	Name: yuidss Value: 4368545801678414318
.mc.yandex.com/	1970-01-20 10:15:00	Name: sync_cookie_ok Value: synced
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.aidata.io/	1970-01-20 19:49:34	Name: __upin Value: T7CvITpFc7KmXdKQx2c7bA
.aidata.io/	1970-01-20 19:49:34	Name: __upints Value: 1678414319
.doubleclick.net/	1970-01-20 10:13:37	Name: DSID Value: NO_DATA
.ohmy.bid/	1970-01-20 10:56:46	Name: uid Value: 6dd6bf13-60ed-483f-b6a9-b50833476452.640a91ef.d7f8998b35e696a8
.mts.ru/	1970-01-20 19:49:34	Name: mts_id Value: bdaa5967-0191-4014-9407-ddaa4bc3380d
.mts.ru/	1970-01-20 19:49:34	Name: mts_id_last_sync Value: 1678414319
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
x01.aidata.io/	1970-01-20 10:17:53	Name: livin Value: 1
.yandex.com/	1970-01-20 18:59:10	Name: ymex Value: 1709950319.yrts.1678414319#1709950319.yrtsi.1678414319
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1841780131678414319
.yandex.com/	1970-01-20 19:49:34	Name: i Value: yfOSzzPdU7ud3idioCTYye04JKQZlA0izg8R08UlHiU33fu8S3B5D4DoIbPZFoeCfotky74FK7H/doIV7uD/Ilpqodk=
.gonet-ads.com/	1970-01-20 19:00:36	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
.adhigh.net/	1970-01-20 18:59:10	Name: yandexssp_sync Value: LKvb
x01.aidata.io/	1970-01-20 10:23:39	Name: yaya Value: 1
.agency2.ru/	1970-01-20 18:46:12	Name: uuid Value: f059f451-b141-4a0c-93f6-fcec3aa4fd1f
px.arcspire.io/	1970-01-20 10:56:46	Name: arcid Value: de515266c23a027cc419ba
.360yield.com/	1970-01-20 12:23:10	Name: tuuid_lu Value: 1678414319
.programmatica.com/	1970-01-20 19:49:34	Name: pid Value: MTBhMjc0YWE2OTI3YjMyZg
.betweendigital.com/	1970-01-20 18:59:10	Name: ut Value: ZAqR7wAKrmAa-iGnhsdYEV_6OTvSGMoIc7Ltbg==
.tns-counter.ru/	1970-01-20 18:59:10	Name: guid Value: 702D6A04640A91EFX1678414319
kimberlite.io/	1970-01-20 12:23:10	Name: u Value: ZAqR73DPXzE~dIPguPBGBO6aaTyi5F1o5-G6qyA
.360yield.com/	1970-01-20 12:23:10	Name: tuuid Value: 0dcf84cf-3a33-4f76-835a-c3de0c7c8f22
.allo499.ru/	1970-01-20 10:14:46	Name: _ym_isad Value: 2
.dmg.digitaltarget.ru/	1970-01-20 19:49:34	Name: viuserid Value: b2NGdfTNk2C9-JF7emQb
.weborama.fr/	1970-01-20 19:39:29	Name: AFFICHE_W Value: 5lPFcFejoR-m47
.demdex.net/	1970-01-20 14:32:46	Name: demdex Value: 54866191168280532342463969592993652428
.allo499.ru/	1970-01-20 10:13:36	Name: _ym_visorc Value: w
.adnxs.com/	1970-01-20 12:23:10	Name: uuid2 Value: 7550254856584838737
.yahoo.com/	1970-01-20 18:59:31	Name: A3 Value: d=AQABBO-RCmQCELmWJCvxrcCeh2b6bxjuz_EFEgEBAQHjC2QUZAAAAAAA_eMAAA&S=AQAAAnPdM9Ma8vynXn1pxlO0Jgw
.casalemedia.com/	1970-01-20 18:59:10	Name: CMID Value: ZAqR71YKuEkED9LMy0TICAAA
.casalemedia.com/	1970-01-20 12:23:10	Name: CMPS Value: 3394
.casalemedia.com/	1970-01-20 12:23:10	Name: CMPRO Value: 3394
.analytics.yahoo.com/	1970-01-20 18:59:10	Name: IDSYNC Value: 18yx~2afe
.pubmatic.com/	1970-01-20 10:15:00	Name: KTPCACOOKIE Value: YES
.adx.opera.com/	1970-01-20 18:59:10	Name: UID Value: OPU1218c88200064bf29ce9ea04a2916ba1
.dpm.demdex.net/	1970-01-20 14:32:46	Name: dpm Value: 54866191168280532342463969592993652428
.pubmatic.com/	1970-01-20 18:59:10	Name: KADUSERCOOKIE Value: B3A5BDCF-8BDB-4787-9782-83865F7DD30E
.sonar.semantiqo.com/	1970-01-20 19:49:34	Name: semantiqo_a Value: a908fab6336e495b948885bd2365975f
.sonar.semantiqo.com/	1970-01-20 19:09:15	Name: check Value: 263430d2bfbe45a9a6889144c10daadb
.mail.ru/	1970-01-20 19:00:36	Name: VID Value: 1QSk7P2zdOoG002Db92V0DYG:::0-0-0-924eaaf:CAASEMYDO67ax57egFn5iL7hMuEaYNxPaPNx_bAFToKgH9yK43LJxvVi8XePObeuRbUJRdcbk4Z1yC-l22X3WyYstTCon8gstmnF6LBOLFu2Hg5r9JgcuXc6qzZNbr70Awx84J_apJhHSzejzR7UbJAGL4Yf7w
allo499.ru/	1970-01-20 19:49:34	Name: _ac_oid Value: 19ce9caf7cce25a72a9f8eae68638f8f%3A1678417920146
.yandex.ru/	1970-01-20 19:49:34	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:49:34	Name: is_gdpr_b Value: CMPjWhCFqwEYAQ==
.yandex.ru/	1970-01-20 19:49:34	Name: i Value: T/O6F7BpfWvWCW1kjmkSUFh0H4dORVuQg2p86WvJxZpQvf/4bYd+r2mEhgZ4ekPLh/du/J3YzXKY7yerKQqJuvQAEMM=
.yandex.ru/	1970-01-20 19:49:34	Name: yandexuid Value: 2494052941678414318
.yandex.ru/	1970-01-20 19:49:34	Name: yuidss Value: 2494052941678414318

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://allo499.ru/templates/template36/style.css?1355128328 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://info.weather.yandex.net/informer/150x150_white/27612.png Message: Failed to load resource: the server responded with a status of 404 (Not found)
network	error	URL: http://info.maps.yandex.net/traffic/moscow/current_traffic_150.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://an.yandex.ru/setud/mts_banner/JfVuAD-uT9u1ydEFkn9AjQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=131688643 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.utraff.com
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
allo499.ru
allorus.ru
an.yandex.ru
avatars.mds.yandex.net
clck.yandex.ru
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
cs.agency2.ru
dd.ce.b7.a1.top.mail.ru
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
ev.adriver.ru
exchange.buzzoola.com
f07235c6-bee8-11ed-86e0-002590c0647c.n3.sync.bumlam.com
f07235c6-bee8-11ed-86e0-002590c0647c.n6.sync.bumlam.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ignio.com
im.bluevoox.com
image6.pubmatic.com
img.ignio.com
info.maps.yandex.net
info.weather.yandex.net
informer.yandex.ru
informers.forexpf.ru
kimberlite.io
log.strm.yandex.ru
match.360yield.com
match.adsrvr.org
match.new-programmatic.com
match.qtarget.tech
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.bumlam.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
sape-sync.rutarget.ru
secure.adnxs.com
sm.rtb.mts.ru
solta-sync.rutarget.ru
sonar.semantiqo.com
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
ssum-sec.casalemedia.com
sync.1dmp.io
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.programmatica.com
sync.upravel.com
t.adx.opera.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.acint.net
www.allorus.ru
www.forexpf.ru
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.ignio.com
www.profinance.ru
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
ssp.bidvol.com
142.250.185.66
142.250.186.162
144.76.118.200
148.251.237.106
15.197.193.217
167.235.117.41
167.235.97.173
178.57.217.166
185.147.80.35
185.15.175.144
185.15.175.147
185.167.120.17
185.196.197.130
185.64.190.78
185.80.39.216
185.83.142.19
188.42.105.236
188.42.196.115
188.72.109.103
193.232.150.150
193.3.184.218
193.3.184.226
194.182.66.153
195.201.57.28
195.209.108.55
2001:6d0:4001::226
212.76.129.181
213.87.44.187
217.65.2.150
217.66.147.41
23.111.107.44
23.88.12.14
2606:4700:20::ac43:48bf
2606:4700:3033::ac43:d997
2606:4700:3037::ac43:c745
2a00:1148:db00::17
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a02:6b8:20::215
2a02:6b8::130
2a02:6b8::14
2a02:6b8::17f
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::28d
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
3.71.149.231
31.172.81.158
35.177.4.157
35.190.24.218
37.18.103.22
37.18.16.21
45.9.26.83
46.243.172.93
46.4.121.26
5.200.43.131
51.89.9.252
52.212.210.65
52.45.175.185
54.228.83.115
62.109.24.241
77.245.57.72
80.87.198.111
81.177.34.136
81.177.34.158
81.222.128.213
82.145.213.8
87.242.89.90
87.242.95.200
88.212.201.204
89.108.120.76
89.108.127.68
91.192.149.30
95.163.52.67
95.163.92.180
95.217.109.66
00de0281484ce822c9e7f964e49977408cf15013f33f157ff4e1073cdc54767e
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
064b963a6c7701a3c70ea15b40c573d1994e3aebbfc0414f1e8b5fb324d11ed3
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0aa177d4132d8a6bfb33ec6536238b0f8346b7af86659e32a347637893ee47be
0aaa0e509bd261a82e930c2d97a2eea2a6c5cf39ee5cb419233f93f0759c4a9a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca5a70e346d269766c4bdf556309ee89162d2f73918555973706bb0fcb65769
0e2799fddbc7bff356222f93b8041ee564d4bc76394527eaf2a0f001be14938a
0ea32030fed14958bf3e670c08e49fc63bfdebefc79a3ac43dfb1b2d5a5c129a
10ca1a5fb2ca07965237b4cbd18775a79bee5454b07872e5311184c4a84f2cdf
10e4800bb8797bfe5648743ab240b419817efd521026fa21a0dded2cfc541490
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a4225948c1c20f6b9d85d72197bde883ef602fa9f704474bbf1cc99985c8c82
1a51f47d09726d2dcd7dbb73ca7b23a9bdde39d0e50498c80fba7c8a8b08d6bb
1b2013d9928d92c48d14a7af80e45f91281d14f69e352662eab641c8fb986b3a
1db4f215d165c45e10d3105b078a84a163e32a0f063ee655c537a796580992f5
23c9447de24ff8df5fd6873fd9abcd5a39efbb8bb5173af55cd3ecd0f43285ad
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26b6efc3fe5f1f4aa3d3bf4f7eba99e758a928dea5de912039b3120806d34dfc
271bab9fc21efce9ccad0b0b7e24f3a55b0e0c6ca40865f057a72bd3099304d0
2739a87279199c9ec81af470de4bc11a3b5ea4a1804161cdff856c8f61944b65
27c2e01e93a2448e879d69877681ea4bc9150d8f1918710a918e953b6dd887cd
29f923f0b2ee0d86a78637dc4eafc8b47c09d09ae5044e87997eb6b2c2fbae5a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d0c99a3aa00608109e6c0da0f1e514d201eebac933e1fd828201798852354dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3298f8adb2f8ec4ea250ee9cf44733e8a4d0fcd5253556945077d03c6df4fd9d
33ed74cdaba8dd6a2534032f58e043ff41150c6f49b64711e5a8223beeb63de0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3767fe0b3855eaaf43e74fff933f9bd9c4743ba6a7630336fb2cccb1701c91e9
39b10b1eda24aa562e47f895f454495328533c39d53ede77f4f53c1fc612e04c
3d64d0d2fe956a121db0a50f070ce2c676d9f510b5f9671124196e36674ec10a
3d6d2f30e4e00720a9b4af99777a5f3c05293d68fb797d0af6cb7c2f22bde8ca
3eaade5c2030227244f63d3f6e65425add4ff310bc7e69b67bd1a59ce57de9f2
3f24d8ad038e5a33e05fb6a1d6cf6ed6895763e6d28547a7a47d16493495247c
407ab4663cc18665c9b1eb1c0efb2651a2fbe480a3a46ef9ccd150afa96ef155
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
41a26ba71be3b5f4d17460372dedd5572d61d6a8f102f975557243644f275d47
44140a8ed63ae318b195ca6fc89bb1322bfb1eab05447e4f299f726bf904d163
44edaf520b99acbf1d27ba44aed813e42bf028e1a9796e5870feed8968aa107c
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
45c46faa08c595334124feba5aa656968c031cd5b0cac0cefe087a1fca2556b3
464f8b993d5d6e4e3ed52013bbfdc4f12c4e764c9869f0be6b0dfa96c8f5703a
47c5d641f96c5615a23b864a6bcc9d4c9d5714d3f066a9f31d3a6ab711a8b1fb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cbe23a5fc39014760a92247acaa5cf3825cc1d84ce0349cc0f0086adad6e524
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
50f92230ec02e52d38bf747282a29c1b4112fa1e7f715a29fcdbc8daecb76ae4
523ab6b7f44d0e7c1a98dc685128ffe0a17004547329565d9694a3ae17601518
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a2ee320011306c36ecf013fbd1552d09f3298c2799bbeb1d6dc28cf275ad7b5
5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2
5d077dd5a8c304646a3cb1d4c027ac40260d4d2fba5e10a74ebfafc3d7fa2784
5f05de7f7f9e6ed8d5ad8815e01a59df765d0f0ef05c917f3b053ea79df06754
62d837beb5564ed703916b86819379b4c01f53ea9b9aeae075da4e7137e86494
63408511570871a712d79b9ace31e71285c3ce09683e61a74beb8a0c9e95d179
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6535ca45d7e2f15c6da759ed9f54b5feaff988342e1a244d14086934d9e057d5
67421d6fb8796772d0d42b3565cd383983fe6ba74e0c8da4d7d2a31b4e8d949d
6bebbb74e49969f43a4dd1eb68eeb1dfa512f7a3e0db2b0c39ad3185485ed1e1
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
7679030d55ecf998de3c31a1a33d9d66b19e71f77d3805d77a218db193ce2693
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
771550485ceecb921c357f6f54be3679cd7f6533ad948acedd9b67c6a5e13b1b
7b9e0e0ec0063298da91bc1f82f0f51c7a0ff146e273ee3a1ae49af2b29c8369
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
7f0d63c49587e6fa78489150472b5e408e841fc019b842959a9c8ba8802de6e9
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
830e888d5958121c86bdae274c9848b01d97195d10e6ddbc4399d1f2ddc1d751
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8629350a9dfca70ce7c76b89b02a1697759026411576ba08d7a28e4f26a3332e
867d38c4d68d7d0df97ec4071e3c2a83860fb1ccb7a3063bac0f7040da3d8304
883b601cc7ee3fb9759785285b6ba6cd159bacb569c70c5e7744a3824cda84d9
89de9fa70df699893b535329929ab5e2b7f5a828b62edda4d0f2c98473bdd548
8ba6053d37dcf1ff0102e5ce3b7da0ef321df2a45befaa9e37c5f9460834f16f
8ca80cf1a146b9cea5f9746c31b1dbacc3e2ca5c3f867c4b3b2659ee83aca084
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df9a51eaeaee1aa2f2020dea3b9d72348d56a958641c1e6d75516d6f72f646f
917ba90fd530eca085683c3147a056ecf10239787189b1661ad68743672a6a0b
961d65ef493469ff3c06009c02c2c6f73ae82f402d52310369112a2635e6dbbe
97de20a5373f52ef872fc451ea42716453c5b77d5c96f5dc46b2958c5216f288
98c7b0c039eb758de186b9b7327566f9397079045bdbcf458fead4670d06c3dc
9923ef32328e2d75ea829160658017dd9194d12d5da207ea68a8f2c7ff03765f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9add681f010f4dcdf40f2cb0d13309351f4eea0395b40ba149903d2fced18b0c
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc89da7790d1ec677b65a15ea031dd9aad10fe6988787447e498cc7e1ea523
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
abd86084299fb37cbcb34dedb0d9a8d5230740560528b5105be9912bff39c2a4
b32d71093acf754500ae86096590f11b4457757eeb99a90c4488caa52a6cecbd
b6d7dc20935e9f6d9c5d14c27335dd9cda044118bebf96a3d68f37d3e29f2d40
b6ec12edc1e21394d03e04ded0988e0177116ce787b837bfc4ab38188a647b36
b80afc31ffccfcac4e40b1c21b5ddbb83ffec0454629c05fcde1e27e669db98b
b87dbaf07cb3ecc7d2ab5931f8c598e57323d41f140673f4fc8561d423fd086b
b93124a9f2dd309ab71cb6c19b4462dae9e5bb3a4b9265209ebf63aeaa6653d9
bccebc1c44a2e9e01d5f9e0a3528b106b8451090a521a7499e7430d10525ecb0
bd2d7b6dcb0d1bbb7db3189ae86f888ce8e7ab0186d56dd778449191775baff7
bd7331f7e556587cb369aff2cf0ee414810aa896688446accd96b4725e9c9356
bf47231d0aaa7481ebaab5c92cd4d3d5c37e07c01cf74dbf7ae78c77d7de6d13
c1e819871952dadcf4058ed71cd682f6341c7b3974b0c0cc51d55b45900db1d8
c6aa05b8acad62acebc1904602adb51c5451d486962474223fa7f18b87e04446
c7faa74be380234dea8a898b636eafd8c2a791369e59a2f1395714fb62a4c84d
c9c7e70f03906de2620a6c6dcc8fe75c602f5a39240777618fd32f4b5043a6bd
ca2be2c75a144709f6b4b081b7b18d7eafa100c602c2c09060079da841bb9024
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
ca7b03d2a19b42dde9e72a891fda96dfbe8a260d11555adfbd8a55dfda716cbb
cc003eb7cee302c17e837c6838a3ddc3e4bf5057d21099985302e472e68fcbca
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1077259d8a1bcf60f5db3f865f52bc024e75f1a409c2d4ce3287f86e2513e61
d15b1f9c97ea00872cd7a0e09a2c01c3deb1c3ca17912b0572dd75b3beef5a3f
d4a1dad13f7e1307071cc30c2bd741b846cd1366dc44c5e90d9bfa00a735fa10
de77e509f71e32b76d7681e2751c8a4359ed62421ddcb507330b4912a6a3dbb4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e5ccb362c77e29e09fefe404a2270da25db304e2f4a34af48d4325e6a2ee56a5
e5f6db3be8bae33992e92f2e5f19cb28bcf928aef490462b0060e5695b5b76e8
e8a043ea6cca72341d32dd1bebfb5eda61bfa514196b216dd5cb2efa9e3c6261
eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0
eabbdf222a6fdefc15823ad881245c5b3d19f3cd9e76537cf6eac726d47f3005
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7b2694fade487338193a9f1df8c6bab7630d8269932611503b4e8e43f21ccff
f9ab57534e80b65a495befb1f14d981bd6562eeee72ea74b15f843f3d360603a
fbf1493cfbd5eb28bede27fe0d0e7c64db876c909dd249199e69054461ab5c9c
fcb2cc0120007b9f25e6bb5dfab4d13dbd3b16c01e35767a69a2298c1b2fcb0b
fd247690eac72e4b15bc1401a7806ca38b8059b8eae4531cf850962e8cf5347c

allo499.ru Open in urlscan Pro 2606:4700:3037::ac43:c745 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

271 Requests

51 %HTTPS

31 %IPv6

66 Domains

99 Subdomains

55 IPs

12 Countries

1755 kBTransfer

4403 kBSize

115 Cookies

17 Outgoing links

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

allo499.ru Open in urlscan Pro
2606:4700:3037::ac43:c745 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

51 %
HTTPS

31 %
IPv6

66
Domains

99
Subdomains

55
IPs

12
Countries

1755 kB
Transfer

4403 kB
Size

115
Cookies

271 HTTP transactions
4 data transactions