urlscan.io logo urlscan.io
SecurityTrails logo

hefydue6.pro Open in urlscan Pro
172.67.147.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf...
Submission: On July 26 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 51 HTTP transactions. The main IP is 172.67.147.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is hefydue6.pro.
TLS certificate: Issued by WE1 on July 22nd 2024. Valid for: 3 months.
This is the only time hefydue6.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 172.67.147.235 13335 (CLOUDFLAR...)
6 2a02:6b8::274 13238 (YANDEX)
1 2a04:4e42:200... 54113 (FASTLY)
1 185.203.72.63 60922 (AS_KKM_IT)
51 4
Apex Domain
Subdomains		 Transfer
43 hefydue6.pro
hefydue6.pro
416 KB
6 yandex.ru
api-maps.yandex.ru — Cisco Umbrella Rank: 29605
287 KB
1 lucky.online
click.lucky.online
620 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
30 KB
51 4
Domain Requested by
43 hefydue6.pro hefydue6.pro
6 api-maps.yandex.ru hefydue6.pro
api-maps.yandex.ru
1 click.lucky.online hefydue6.pro
1 code.jquery.com hefydue6.pro
51 4

This site contains no links.

Subject Issuer Validity Valid
hefydue6.pro
WE1		 2024-07-22 -
2024-10-20		 3 months crt.sh
api-maps.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2024-05-07 -
2024-10-31		 6 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.lucky.online
Sectigo RSA Domain Validation Secure Server CA		 2023-10-24 -
2024-10-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Frame ID: D999296C826A3240B8DBBCC64367F1B6
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Инвестиционная программа

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

733 kB
Transfer

2507 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hefydue6.pro/lp/ru/gazprom_np/ 		30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
3d92f63bc493d6110cb98bbd401e69cfc956180471d4fe8835ebbb5ab8b8f695

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a94fa4bc8211c22-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 26 Jul 2024 14:11:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQdlb0m9em1E%2FpQgQojE1sXBDjOouNtjXqC3W5FQZ21GgwT%2FOmrW4CEVlhBx4eya%2FE78CMoKoBy2nBriLD4B9fx%2BJRYyMFn6CjjlRuWNbBpizzOmj5gjiPm6bv0lqXM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
app.css
hefydue6.pro/lp/ru/gazprom_np/css/ 		1 MB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/css/app.css
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2628822bcc3bb305fee3b7d4d0cea033484920a1da1a2c76989ac37a3eacf254

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1465305
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-165bd9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqSKUQR4ejTGgH4VkigGwxAiHrsPxJ3y17KwQrf03hD5JveBfREO%2BoIF5KkLEoa4Sudyb6Dz8BMjjmI48QhYqm%2BR6gQ6RRlgHrJ5B0aXtcYzerMobDe3saqvqAqRjxA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4c68e51c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
api-maps.yandex.ru/2.0-stable/ 		71 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.0-stable/?load=package.standard&lang=ru-RU
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5df363a27f088333fd82417e39ebbc0671bb540cc4a4c70645bbf55d74664872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
0
date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-lighttpd-locale
ru_RU
etag
W/"11da1-o/KILt72+T7txMz+A+NMOwE8dTc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-req-id
1722003074142243-6532572450122715044-v4ic65g3iedzujmz-BAL
x-xss-protection
1; mode=block
x-start-time
1722003074142243
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://hefydue6.pro/
Origin
https://hefydue6.pro
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1121156
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
30336
x-served-by
cache-lga21978-LGA, cache-mad2200139-MAD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1722003074.100683,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
3, 80182
l.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/l.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c8694ca2b61271f1396b720efa3eb075a4516cd4d4fe81b6f050382f79f1c4c

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
42158
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-a4ae"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cADWSzTQxa1FBTXI0HvGufjqqMz3%2F4Uf4CO9frzjF8W9OrXixk9uxzlY0B3grMiu9rlBBp3%2BF3qR%2FR4qKA1505iOn1EgSMKb8IRmJvlaq1svBUNKrc8%2FT9w%2Fvlj5MQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4c68e61c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alibaba.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/alibaba.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed25966473abd8885ca8fdba262d5cbfadbd5f4fc7f7623981305806857efa5

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1683
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-693"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFr0xcfNEZwO3m%2BNS47qFeatukAvE0iVjghPLcWmfoPNLzS26p%2FC3Q7j%2B8ZCzBmpswFzGxVOiwDtiQQ6iPVzCD9AggwwNRKduM4OcvAIYqSZwUzxPVJ55PgoMT%2BBO%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4c68ea1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fb.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		433 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/fb.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621f4507056d5c3d36782d1ded7ec8ebc95416b52d1272f7526edb964535cf06

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
433
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-1b1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQLLRQt8QmtY1l4igH7k9ZGYd3GF3mqYYUW0XLiXomINZMvQLtHePkFSz8ugfA5S0%2Bh%2BIc39Kv3aYWGN68VHnaXIDbLkyniZKJ79QDMEBCD7Oez7Q%2FdaQrTqF6pBF14%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4d8a151c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
finex-gold.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/finex-gold.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a781df7e21632c91858de56506c483d07987f831c16a539d76cf613023ab6b7b

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1123
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-463"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pwHZsoLt6ObGIZzc0P6oXGuudln4l0uvXHssbUwC1z3oXNjbKWqXIPWGWFv%2FSarfpHhqlch4pl74MZmWLilW8p5DrevGq80jx9M37ax6pVZSfL3Unz%2BWcSW%2FfoM7Q8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4d8a1a1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gold.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1000 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/gold.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c920708e5049209938558b4afd976070900643223e1069904b6e9defcc8423

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1000
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-3e8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ue58bVH14yWKYHZitNjsE04vQ99EULXt12PcoAeIDqdlAajBGftCBmKzJEMixS0TtgkEYycJpLIhzgQdBJX%2F9brY8Di1%2BrfTkLqM52Yd2%2F48AHBk5egbU7zeNhKV0D0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4dfabc1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
rjd.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		732 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/rjd.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23aa29445610bd0b8fbaa684c189646384b8d42e180b5b71c5dbe812ba7d6c7c

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
732
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-2dc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QB6lXphukVu4mo4h%2BqKjVCRJA2IgBKFwpxrdVvVCR2cWmU9%2FHXTJaovnAlB5fOkd7lhikxY9jVEA0gw0O3OJll9qHLU8iZ5xSzoStYthKgWp0jAmDxnTxS%2BcTxUdEJM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4e6ba51c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
AMD.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		949 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/AMD.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93aa34bea067fb77ece6c4e5a40f4a102e7ed0ff1119d63e59b75d2229444794

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
949
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-3b5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bjfd7jj%2F%2FYMgpdt5SI9JuEAIrx4wZP6yOZ5jkf7KdGOwQAEXCqUC3wrq4IGp%2FYA60jAByjeUlP58mI7nJY4g5V3yz1qY5Ok9dPuWRs4pvSxhQQz6ZBbrVDxNZDoYIRY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4e9bdc1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
finex.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		929 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/finex.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2837347d780a44bb59bb5dcf05333e279205eb6b8d49cf3a18bb997439f46d91

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
929
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-3a1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ND%2BWP%2BSCVbfKIoqAnrUYONWnqiFYm9U0uI31nA2Qp2ZRAn1kN5OFvgz43O46bd8PkUh7vgBx2gWirXCSUXEoAmfK9WgRO0DnJWs8GKZxz7EnDFQXvSu9VwNskMxUsmg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabef1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
nvidia.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/nvidia.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99bdc21327f9362ba26186f9957aed62693ee186f27efc18987c6e393378b852

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1210
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-4ba"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yRx6d0nFlZHwyXEmpQic4oy%2BuGSPfToA%2FvO0LbuaWjRc65S87KhiK%2F%2FwYWzkGPA1%2BkeLYcPhhfNsrUwfOviTpcrMV1Ky05rLRX4c%2Bi%2Bqv3yzPoHKO8KDKkMP1Tp5GTQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf11c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
microsoft.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		384 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/microsoft.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fbc2b689aaf31276cdc5dd57c1e50d7181988aeffd83f48f1b338938f9435

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
384
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-180"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKZ57EWcjOnJYdVXoYWZ3fRsSAZzlaSLcXb8E%2B22z9GZXpclXqd8eGzvhsm0DAiRIKsoGP5k4xqJl9CJwugPCtTL9382xnw68prf7PLu3H0gH0N2MKMXVmZHO5gAnNs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf41c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
rosneft.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		868 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/rosneft.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434ce9d0eadc4fe09e17b34600d66762e1610d31aaa8cc6cc9f22606f96b1c77

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
868
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-364"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oQrTzrl8lAzR%2BXXweKDKsgJF7ZTm7UjO16tSYQYlOC8gRtFnuj3tPUYgM0yUls3Xq6CeVYaTcBJ99S5bld460LyWda8AzB%2BEhtgJBamjgioflyhA1Go%2Fn%2FG%2BxW14zY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf61c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
netflix.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		798 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/netflix.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636d5a290ae2f49d012db02968b4c619d88b632ecc65c7c3cdb98383cf5c5db9

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
798
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-31e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1Czqdpzc7a4wEHYKtRQdwtqH2L7ywrJJchv6rDygQNcgI%2FqZWPzr98EuizQjJciLn3UP%2BsyDSqUdCvMNxvk%2BCkSzuSkRRo3vm0R%2BlOrlW3opIPXR2%2FR6vS%2Fe72Ef1Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf71c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
mts.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/mts.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d6444c20c332c388c36eaa8c50371f9a110da4d9169b027451435980e73440

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
647
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-287"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtU%2FtJcAhq24TejuZTQD%2FQPx0AcrxYiFcEH3sVtx1Wjj8Gr2e8cJAYKibJw%2Bqc4BdpU417IDVyZvpGwOV2wtM8syjFTvp2JVheJ111HeJKD1LKsnndyOcT2VBJ8JnOs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf91c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
amazon.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/amazon.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912ddc0407493cc015bb590a12d873c3799cbf2149f1bdc7d7a44061f0d203b3

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1586
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-632"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUitn9D4mLg%2B06T%2BJ0emQqzyGQ6LKI0QLv5e2kQceCdwNKBnfN5GAh4%2FtOO8GYChd6GndhzW0MAJLDzJzMMZsIoOsID7JdijVPJ%2BGgCXg3WSy2rcUYdzAP1wKIMjgSU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabfb1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
afk.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/afk.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41127e988aaaf3b60eb195bb7199b866495e9f0f359544ba8fc0546f5115e9fd

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1785
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-6f9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWofrS5%2FVSetzg9H5vrsSkTj7zOIL9LNCzd6M%2F4TC4PisDzd%2BEkhalV%2B%2Bmt0krf%2BVgWj1%2BZ9tlsfZKVj8gCstOO8kFEL9XlaaRmYq60sf%2BXY9SyZIj5dAQS4IL1tZBo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabfe1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
adobe.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/adobe.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b154a551d752f5af49df315e66a35e30878eb0bed48ff14c88a17e309e251c09

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1501
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-5dd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PwmzIE4ToWlhGvlgg4AXGxXCf4O%2Bwhm2chx%2BUPU0OZlfWfkwyZyh1AiVWEeAlz9VRm1oewABRhq4hz3oo7CwAI8JRv4GkFvsb8hqFcoenAoFipme0C0jRp9%2FnWKMx7I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabff1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pik.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/pik.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48ced4c688413741669b512a8598a7db1e794828d78588437719f63fadecc12d

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2238
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-8be"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqZUwPr345UReGO%2Bm6sDK3vZj5tZNujwZE4QglGLCcL2OIXo7QEbVvxfgD6yTAMg9g5wxtcIyw4Wk5r1ZJV8oA6C7Ys9dIV47g7aXEJlfoTLgkXso%2Bc0pe4h6Xy%2BCjQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac011c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
dzen-close.webp
hefydue6.pro/lp/ru/gazprom_np/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/dzen-close.webp
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
526ac3ed77abbffe1004c8bb36fb125d1db3b1564dfcf63f9e31ab5dea90a4ee

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
8078
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-1f8e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wSTUZes3PdBHoOySrY9FRfw2T2hR5YERj7Zy8yVy8YsuszIDm%2BXppn90OYaes08xKE7ULlWok6ZUoOkABRnLL7PSIlONLnDqVnPqy2EMfB1nuOKsS4oAAgcAOpKxpPA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac041c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
dzen.webp
hefydue6.pro/lp/ru/gazprom_np/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/dzen.webp
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b737f5a8f6b441766d4568421a7d35a21e8fc31557805c6316bc5d55363e2b

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6158
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-180e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlbCW8u5RdC8EAvUTMnXahucD9fNRkooGOdeBm0Z1QLbHXEubS0DrnXhMMFXTkhc2KMFKa%2FF3iwJmzRAM2vmSR0wleJRTMXQptqmsHNIddIJmHwOJVusn9wuoq2ItoI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac061c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ya-close.webp
hefydue6.pro/lp/ru/gazprom_np/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/ya-close.webp
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecbcc064fd2615550dc5c9472961cf64e12e07a9383f2e0889e6ae83dfed144

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
12128
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-2f60"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VxVbwTJXQQw6dxpmfj04Xh%2Fgx6Sv7y80VsTXPvFqFFj%2BbhLlDJmgCkFVhra5017uRAKSfuvwdwGMyot6Rrpghk89PoCE4BidVwWF%2B3JaAgajAsLhmywFRtwsDydWmN4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac081c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ya.webp
hefydue6.pro/lp/ru/gazprom_np/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/ya.webp
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556788ff29912cbfcb4bb8e077a1815aa210ecd575bad05fe6aaabf40f4574cf

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
20454
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-4fe6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVVN4rumig44p9YWOktsNoJXsvaEYPGmAas2fksR91%2F7WE2oMJtfkxPEQIXyhCqZgH988RhJZ9WUc6NmvPxWEPiefLfxWxpW62GCX4HsiVpPkOK2V%2FtBztplNn%2Fc2K4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac091c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
icon-vk-footer-dc917d9e722a4a1fa70462727ec0e187bf10276df69042b023849370e9965531.svg
hefydue6.pro/lp/ru/gazprom_np/fonts/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/fonts/icon-vk-footer-dc917d9e722a4a1fa70462727ec0e187bf10276df69042b023849370e9965531.svg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc917d9e722a4a1fa70462727ec0e187bf10276df69042b023849370e9965531

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-75e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWbqWFjV2MDwCUFfpVLe0rZ2KQTmEpWPAEwmUe%2BA9wfhvMYOwOBhZYD73G63ssa38jUd1kkbKx40eOZNaHl8coEITLJUM9zF6Sg9eJKcCnfqVC1LfK7e6FasedpAxlY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eac0c1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
icon-vk-footer-hover-05dff03ee5e43c406c07a06eba91c0bab83a80b847cb848911d83e85c14efb2b.svg
hefydue6.pro/lp/ru/gazprom_np/fonts/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/fonts/icon-vk-footer-hover-05dff03ee5e43c406c07a06eba91c0bab83a80b847cb848911d83e85c14efb2b.svg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dff03ee5e43c406c07a06eba91c0bab83a80b847cb848911d83e85c14efb2b

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-7b5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ixv%2BlICyJ1dRvvEy5AzWggLd3HY8pVBQRDGnKGNnxDAgjdIeTxERQwTXXN6GPn6DlRMkS0wzLGYZWKSLhdl1qoeuPe%2BjpbeCXv4e2HjEpPNDwWM1TCmr1eUEdgQOQes%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eac0e1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
icon-youtube-footer-b8fbd148bf699bf5d11c6042259e631bbcba953e6770ed4b7489ec3b8cb0252f.svg
hefydue6.pro/lp/ru/gazprom_np/fonts/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/fonts/icon-youtube-footer-b8fbd148bf699bf5d11c6042259e631bbcba953e6770ed4b7489ec3b8cb0252f.svg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fbd148bf699bf5d11c6042259e631bbcba953e6770ed4b7489ec3b8cb0252f

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-4e5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVlM%2BTmI9CDrA8pGIXxBIsdMdlLtMO9GITMg3UQMuUOj9P2dW8b3yI7TxkDaraIkaY%2FLl4rVFmfxp%2FWI0gCmEHl2qTCWbsVLT7OOi3f33GSLNiVIv5J3u1dLumxEJms%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eac101c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
icon-youtube-footer-hover-02074545dba416d6da173452b3eae652b42784b0fa937bfa7dddf97d0e87b874.svg
hefydue6.pro/lp/ru/gazprom_np/fonts/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/fonts/icon-youtube-footer-hover-02074545dba416d6da173452b3eae652b42784b0fa937bfa7dddf97d0e87b874.svg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02074545dba416d6da173452b3eae652b42784b0fa937bfa7dddf97d0e87b874

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-582"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tyH7JcApajIZwJ9fZ0%2Bb00K5hXE%2BdOynxvWAqqcB5CPHcRIyzA%2BxJ2MYYwekiy4%2B%2BY2twK0VpY3bG0xeCKhsoG7CYKeDqe4sp%2FivzDXl%2Bdqu6uusxMiooHQATD0YiY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eac131c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
combine
api-maps.yandex.ru/2.0/ 		864 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-maps.yandex.ru/2.0/combine?modules=3O3E8V04060q0807091c1d010j0*0-0d0.0g0!0s0)0Q1f1a1g5X0J5Y2F3Y3I3,3B3D3$355r5s5W0a504T136u3-1u1-193S3T3V3U3R3P5t5u7H45414247494X4)4(4!4.4_4*4-7$815g5i5l5m8*8E896y6g4q3(8R8P8M8N8O8X8W8Y1(1!6h565V5S7f7k7i7e1k1i0G0F$S5d5a5f6r6s6t1.6m1H4t4z4Q4Z4j4J$f$c$W$j-m$e$1$9$_$*-R-H-L-M-P-S-O005-050,$2$,0Z$a031b0(0_5x0u0b$--d0e576x0f0Y0X$Q7c4M0r2E3N527l-Y5$1*-F-D-E-06c-V1j2M2v2x2y2D323M3_6N3F7g39$M$G$37F54$q6L0W6d6w6M4S$b0K176v1r333Z0L0N0I5o$k1t1w5p7G4V51465e43-i44$7$i2N2O2L$m4U402c4$2K2H-p83847-825k5h-n-f5n8(8F8$6W6V6X6S3J1v757I7R5I5F585_5,6l6a556k5T6f6p5U6i$l9J-l-U-t5R7h1h$F$O5c5b0S0T7_0c$81_6o0O1A$B141K$u-G-N-I$g02$)$J$Z0$5B-b-k6P6_6Q6.0p1s88$o$n1q2w2l2A2r2B1Z-T6759-s$Y4o8U6b$t2p6Y6A666D6C6B$N0P2G2C$X4a0M0R0H$4482e2f$r1Q2n1J2i787776747973878!8G6R6I6H6K6F1B6n1M1S105M5Q5Z5)5q$s69$D$R6*0t0h0l1y1D-w-K7d8-$H-h-g6O7b$y6)$d2g2a2o2t4x-21m4s808T6Z2b1z2m2s1)2I2k$06e4Y0U2u!n!m!o!l72856z$K$L!3!2!4!5!68v8w8l8n8m8o8i8A8C8B8D8x6T6E$T$5121T114,68-o$!0k-u-r53-W!Y4I$A$x8S6q6$2h1,2d!G$I.5.y_N_K_R_a_e-Z_f_b_d.6!P!O8u8k!T!U!V!S!W!p!r8y*g*f!F4W1F1Y1R1G1E5($z0n-v-3!X-5.4.K.M.v.F.D.U.0.B_V_P_T_M_w-J-z_i_n.t.l.r!N!I!L.O8p8t_u!d_g$C$V0i7m.h.f.e.H.R.d_F_y_I_B_D.a!k!h!f_p!c-q5.3)36303K3q6U&jsonp_prefix=ymaps
Requested by
Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.0-stable/?load=package.standard&lang=ru-RU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
b6f90f2e5b5f4bab1f19a7cdaa16938c022f93abb9bd135d19cf0861b2ddf2a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"d7e4e-592AAYgDfix19NDtDEYf3sPOpnQ"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-req-id
1722003074367618-11457692791601181747-v4ic65g3iedzujmz-BAL
x-xss-protection
1; mode=block
x-start-time
1722003074367618
mountains_bg.jpg
hefydue6.pro/lp/ru/gazprom_np/images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/mountains_bg.jpg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23d21bf7133b0c3df4fb49e3e93e199bf479f4f168c9e3c962da21737e429b0e

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
126346
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-1ed8a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5oU21dJocKe9xW5aq2kt%2FTyNm5U1MJYeIzdBQ42Bdf2notPOm2pPcLhkE88kLiE1SOyCljnL0RTlWzme1gNPdMj4aGIOFzMPSFyykjKZRavJPcQxDS2FiYaoZguA0M8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eac151c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alibaba.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/alibaba.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed25966473abd8885ca8fdba262d5cbfadbd5f4fc7f7623981305806857efa5

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1683
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-693"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFr0xcfNEZwO3m%2BNS47qFeatukAvE0iVjghPLcWmfoPNLzS26p%2FC3Q7j%2B8ZCzBmpswFzGxVOiwDtiQQ6iPVzCD9AggwwNRKduM4OcvAIYqSZwUzxPVJ55PgoMT%2BBO%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4c68ea1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
microsoft.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/microsoft.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fbc2b689aaf31276cdc5dd57c1e50d7181988aeffd83f48f1b338938f9435

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
384
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-180"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKZ57EWcjOnJYdVXoYWZ3fRsSAZzlaSLcXb8E%2B22z9GZXpclXqd8eGzvhsm0DAiRIKsoGP5k4xqJl9CJwugPCtTL9382xnw68prf7PLu3H0gH0N2MKMXVmZHO5gAnNs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf41c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fb.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		433 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/fb.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
621f4507056d5c3d36782d1ded7ec8ebc95416b52d1272f7526edb964535cf06

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
433
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-1b1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQLLRQt8QmtY1l4igH7k9ZGYd3GF3mqYYUW0XLiXomINZMvQLtHePkFSz8ugfA5S0%2Bh%2BIc39Kv3aYWGN68VHnaXIDbLkyniZKJ79QDMEBCD7Oez7Q%2FdaQrTqF6pBF14%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4d8a151c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
rosneft.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		868 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/rosneft.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
434ce9d0eadc4fe09e17b34600d66762e1610d31aaa8cc6cc9f22606f96b1c77

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
868
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-364"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oQrTzrl8lAzR%2BXXweKDKsgJF7ZTm7UjO16tSYQYlOC8gRtFnuj3tPUYgM0yUls3Xq6CeVYaTcBJ99S5bld460LyWda8AzB%2BEhtgJBamjgioflyhA1Go%2Fn%2FG%2BxW14zY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf61c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
finex-gold.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/finex-gold.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a781df7e21632c91858de56506c483d07987f831c16a539d76cf613023ab6b7b

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1123
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-463"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4pwHZsoLt6ObGIZzc0P6oXGuudln4l0uvXHssbUwC1z3oXNjbKWqXIPWGWFv%2FSarfpHhqlch4pl74MZmWLilW8p5DrevGq80jx9M37ax6pVZSfL3Unz%2BWcSW%2FfoM7Q8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4d8a1a1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
netflix.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/netflix.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636d5a290ae2f49d012db02968b4c619d88b632ecc65c7c3cdb98383cf5c5db9

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
798
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
"669534ff-31e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w1Czqdpzc7a4wEHYKtRQdwtqH2L7ywrJJchv6rDygQNcgI%2FqZWPzr98EuizQjJciLn3UP%2BsyDSqUdCvMNxvk%2BCkSzuSkRRo3vm0R%2BlOrlW3opIPXR2%2FR6vS%2Fe72Ef1Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf71c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gold.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		1000 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/gold.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c920708e5049209938558b4afd976070900643223e1069904b6e9defcc8423

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1000
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-3e8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ue58bVH14yWKYHZitNjsE04vQ99EULXt12PcoAeIDqdlAajBGftCBmKzJEMixS0TtgkEYycJpLIhzgQdBJX%2F9brY8Di1%2BrfTkLqM52Yd2%2F48AHBk5egbU7zeNhKV0D0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4dfabc1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
mts.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		647 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/mts.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d6444c20c332c388c36eaa8c50371f9a110da4d9169b027451435980e73440

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
647
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-287"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtU%2FtJcAhq24TejuZTQD%2FQPx0AcrxYiFcEH3sVtx1Wjj8Gr2e8cJAYKibJw%2Bqc4BdpU417IDVyZvpGwOV2wtM8syjFTvp2JVheJ111HeJKD1LKsnndyOcT2VBJ8JnOs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabf91c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
rjd.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		732 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/rjd.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23aa29445610bd0b8fbaa684c189646384b8d42e180b5b71c5dbe812ba7d6c7c

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
732
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-2dc"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QB6lXphukVu4mo4h%2BqKjVCRJA2IgBKFwpxrdVvVCR2cWmU9%2FHXTJaovnAlB5fOkd7lhikxY9jVEA0gw0O3OJll9qHLU8iZ5xSzoStYthKgWp0jAmDxnTxS%2BcTxUdEJM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4e6ba51c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
amazon.png
hefydue6.pro/lp/ru/gazprom_np/images/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/images/amazon.png
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912ddc0407493cc015bb590a12d873c3799cbf2149f1bdc7d7a44061f0d203b3

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1586
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
"66953500-632"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUitn9D4mLg%2B06T%2BJ0emQqzyGQ6LKI0QLv5e2kQceCdwNKBnfN5GAh4%2FtOO8GYChd6GndhzW0MAJLDzJzMMZsIoOsID7JdijVPJ%2BGgCXg3WSy2rcUYdzAP1wKIMjgSU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a94fa4eabfb1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
form_script.js
hefydue6.pro/intgrt/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/intgrt/form_script.js
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d1c71e54ba52ae965fbd3e172f4e372e1d3eb2d67abd892321efb82d952182

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9519
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 Jul 2024 15:46:07 GMT
server
cloudflare
etag
W/"668d5b3f-252f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skVbrzjVVPQMoyj%2BV5kdolRhkvKTUfNGRIu6c8j1ppO%2BSJlhK%2BTwReDDZZkOTSv3DB4ZN1HBvWcCO7wMyk6D29aNqolLdYzxHTht16RFb9REs4nX8fEPAa1Cau0Lgh8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eec491c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
footer-2020-o-6625df89310a34ddbdd768703faf050dc1371ab67ea1b5ac90876706ce7f18ea.svg
hefydue6.pro/lp/ru/gazprom_np/fonts/ 		941 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/fonts/footer-2020-o-6625df89310a34ddbdd768703faf050dc1371ab67ea1b5ac90876706ce7f18ea.svg
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6625df89310a34ddbdd768703faf050dc1371ab67ea1b5ac90876706ce7f18ea

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/css/app.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:04 GMT
server
cloudflare
etag
W/"66953500-3ad"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eyfOj86U5rWnJ1s0YB%2Fu9lXnn94zS6fJTzFRy2p0lNnQV7NKKDn4pDL6P%2F3On%2BiUTFegFPh%2F4ib3pSW1I7JqSL5zQe8HrZNjpvdAFU7BHVCHIfEWUdapHex2giwOm%2Fg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4eec4a1c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
loader.js
hefydue6.pro/intgrt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/intgrt/loader.js
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/intgrt/form_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a597d1d913abbae69c5655410fdd9b25562723c529c57695d9cabebb9c20af2

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5345
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 Jul 2024 08:56:12 GMT
server
cloudflare
etag
W/"668cfb2c-14e1"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eS3YJXaN9NvY8hADvdBSyt2RwwFmmMfZJJaj%2FIza7KvICdHq3eLiypO4bDoVVLJR7v8bkBGRcia1W%2FDM9yKMM7zGpNCQJyci7%2BttmXXtp8XGlJGVKeOWPFzuYA6pKWc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4f9d251c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
phone-lib.js
hefydue6.pro/intgrt/ 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/intgrt/phone-lib.js
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/intgrt/form_script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8a133a7ceba119d24264d9eecbcd741be640c2c99b654a81ba2a7acaf421868

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Jul 2024 08:56:09 GMT
server
cloudflare
etag
W/"668cfb29-1c0c4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoTilSl2HEOeX7%2FqmVzD7DMdaC7%2FbLghK4pPoDngnIY%2FVQY1z0IEsr%2Bh7Syse8%2Bijs7wcaIDdmGp%2B7DF1vesCUSaP%2Ff8MnjIx2WJhGL39CsQoX2rYg7Hp%2FZCKEPkTZg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa4f9d281c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
ef50ac9e93aaebe3299791c79f277f8e.cur
api-maps.yandex.ru/2.0/images/ 		326 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.0/images/ef50ac9e93aaebe3299791c79f277f8e.cur
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
last-modified
Thu, 27 Jun 2024 09:09:19 GMT
etag
"667d2c3f-146"
content-type
application/octet-stream
x-req-id
1722003074805627-17883220541904601920-v4ic65g3iedzujmz-BAL
accept-ranges
bytes
content-length
326
x-start-time
1722003074805627
3ce22e999d54bb9ca8150a59207f9d3e.cur
api-maps.yandex.ru/2.0/images/ 		326 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.0/images/3ce22e999d54bb9ca8150a59207f9d3e.cur
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
last-modified
Thu, 27 Jun 2024 09:09:19 GMT
etag
"667d2c3f-146"
content-type
application/octet-stream
x-req-id
1722003074806070-16069968127086858011-v4ic65g3iedzujmz-BAL
accept-ranges
bytes
content-length
326
x-start-time
1722003074806070
4965b66fe115b2f2ed500ece66514d86.cur
api-maps.yandex.ru/2.0/images/ 		326 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.0/images/4965b66fe115b2f2ed500ece66514d86.cur
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
last-modified
Thu, 27 Jun 2024 09:09:19 GMT
etag
"667d2c3f-146"
content-type
application/octet-stream
x-req-id
1722003074806363-5313624217617817467-v4ic65g3iedzujmz-BAL
accept-ranges
bytes
content-length
326
x-start-time
1722003074806363
77492cf358d8b12629399322926c93f2.cur
api-maps.yandex.ru/2.0/images/ 		326 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-maps.yandex.ru/2.0/images/77492cf358d8b12629399322926c93f2.cur
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::274 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:14 GMT
last-modified
Thu, 27 Jun 2024 09:09:19 GMT
etag
"667d2c3f-146"
content-type
application/octet-stream
x-req-id
1722003074806584-772059436108127507-v4ic65g3iedzujmz-BAL
accept-ranges
bytes
content-length
326
x-start-time
1722003074806584
ip-location.html
click.lucky.online/click/ 		75 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://click.lucky.online/click/ip-location.html
Requested by
Host: hefydue6.pro
URL: https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.203.72.63 Reading, United Kingdom, ASN60922 (AS_KKM_IT, GB),
Reverse DNS
Software
nginx /
Resource Hash
03c8534002b7accb8e3ab23c0bc339361c8777a6ff9fd0bcf788afa3ff2e9737

Request headers

Referer
https://hefydue6.pro/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 26 Jul 2024 14:11:15 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
application/vnd.api+json; charset=UTF-8
Connection
keep-alive
Keep-Alive
timeout=60
X-VARITI-CCR
524886178:1
favicon.ico
hefydue6.pro/lp/ru/gazprom_np/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hefydue6.pro/lp/ru/gazprom_np/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6a5cd9c24c278a8190d0be1724fafdc3a37d0a3fac6ef1dc98178ba8d8d029

Request headers

Referer
https://hefydue6.pro/lp/ru/gazprom_np/?googleidth=b25411dc-3ca5-4394-8a33-f22560df0a5a&lf_utm_source=bananaads.pro&lf_utm_medium=%5butm_medium%5d&lf_utm_campaign=%5butm_campaign%5d&lf_utm_content=%5butm_content%5d&lf_utm_term=%5butm_term%5d&lf_subid1=2dd9587d4496b3d2f957a6957df99e01&lf_subid2=106136&lf_subid3=%5bsubid3%5d&lf_subid4=%5bsubid4%5d&lf_subid5=%5bsubid5%5d&subid1=3o59su2321rm4&stream_uuid=2ff90edf-8020-4d34-b1b8-af282ff2b6be&utm_term=51714&blp=1&t_id={t_id}&utm_source={utm_source}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 14:11:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 14:41:03 GMT
server
cloudflare
etag
W/"669534ff-103e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZTFr%2BgdD%2BneZDfHh1K%2BbIWexONdP%2BA%2BQ%2Bdgqs%2F63LUR%2B6KiVBxJpjr5IG8iSRRjDFphNv%2Fq9BJU%2FxMIUPX92S768edy%2Bm%2Bp0%2FFHCdCQTENyQA4jUwYpOrYNscgSqg0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8a94fa5359471c22-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ymaps function| fdate function| $ function| jQuery string| host function| mapQuery function| initBacklink function| getTup function| mountThankYouPage function| normalizePhoneNumber function| buttonSend function| addLoaderScript function| findIntlTelInputLib function| addPhoneValidatorScript string| baseUrl function| Inputmask function| PhoneValidator boolean| externalPhoneValidator object| phoneValidatorInstance object| YMaps function| merge object| provider object| loader

2 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: JKdUVGwTKHi9ph2cO+Ew/W2ZoUApEeQG6MtKXlZCh/b1LS43M1nkMeBEJAFkK1XPfPOAIR/DkJXSrmN5dyo0iA2125A=
.yandex.ru/ Name: yandexuid
Value: 8968461241722003074

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-maps.yandex.ru
click.lucky.online
code.jquery.com
hefydue6.pro
172.67.147.235
185.203.72.63
2a02:6b8::274
2a04:4e42:200::649
02074545dba416d6da173452b3eae652b42784b0fa937bfa7dddf97d0e87b874
02d6444c20c332c388c36eaa8c50371f9a110da4d9169b027451435980e73440
03c8534002b7accb8e3ab23c0bc339361c8777a6ff9fd0bcf788afa3ff2e9737
05dff03ee5e43c406c07a06eba91c0bab83a80b847cb848911d83e85c14efb2b
068fbc2b689aaf31276cdc5dd57c1e50d7181988aeffd83f48f1b338938f9435
0a597d1d913abbae69c5655410fdd9b25562723c529c57695d9cabebb9c20af2
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
23aa29445610bd0b8fbaa684c189646384b8d42e180b5b71c5dbe812ba7d6c7c
23d21bf7133b0c3df4fb49e3e93e199bf479f4f168c9e3c962da21737e429b0e
2628822bcc3bb305fee3b7d4d0cea033484920a1da1a2c76989ac37a3eacf254
2837347d780a44bb59bb5dcf05333e279205eb6b8d49cf3a18bb997439f46d91
3d92f63bc493d6110cb98bbd401e69cfc956180471d4fe8835ebbb5ab8b8f695
41127e988aaaf3b60eb195bb7199b866495e9f0f359544ba8fc0546f5115e9fd
434ce9d0eadc4fe09e17b34600d66762e1610d31aaa8cc6cc9f22606f96b1c77
48ced4c688413741669b512a8598a7db1e794828d78588437719f63fadecc12d
4c8694ca2b61271f1396b720efa3eb075a4516cd4d4fe81b6f050382f79f1c4c
526ac3ed77abbffe1004c8bb36fb125d1db3b1564dfcf63f9e31ab5dea90a4ee
556788ff29912cbfcb4bb8e077a1815aa210ecd575bad05fe6aaabf40f4574cf
5df363a27f088333fd82417e39ebbc0671bb540cc4a4c70645bbf55d74664872
621f4507056d5c3d36782d1ded7ec8ebc95416b52d1272f7526edb964535cf06
636d5a290ae2f49d012db02968b4c619d88b632ecc65c7c3cdb98383cf5c5db9
6625df89310a34ddbdd768703faf050dc1371ab67ea1b5ac90876706ce7f18ea
7ecbcc064fd2615550dc5c9472961cf64e12e07a9383f2e0889e6ae83dfed144
912ddc0407493cc015bb590a12d873c3799cbf2149f1bdc7d7a44061f0d203b3
93aa34bea067fb77ece6c4e5a40f4a102e7ed0ff1119d63e59b75d2229444794
99bdc21327f9362ba26186f9957aed62693ee186f27efc18987c6e393378b852
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a781df7e21632c91858de56506c483d07987f831c16a539d76cf613023ab6b7b
ad6a5cd9c24c278a8190d0be1724fafdc3a37d0a3fac6ef1dc98178ba8d8d029
aed25966473abd8885ca8fdba262d5cbfadbd5f4fc7f7623981305806857efa5
b154a551d752f5af49df315e66a35e30878eb0bed48ff14c88a17e309e251c09
b6f90f2e5b5f4bab1f19a7cdaa16938c022f93abb9bd135d19cf0861b2ddf2a1
b8fbd148bf699bf5d11c6042259e631bbcba953e6770ed4b7489ec3b8cb0252f
c8d1c71e54ba52ae965fbd3e172f4e372e1d3eb2d67abd892321efb82d952182
dc917d9e722a4a1fa70462727ec0e187bf10276df69042b023849370e9965531
e8a133a7ceba119d24264d9eecbcd741be640c2c99b654a81ba2a7acaf421868
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
f0c920708e5049209938558b4afd976070900643223e1069904b6e9defcc8423
f7b737f5a8f6b441766d4568421a7d35a21e8fc31557805c6316bc5d55363e2b
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a