fayloobmennik.cloud Open in urlscan Pro
31.184.194.236 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fayloobmennik.cloud/7436828
Submission: On February 07 via manual (February 7th 2022, 9:15:28 pm UTC) from US — Scanned from US

Summary HTTP 62 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 62 HTTP transactions. The main IP is 31.184.194.236, located in Russian Federation and belongs to PINDC-AS, RU. The main domain is fayloobmennik.cloud.

This is the only time fayloobmennik.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	31.184.194.236 31.184.194.236	34665 (PINDC-AS) (PINDC-AS)
2	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
7	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
3	178.154.131.215 178.154.131.215	13238 (YANDEX) (YANDEX)
3 7	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
4	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
1	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
5	142.250.80.1 142.250.80.1	15169 (GOOGLE) (GOOGLE)
1	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
1	74.119.119.130 74.119.119.130	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.145 74.119.119.145	19750 (AS-CRITEO) (AS-CRITEO)
11	74.119.119.131 74.119.119.131	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.119.119.137 74.119.119.137	19750 (AS-CRITEO) (AS-CRITEO)
2	74.119.119.149 74.119.119.149	19750 (AS-CRITEO) (AS-CRITEO)
1	87.250.251.101 87.250.251.101	13238 (YANDEX) (YANDEX)
1	94.100.180.54 94.100.180.54	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	217.20.155.208 217.20.155.208	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	157.240.3.20 157.240.3.20	32934 (FACEBOOK) (FACEBOOK)
1	87.240.190.67 87.240.190.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	142.251.40.164 142.251.40.164	15169 (GOOGLE) (GOOGLE)
62	24

10 31.184.194.236 (Russian Federation)

ASN34665 (PINDC-AS, RU)
PTR: fayloobmennik.net

fayloobmennik.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.154.131.215 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 87.250.251.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.80.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.130 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.145 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.137 (United States)

ASN19750 (AS-CRITEO, US)
PTR: pix.va1.vip.prod.criteo.com

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.251.101 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: spec-promo-external-balancer.yandex.net

share.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.100.180.54 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.155.208 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.3.20 (Seattle, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-01-sea1.facebook.com

api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.164 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	criteo.net static.criteo.net — Cisco Umbrella Rank: 645 pix.us.criteo.net — Cisco Umbrella Rank: 2536 csm.us.criteo.net — Cisco Umbrella Rank: 2450	1 MB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	200 KB
10	fayloobmennik.cloud fayloobmennik.cloud	33 KB
7	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 2853	52 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	20 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 6189 ads.us.criteo.com — Cisco Umbrella Rank: 2392 cat.va.us.criteo.com — Cisco Umbrella Rank: 3459	42 KB
3	yastatic.net yastatic.net — Cisco Umbrella Rank: 6518	18 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	36 KB
1	vk.com vk.com — Cisco Umbrella Rank: 5015	479 B
1	facebook.com api.facebook.com — Cisco Umbrella Rank: 805	618 B
1	ok.ru connect.ok.ru — Cisco Umbrella Rank: 22099	2 KB
1	mail.ru connect.mail.ru — Cisco Umbrella Rank: 59950	680 B
1	yandex.net share.yandex.net — Cisco Umbrella Rank: 148723	64 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	5 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	38 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	649 B
62	17

	Domain	Requested by
11	static.criteo.net	ads.us.criteo.com
10	fayloobmennik.cloud	fayloobmennik.cloud
7	mc.yandex.ru	3 redirects fayloobmennik.cloud
7	pagead2.googlesyndication.com	fayloobmennik.cloud pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	yastatic.net	fayloobmennik.cloud yastatic.net
2	csm.us.criteo.net	ads.us.criteo.com
2	code.jquery.com	fayloobmennik.cloud
1	www.google.com	tpc.googlesyndication.com
1	vk.com	yastatic.net
1	api.facebook.com	yastatic.net
1	connect.ok.ru	yastatic.net
1	connect.mail.ru	yastatic.net
1	share.yandex.net	yastatic.net
1	pix.us.criteo.net	ads.us.criteo.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
62	23

This site contains links to these domains. Also see Links.

Domain
share.yandex.net
www.fayloobmennik.net
www.fotolink.su

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-15` - `2022-04-16`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-06` - `2022-05-04`	3 months	crt.sh
share.yandex.net Yandex CA	`2021-09-02` - `2022-03-03`	6 months	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://fayloobmennik.cloud/7436828
Frame ID: 403644DD825CA65009C850B822603505
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/zrt_lookup.html
Frame ID: 16D0B74DDC569B1708E611C9AA4EDF34
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&adk=1812271804&adf=3025194257&lmt=1644268523&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&ea=0&flash=0&pra=5&wgl=1&dt=1644268523046&bpp=3&bdt=843&idt=165&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=839650267011&frm=20&pv=2&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=188
Frame ID: 9A9C14E5D3EF0CEA4C3577A605C94025
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&h=600&slotname=8748109901&adk=1834366228&adf=331172450&pi=t.ma~as.8748109901&w=240&fwrn=4&fwrnh=100&lmt=1644268523&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1644268523049&bpp=3&bdt=847&idt=193&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=839650267011&frm=20&pv=1&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TcSdoBEJNE&p=http%3A//fayloobmennik.cloud&dtd=202
Frame ID: FCED5A873877EA47699773097175797B
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=YgGL6wAGOdgIaAkYAAoRbKOYmRbmbQBCwbNDyQ&u=%7CNq45ni3R29my6VLL8T5Rw8ABFNTkmYFTFHEiEUEIB1w%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVmd9f7zZwQazspQUXosDipfUECCUJKlNPreLVgsLDdJzCpx224TbbFo0sJgz0WzuWgJ-iDtNiu10QB5C_ZAtuEFSR8pVGAJoI5kIa_XEV7PSjkn0eudBkX8bzHODUxPPYQ7dLmtNLoOy1CjhRdP0syg6aGluDtPIBnvLFMWdbY3m5RVEerJHpYSIojZtCD8zE4Gy3FyUJe9RIfWa27Fi2QvNWBygLVHw_jMoq1X2SvIlzNhqPW9opsBSGDNX-sPnm6T0xrs-z3AtD6a7kVCehsg19yoS050AUQdvLmgA2VFrjtdrRtrO9koaN4kdvz-xkFLBW3Cz5obUloiB4BxKK5DzP7xViGYN-2IeZ62sFJVc13z1zUSDkcbdIlA1-dy7orgJebFHpsiBoCMDqKK0o-qTnDf9uEp1KtgetJ41bqmGIk7VD7E_46T_QkZLS0nu6j26C0n4wf-r&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtAyD64sBYtjzGJiSoPMP7KKooAmcge-wXJrwqKp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjAzOTQxMzkzNjYzMTkxM6ABrN3-6APIAQmoAwGqBOUBT9AKiSU-y__9jh0JyxUh1QMIqkJaYpB_NsFDETaZuY5vepD7q1O1hHVbh7ze0xPT4m_tHuUiDPl4mxxZ6vlNtxeu9HW3zr0v96FieXTy0RdmmzxegShz9DFPzRDIssn7FOCmiyaKB8PmaHKDdc5AFBBEJR25qMEQxsrtcA5me6Sc9MQyd7tjbtrOEOf1SOEqrYkvVhUm8_FZ2RLwNkdK7OZg-lbcfS0pDi9RoQ3tiw4BJxPYsiTqEywgDpC3tFReH3G6Tae3F6hq1j59F3VzWdF-Qjvd7kHcWnofZA3LxInpsZ2ZjIAG_-O9s86DidtdoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35cErrnpxJ-6k6ujD9QVlHX9UtnA%26client%3Dca-pub-6039413936631913%26adurl%3D
Frame ID: B290A2FF89F8D39A08B38FB1D6D341B7
Requests: 17 HTTP requests in this frame

Frame: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus
Frame ID: D17B1E0B1B3DBDEBFD74DBC5B97C65B9
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6818FC46662DE74B8E310E2F29DF4ADF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 447C81FD314625EEAFC3F461FDAE8894
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Скачать Base158.rar

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

62
Requests

71 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

24
IPs

3
Countries

1599 kB
Transfer

2335 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://share.yandex.net/go.xml?service=vkontakte&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar
Title: 0

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=facebook&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=twitter&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=odnoklassniki&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar
Title: 0

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=moimir&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar
Title: 0

Search URL Search Domain Scan URL

URL: https://share.yandex.net/go.xml?service=gplus&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&title=%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar

Search URL Search Domain Scan URL

URL: http://www.fayloobmennik.net/
Title: Файлообменник

Search URL Search Domain Scan URL

URL: http://www.fotolink.su/
Title: фотохостинг

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 26

https://mc.yandex.ru/watch/1663429?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A149277365423%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211523%3Aet%3A1644268524%3Ac%3A1%3Arn%3A793822485%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/1663429/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A149277365423%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211523%3Aet%3A1644268524%3Ac%3A1%3Arn%3A793822485%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 32

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A1%3Als%3A562090236659%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211524%3Aet%3A1644268524%3Ac%3A1%3Arn%3A677678874%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C1742%2C7%2C%2C%2C%2C2183%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr(14)mc(cm-1-tl-1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A1%3Als%3A562090236659%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211524%3Aet%3A1644268524%3Ac%3A1%3Arn%3A677678874%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C1742%2C7%2C%2C%2C%2C2183%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29mc%28cm-1-tl-1%29aw%281%29ti%282%29

62 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 7436828 Show response
fayloobmennik.cloud/ 8 KB
4 KB 439ms
163ms Document
text/html 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u9
Resource Hash: 38253ad3d3f18237cd8f956c9898cb1a2ac1e3b3e4a1ce7dada9ffec4ded8c0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

Date: Mon, 07 Feb 2022 22:38:19 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u9
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3142
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK style.css
fayloobmennik.cloud/ 16 KB
4 KB 144ms
144ms Stylesheet
text/css 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fayloobmennik.cloud/style.css
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8bf51ae87263999eff3fd65b3948cc8605f35da3a853399205240d802f5cc12d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Apr 2017 20:09:36 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e074e-3f4d-54d625ed94374"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 3234

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 323ms
5ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-176d5"
Vary: Accept-Encoding
X-HW: 1644268522.dop006.ny3.t,1644268522.cds011.ny3.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33261

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
code.jquery.com/ 7 KB
3 KB 315ms
4ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-1c1f"
Vary: Accept-Encoding
X-HW: 1644268522.dop153.ny3.t,1644268522.cds152.ny3.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3063

GET
H/1.1 200
OK functions.js Show response
fayloobmennik.cloud/js/ 492 B
558 B 145ms
144ms Script
application/javascript 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fayloobmennik.cloud/js/functions.js
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: c4903fa530d51c564867489760f119736ec20a22f0c044e10d88ebcb3d7e0fba

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Oct 2010 20:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e053b-1ec-492e99f085000"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 165

GET
H/1.1 200
OK my.js Show response
fayloobmennik.cloud/js/ 2 KB
2 KB 281ms
143ms Script
application/javascript 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://fayloobmennik.cloud/js/my.js
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 1cb1f8f1b4507a6968eea2dd181bdc0f8617d395ab4854fc4a94d1114716bedf

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Aug 2011 20:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e054d-93b-4a9dba8b1d000"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98
Content-Length: 1158

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 453ms
35ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

8bddf400b179123d5e0a376203087cd3b664fc1542d5510b3b132245db886446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53732
x-xss-protection: 0
server: cafe
etag: 7033468655852647677
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 21:15:22 GMT

GET
H/1.1 200
OK download_ico.png
fayloobmennik.cloud/img/ico/ 2 KB
2 KB 144ms
143ms Image
image/png 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img/ico/download_ico.png
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 5fb467ca759c60a10f57e3ecb951e3938557796c10ba540dc31155526716f0ae

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Fri, 03 Dec 2010 21:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e03fa-65e-49687d24f3400"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 1630

GET
H/1.1 200
OK share_ico.png
fayloobmennik.cloud/img/ico/ 2 KB
2 KB 143ms
142ms Image
image/png 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img/ico/share_ico.png
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: acb5f6b811304e63584b2a2712d8f04121781c05ee22dc218627fc0b25299485

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Fri, 03 Dec 2010 21:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e03fb-886-49687d24f3400"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 2182

GET
H/1.1 200
OK share.js Show response
yastatic.net/share/ 53 KB
14 KB 507ms
99ms Script
application/x-javascript 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/share/share.js

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

HTTP/1.1

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:23 GMT
Content-Encoding: gzip
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding: chunked
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection: keep-alive
X-Nginx-Request-Id: 81f788e7b8ab0554
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
Server: nginx/1.17.9
Etag: W/"db7132f94e4730c128b638f72b46c899"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 10 Feb 2022 09:15:19 GMT

GET
H/1.1 200
OK img.php
fayloobmennik.cloud/ 974 B
1 KB 188ms
188ms Image
image/x-png 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img.php
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) / PHP/5.4.45-0+deb7u9
Resource Hash: 1dd8ccee912d3f0192274a8f5855c519c148d5ae3e4ef1fa5ef04690783dfcf7

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Mon, 07 Feb 2022 22:38:20 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.45-0+deb7u9
Content-Type: image/x-png
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 974
Expires: Sat, 17 May 2008 05:00:00 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

137 KB
49 KB

614ms
104ms

Script
application/javascript

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

c3f017417990fc441fcab7b3f31b12cf99d2602ebe2a4c41707750a30d352972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
content-encoding: br
last-modified: Mon, 07 Feb 2022 11:01:25 GMT
etag: "6200d1d5-c360"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50016
expires: Mon, 07 Feb 2022 22:15:23 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK wait.gif
fayloobmennik.cloud/img/default/ 8 KB
9 KB 285ms
144ms Image
image/gif 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img/default/wait.gif
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: b88129b3c959f6dc65940ef5a70c83983e77bbcd9ade261b920da66f42d7f916

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/7436828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Fri, 03 Dec 2010 21:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e03f6-21aa-49687d24f3400"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 8618

GET
H/1.1 200
OK d.png
fayloobmennik.cloud/img/block/ 162 B
495 B 284ms
143ms Image
image/png 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img/block/d.png
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/style.css
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 223ff4f7605d9f9fddfc750aa256373f96869ffc4852964f46c246e4b67fcddb

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Fri, 03 Dec 2010 21:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e03ec-a2-49687d24f3400"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 162

GET
H/1.1 200
OK logo6.png
fayloobmennik.cloud/img/ 9 KB
9 KB 286ms
144ms Image
image/png 31.184.194.236
PINDC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fayloobmennik.cloud/img/logo6.png
Requested by: Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/style.css
Protocol: HTTP/1.1
Server: 31.184.194.236 , Russian Federation, ASN34665 (PINDC-AS, RU),
Reverse DNS: fayloobmennik.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 437092998007531a51f00dd90ebb68448975e813d15a3f767e1e7d5888b17578

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 22:38:20 GMT
Last-Modified: Fri, 03 Dec 2010 21:00:00 GMT
Server: Apache/2.2.22 (Debian)
ETag: "13e0401-2368-49687d24f3400"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 9064

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 286 KB
103 KB 70ms
69ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

6baa1e93b604608d8613d4f1ea5279d1b8c3c55bdfd9213ed7c2d7c0956cfa76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105555
x-xss-protection: 0
server: cafe
etag: 3052473027606396001
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Feb 2022 21:15:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/ Frame 16D0 10 KB
5 KB 326ms
3ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 07 Feb 2022 15:38:33 GMT
expires: Mon, 21 Feb 2022 15:38:33 GMT
cache-control: public, max-age=1209600
age: 20210
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
649 B 36ms
19ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fayloobmennik.cloud&callback=_gfp_s_&client=ca-pub-6039413936631913

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

9181f490fa54d2993853622fbcd091d405ee3724a3e537a0df8747ccd1595b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 339ms
23ms Script
application/javascript 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fayloobmennik.cloud

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 21:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A9C 13 KB
5 KB 596ms
444ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&adk=1812271804&adf=3025194257&lmt=1644268523&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&ea=0&flash=0&pra=5&wgl=1&dt=1644268523046&bpp=3&bdt=843&idt=165&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=839650267011&frm=20&pv=2&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=188

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

b215b8f129801d9802b0ba39133991f6072d0bfe5d22f77f2694ad1640454767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Feb 2022 21:15:23 GMT
server: cafe
content-length: 5015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Feb 2022 21:15:23 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCED 22 KB
9 KB 284ms
148ms Document
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&h=600&slotname=8748109901&adk=1834366228&adf=331172450&pi=t.ma~as.8748109901&w=240&fwrn=4&fwrnh=100&lmt=1644268523&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1644268523049&bpp=3&bdt=847&idt=193&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=839650267011&frm=20&pv=1&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TcSdoBEJNE&p=http%3A//fayloobmennik.cloud&dtd=202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

d2f490d3ef75b1e7708b164ad1845d80e81f73e0ea5a696e83034fb286dbcd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 07 Feb 2022 21:15:23 GMT
server: cafe
content-length: 9497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Feb 2022 21:15:23 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame FCED 2 KB
1 KB 332ms
4ms Script
text/javascript 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&h=600&slotname=8748109901&adk=1834366228&adf=331172450&pi=t.ma~as.8748109901&w=240&fwrn=4&fwrnh=100&lmt=1644268523&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1644268523049&bpp=3&bdt=847&idt=193&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=839650267011&frm=20&pv=1&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TcSdoBEJNE&p=http%3A//fayloobmennik.cloud&dtd=202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 21:13:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCED 123 KB
38 KB 361ms
34ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 21:15:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame FCED 14 KB
7 KB 330ms
3ms Script
text/javascript 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

cafe /

Resource Hash

0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6201
x-xss-protection: 0
server: cafe
etag: 16063203490821389409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 21:14:26 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCED 0
0 72ms
70ms Fetch
text/html 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1ors64sBYtjzGJiSoPMP7KKooAmcge-wXJrwqKp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjAzOTQxMzkzNjYzMTkxM6ABrN3-6APIAQmoAwGqBOIBT9AKiSU-y__9jh0JyxUh1QMIqkJaYpB_NsFDETaZuY5vepD7q1O1hHVbh7ze0xPT4m_tHuUiDPl4mxxZ6vlNtxeu9HW3zr0v96FieXTy0RdmmzxegShz9DFPzRDIssn7FOCmiyaKB8PmaHKDdc5AFBBEJR25qMEQxsrtcA5me6Sc9MQyd7tjbtrOEOf1SOEqrYkvVhUm8_FZ2RLwNkdK7OZg-lbcfS0pDi9RoQ3tiw4BJxPYsiTqEywgDpC39lZ-jdpIxKd0nsXmPUT01MJPcdhQWv9GHTtVk8QBSBViEhjpcoAG_-O9s86DidtdoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYwMzk0MTM5MzY2MzE5MTMYAA&sigh=4lspIHS9T4g&uach_m=[UACH]&cid=CAQSGwCNIrLM_Ccd54feRs0U-m_LOdpL-eW9xN0KTxgB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6039413936631913&output=html&h=600&slotname=8748109901&adk=1834366228&adf=331172450&pi=t.ma~as.8748109901&w=240&fwrn=4&fwrnh=100&lmt=1644268523&rafmt=1&psa=0&format=240x600&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1644268523049&bpp=3&bdt=847&idt=193&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=839650267011&frm=20&pv=1&ga_vid=1565767891.1644268523&ga_sid=1644268523&ga_hid=1452253982&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=300&ady=188&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C21066430%2C31064730%2C31063246&oid=2&pvsid=2672716041387283&pem=795&tmod=254767015&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=TcSdoBEJNE&p=http%3A//fayloobmennik.cloud&dtd=202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 07 Feb 2022 21:15:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 07 Feb 2022 21:15:23 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame FCED 0
0 342ms
12ms Fetch 74.119.119.130
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=UMCIEs36RPAB2ATiIp0XAgAAADARNEMJawDLEOqLAWJXOsCTyLThC79RzQAS&wp=YgGL6wAGOdgIaAkYAAoRbKOYmRbmbQBCwbNDyQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.130 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 281259
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame B290 119 KB
42 KB 362ms
31ms Document
text/html 74.119.119.145
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=YgGL6wAGOdgIaAkYAAoRbKOYmRbmbQBCwbNDyQ&u=%7CNq45ni3R29my6VLL8T5Rw8ABFNTkmYFTFHEiEUEIB1w%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVmd9f7zZwQazspQUXosDipfUECCUJKlNPreLVgsLDdJzCpx224TbbFo0sJgz0WzuWgJ-iDtNiu10QB5C_ZAtuEFSR8pVGAJoI5kIa_XEV7PSjkn0eudBkX8bzHODUxPPYQ7dLmtNLoOy1CjhRdP0syg6aGluDtPIBnvLFMWdbY3m5RVEerJHpYSIojZtCD8zE4Gy3FyUJe9RIfWa27Fi2QvNWBygLVHw_jMoq1X2SvIlzNhqPW9opsBSGDNX-sPnm6T0xrs-z3AtD6a7kVCehsg19yoS050AUQdvLmgA2VFrjtdrRtrO9koaN4kdvz-xkFLBW3Cz5obUloiB4BxKK5DzP7xViGYN-2IeZ62sFJVc13z1zUSDkcbdIlA1-dy7orgJebFHpsiBoCMDqKK0o-qTnDf9uEp1KtgetJ41bqmGIk7VD7E_46T_QkZLS0nu6j26C0n4wf-r&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtAyD64sBYtjzGJiSoPMP7KKooAmcge-wXJrwqKp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjAzOTQxMzkzNjYzMTkxM6ABrN3-6APIAQmoAwGqBOUBT9AKiSU-y__9jh0JyxUh1QMIqkJaYpB_NsFDETaZuY5vepD7q1O1hHVbh7ze0xPT4m_tHuUiDPl4mxxZ6vlNtxeu9HW3zr0v96FieXTy0RdmmzxegShz9DFPzRDIssn7FOCmiyaKB8PmaHKDdc5AFBBEJR25qMEQxsrtcA5me6Sc9MQyd7tjbtrOEOf1SOEqrYkvVhUm8_FZ2RLwNkdK7OZg-lbcfS0pDi9RoQ3tiw4BJxPYsiTqEywgDpC3tFReH3G6Tae3F6hq1j59F3VzWdF-Qjvd7kHcWnofZA3LxInpsZ2ZjIAG_-O9s86DidtdoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35cErrnpxJ-6k6ujD9QVlHX9UtnA%26client%3Dca-pub-6039413936631913%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.145 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

08bae3bb661a3a077cc9245a1d654eaf6603033a7d155c3f1167459568308ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=F-Uk-rG_53nthSXkV0IIAIwn6m8M0dOYePMxQkQv7KG017xOltAbVQT8ACZtiHYdlb3DZmWSBS56j4uCls4KqbFmAxF0bJkqU_BxL9kuLtxoSLwCbAt6MxpWUwdSKEsSaxPRi0hbIJ6VIBPRqFAezHZ75PUwlHzh4gXHUMPAMFclGRsnmFgSNrmw5vCvINGYLtNUgHXakFDoCPxsM69l4E-avNZTOI3EYIMpexBkTUTpJ47l5116r870Iq1NhPEbmVacUZfKz239txvr"}], "max_age": 86400}
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 21453562
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

1 Show response
mc.yandex.ru/watch/1663429/
Redirect Chain

https://mc.yandex.ru/watch/1663429?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awin...
https://mc.yandex.ru/watch/1663429/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Aw...

350 B
432 B

105ms
104ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1663429/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A149277365423%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211523%3Aet%3A1644268524%3Ac%3A1%3Arn%3A793822485%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

4af394fb1b5e6300690d462513f13d74d51ffffb77a815d7c2c8a822e1a5205e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 07-Feb-2022 21:15:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fayloobmennik.cloud
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 07-Feb-2022 21:15:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:23 GMT
last-modified: Mon, 07-Feb-2022 21:15:23 GMT
location: /watch/1663429/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A1%3Adp%3A0%3Als%3A149277365423%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211523%3Aet%3A1644268524%3Ac%3A1%3Arn%3A793822485%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://fayloobmennik.cloud
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 07-Feb-2022 21:15:23 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
135 B 105ms
105ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
last-modified: Mon, 07 Feb 2022 09:29:50 GMT
etag: "6200bc5e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Feb 2022 22:15:23 GMT

GET
H/1.1 200
OK ya-share-cnt.html Show response
yastatic.net/share/ Frame D17B 3 KB
2 KB 101ms
101ms Document
text/html 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus

Requested by

Host: yastatic.net
URL: http://yastatic.net/share/share.js

Protocol

HTTP/1.1

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

7e29b8fa68a48c0fa32321c441c867176c5403716f3c7cf7e542b668c218cac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

Server: nginx/1.17.9
Date: Mon, 07 Feb 2022 21:15:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Content-Encoding: gzip
Etag: W/"b4410f26aa4a1448071c7f97e2a81e4c"
Expires: Thu, 10 Feb 2022 09:15:24 GMT
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Nginx-Request-Id: 2f16e45d3230a683

GET
H/1.1 200
OK b-share_counter_small.png
yastatic.net/share/static/ 1 KB
2 KB 100ms
99ms Image
image/png 178.154.131.215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://yastatic.net/share/static/b-share_counter_small.png

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

HTTP/1.1

Server

178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

e78b6d74434a2318e1f3907c0a621a7f7b5883614e7589f79c180fbdad59e943

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:23 GMT
Strict-Transport-Security: max-age=43200000; includeSubDomains;
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection: keep-alive
Content-Length: 1058
X-Nginx-Request-Id: 33ac3e4ccd09e9f7
Last-Modified: Wed, 24 Oct 2018 16:00:42 GMT
Server: nginx/1.17.9
Etag: "a41b8bd207e963b98646a45084f36f17"
Vary: Accept-Encoding
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216009
Accept-Ranges: bytes
Timing-Allow-Origin: *
Keep-Alive: timeout=5
Expires: Thu, 10 Feb 2022 09:10:59 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame FCED 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99a21bc264caef52c9a925e3d089c416356c0a574d0e6cfc4aae5b1c89437d29

Request headers

Accept-Language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.ru/watch/26812653/
Redirect Chain

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%...
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A...

331 B
366 B

105ms
105ms

XHR
application/json

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A1%3Als%3A562090236659%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211524%3Aet%3A1644268524%3Ac%3A1%3Arn%3A677678874%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C1742%2C7%2C%2C%2C%2C2183%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29mc%28cm-1-tl-1%29aw%281%29ti%282%29

Requested by

Host: fayloobmennik.cloud
URL: http://fayloobmennik.cloud/7436828

Protocol

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

22d13ef0a71d176653d3d5a0c5860f9f8945b4121822aee537399147e3f0dba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 07-Feb-2022 21:15:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fayloobmennik.cloud
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 07-Feb-2022 21:15:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:24 GMT
last-modified: Mon, 07-Feb-2022 21:15:24 GMT
location: /watch/26812653/1?wmode=7&page-url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.11.3%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o0yuamw2yn%3Afp%3A834%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A751%3Acn%3A2%3Adp%3A1%3Als%3A562090236659%3Ahid%3A537425886%3Az%3A0%3Ai%3A20220207211524%3Aet%3A1644268524%3Ac%3A1%3Arn%3A677678874%3Arqn%3A1%3Au%3A16442685241011256038%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1644268521759%3Ads%3A134%2C142%2C163%2C1%2C0%2C0%2C%2C1742%2C7%2C%2C%2C%2C2183%3Aco%3A0%3Arqnl%3A1%3Ast%3A1644268524%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20Base158.rar&t=gdpr%2814%29mc%28cm-1-tl-1%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://fayloobmennik.cloud
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 07-Feb-2022 21:15:24 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B290 2 KB
1 KB 335ms
10ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=YgGL6wAGOdgIaAkYAAoRbKOYmRbmbQBCwbNDyQ&u=%7CNq45ni3R29my6VLL8T5Rw8ABFNTkmYFTFHEiEUEIB1w%3D%7C&c1=glLBMxGOcDmQGKFCkwwVVmd9f7zZwQazspQUXosDipfUECCUJKlNPreLVgsLDdJzCpx224TbbFo0sJgz0WzuWgJ-iDtNiu10QB5C_ZAtuEFSR8pVGAJoI5kIa_XEV7PSjkn0eudBkX8bzHODUxPPYQ7dLmtNLoOy1CjhRdP0syg6aGluDtPIBnvLFMWdbY3m5RVEerJHpYSIojZtCD8zE4Gy3FyUJe9RIfWa27Fi2QvNWBygLVHw_jMoq1X2SvIlzNhqPW9opsBSGDNX-sPnm6T0xrs-z3AtD6a7kVCehsg19yoS050AUQdvLmgA2VFrjtdrRtrO9koaN4kdvz-xkFLBW3Cz5obUloiB4BxKK5DzP7xViGYN-2IeZ62sFJVc13z1zUSDkcbdIlA1-dy7orgJebFHpsiBoCMDqKK0o-qTnDf9uEp1KtgetJ41bqmGIk7VD7E_46T_QkZLS0nu6j26C0n4wf-r&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtAyD64sBYtjzGJiSoPMP7KKooAmcge-wXJrwqKp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjAzOTQxMzkzNjYzMTkxM6ABrN3-6APIAQmoAwGqBOUBT9AKiSU-y__9jh0JyxUh1QMIqkJaYpB_NsFDETaZuY5vepD7q1O1hHVbh7ze0xPT4m_tHuUiDPl4mxxZ6vlNtxeu9HW3zr0v96FieXTy0RdmmzxegShz9DFPzRDIssn7FOCmiyaKB8PmaHKDdc5AFBBEJR25qMEQxsrtcA5me6Sc9MQyd7tjbtrOEOf1SOEqrYkvVhUm8_FZ2RLwNkdK7OZg-lbcfS0pDi9RoQ3tiw4BJxPYsiTqEywgDpC3tFReH3G6Tae3F6hq1j59F3VzWdF-Qjvd7kHcWnofZA3LxInpsZ2ZjIAG_-O9s86DidtdoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBQiAYRAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_35cErrnpxJ-6k6ujD9QVlHX9UtnA%26client%3Dca-pub-6039413936631913%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame B290 2 KB
1 KB 335ms
11ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B290 308 B
636 B 332ms
10ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame B290 507 B
835 B 337ms
16ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/m/delivery/ Frame B290 43 B
347 B 49ms
14ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/m/delivery/lg.php?cppv=3&cpp=VQDdxyuHXTUQ4DM9lhgpApbajIGZQBAJ6jaFdbITihYLE98sM_16oO96NhYbgUaOfuhw1L1hQ5YOINBbgwDw2Qa58xU0RUnQGPNQJKuOU-_6XvPniMoIgxAFXeQX2su-cgRSh0XFiDc-i_gYBP-kKn4pakV1Df9kUT9SkHNTaFOfK8oIIAUF3FSbAVEa3k2kQ8BV2d4EbEzIkKhi5nwM7EEVpjQbzKyhxxhD-utzZ5jNRnunc61KD8v2qlmi8kbmF7njFd238arxx3_ZlEugS_cmS5z4f-8nFSilfom3x3M63CXC70VNVby6jVHBmbIrngcB-MT9BeKGdz_U06dvbE04k4ajX1mzQUnmH9mZxyOtG45V8p_GcCO7jdDGPx88mXrgfgNZ8uf4epYdGTWwIlwVT3eaio4Kt0kZEeeiZocY7pSbqU4azZ_Cxzz16IZizvxo_A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3952945
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B290 12 KB
5 KB 344ms
16ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1017209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0PuVTWhYaujFK08DjbLe3C1PC8Zq%2B8WdGxlFEG4aSWRJN2CHn2et95%2Fcvjx8%2F82gOM2qMHMPYSnN4qVMILzmwRM4aftqoj4FsIFiwmqT3KkJK%2FG3nt1SNbYVeZKTQqWl3mXrto2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9fa2257a9d1a0b-EWR
expires: Sat, 28 Jan 2023 21:15:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B290 12 KB
6 KB 318ms
12ms Script
text/javascript 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 3901e7f1076548768dd426f395d925f6_museosans_500.woff
static.criteo.net/design/dt/ Frame B290 27 KB
27 KB 333ms
12ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3901e7f1076548768dd426f395d925f6_museosans_500.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 21:18:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d88a8-6a5c"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 28fcfa86be334577b34eff57e29a5b22_img_vertical_1.jpg
static.criteo.net/design/dt/29575/211213/ Frame B290 536 KB
536 KB 12ms
10ms Image
image/jpeg 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/29575/211213/28fcfa86be334577b34eff57e29a5b22_img_vertical_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

52c33516c01e8c88fc5c97c3f201260d7f71870d14c30a4fb3e1b5d19c478152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
last-modified: Mon, 13 Dec 2021 16:35:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61b7766f-85edd"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 548573
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame B290 21 KB
21 KB 41ms
10ms Image
image/png 74.119.119.137
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1196&m=0&partner=29575&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F29575%2F211213%2Ffa6b370eea9e44da97f4647870c5c522_bmdwhite-logo.png&v=3&w=476&s=C4Mq1Bd476ntWhKNP_wpOPeq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.137 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

pix.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

95f96ce012ff5c1b7a2e7037deca82eb90d14367ddba9d75547b409dd879535c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29492295
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21539
expires: Sun, 15 Jan 2023 05:33:39 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame B290 0
127 B 51ms
11ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=F-Uk-rG_53nthSXkV0IIAIwn6m8M0dOYePMxQkQv7KG017xOltAbVQT8ACZtiHYdlb3DZmWSBS56j4uCls4KqbFmAxF0bJkqU_BxL9kuLtxoSLwCbAt6MxpWUwdSKEsSaxPRi0hbIJ6VIBPRqFAezHZ75PUwlHzh4gXHUMPAMFclGRsnmFgSNrmw5vCvINGYLtNUgHXakFDoCPxsM69l4E-avNZTOI3EYIMpexBkTUTpJ47l5116r870Iq1NhPEbmVacUZfKz239txvr&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 21:15:23 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B290 2 KB
1 KB 33ms
31ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B290 2 KB
1 KB 16ms
14ms Image
image/svg+xml 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H/1.1 204
No Content / Show response
share.yandex.net/counter/gpp/ Frame D17B 0
64 B 621ms
104ms Script
text/plain 87.250.251.101
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://share.yandex.net/counter/gpp/?callback=services.gplus.cb&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828
Requested by: Host: yastatic.net
URL: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 87.250.251.101 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: spec-promo-external-balancer.yandex.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:24 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame D17B 93 B
680 B 813ms
124ms Script
text/javascript 94.100.180.54
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=services.moimir.cb&callback=1&url_list=http%3A%2F%2Ffayloobmennik.cloud%2F7436828

Requested by

Host: yastatic.net
URL: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.54 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

6a8176f88e02a3890ba1761c83efbffda8196dd67d30828774b6250a071fdb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 21:15:24 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 93
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 dk Show response
connect.ok.ru/ Frame D17B 25 B
2 KB 574ms
121ms Script
application/javascript 217.20.155.208
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklocs0&ref=http%3A%2F%2Ffayloobmennik.cloud%2F7436828

Requested by

Host: yastatic.net
URL: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fql.query Show response
api.facebook.com/method/ Frame D17B 403 B
618 B 548ms
86ms Script
text/javascript 157.240.3.20
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/fql.query?query=select%20%20like_count%2C%20total_count%2C%20share_count%2C%20click_count%20from%20link_stat%20where%20url=%22http%3A%2F%2Ffayloobmennik.cloud%2F7436828%22&format=json&callback=services.facebook.cb

Requested by

Host: yastatic.net
URL: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.3.20 Seattle, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-shv-01-sea1.facebook.com

Software

Resource Hash

3b11505e07d58d1e8b9e0fbb8d14b3994779b4594d1316bc87ea349ae9ec9112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: /I3S9p24sPQlpl5TO6K6En+BZAZi85wumrECgwM2g6Wb48IdzE35C38aWSqJKihlWSrHOddIeqcCLotB+6bzpw==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: C7wD0swJBgY
date: Mon, 07 Feb 2022 21:15:24 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AfkSLshMKtkB_eigRS-ZrhH
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1005033606
facebook-api-version: v6.0
content-length: 257
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ Frame D17B 21 B
479 B 331ms
119ms Script
text/html 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828

Requested by

Host: yastatic.net
URL: http://yastatic.net/share/ya-share-cnt.html?url=http%3A%2F%2Ffayloobmennik.cloud%2F7436828&services=vkontakte,facebook,twitter,odnoklassniki,moimir,gplus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.110114

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
x-frontend: front224007
server: kittenx
x-powered-by: KPHP/7.4.110114
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff
static.criteo.net/design/dt/ Frame B290 16 KB
17 KB 14ms
13ms Font
application/octet-stream 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e415b53e2fa2455db9024e67a8095ff7_tradegothicltstd-bdcn20.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:24 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 21:16:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"618d8813-41d8"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 02 Feb 2023 21:15:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 346ms
30ms XHR
application/json 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

22c1125a971b68bf6713d2c31f158b97a94582479206c6f817c1b3d1c0b9225c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 21:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9901
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCED 42 B
174 B 281ms
63ms Fetch
image/gif 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss77URf7h2nxxVwuFr-x_2GgcyCuAidfuWhfntyfY8OpXR4AvORvyk5oCU1hhmF4sFWy2-wuZMerKpOlkkOqvuo&sig=Cg0ArKJSzCBGlxu9n1WUEAE&id=lidar2&mcvt=1000&p=0,0,600,240&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1834366228&rs=2&la=0&cr=0&vs=4&r=v&rst=1644268523252&rpt=748&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame B290 0
127 B 10ms
10ms Ping
text/plain 74.119.119.149
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Accept-Language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 21:15:24 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
38ms Script
text/javascript 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 21:15:25 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6818 13 KB
5 KB 4ms
3ms Document
text/html 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 20:43:58 GMT
expires: Tue, 07 Feb 2023 20:43:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 447C 783 B
1 KB 344ms
25ms Document
text/html 142.251.40.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f4.1e100.net

Software

GSE /

Resource Hash

b005727cc1f8834292fc08b50895b4c0b4e3bea50147d45bf0e561978379eb9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fkOfnuw+Axnskm/Zn0O3Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Feb 2022 21:15:25 GMT
date: Mon, 07 Feb 2022 21:15:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fkOfnuw+Axnskm/Zn0O3Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6818 36 KB
14 KB 5ms
4ms Script
text/javascript 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wi15CXa8h7AfaunZlm4u5xWjD8ePEZy_mQ_gnQzqsAI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

sffe /

Resource Hash

c22d790976bc87b01f6ae9d9966e2ee715a30fc78f119cbf990fe09d0ceab002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 20:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13823
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 20:46:16 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 6818 0
39 B 3ms
3ms Image
text/plain 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u2TrzQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.80.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s33-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 447C 0
0 70ms
70ms Image
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220203&jk=2672716041387283&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lax30s03-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 28fcfa86be334577b34eff57e29a5b22_img_vertical_1.jpg
static.criteo.net/design/dt/29575/211213/ Frame B290 536 KB
536 KB 12ms
10ms Image
image/jpeg 74.119.119.131
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/29575/211213/28fcfa86be334577b34eff57e29a5b22_img_vertical_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

52c33516c01e8c88fc5c97c3f201260d7f71870d14c30a4fb3e1b5d19c478152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:15:25 GMT
last-modified: Mon, 13 Dec 2021 16:35:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61b7766f-85edd"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 548573
expires: Thu, 02 Feb 2023 21:15:25 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 67ms
67ms Image
image/gif 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220203&jk=2672716041387283&bg=!bG-lbyvNAAa4sGsQuLA7ACkAdvg8WiYYHvp6x68t87sEU3SxpzB9I6fbpi1lFDp0iFEH2uAkXMfs2QIAAABsUgAAAAhoAQcKAHMCoXV17pabUMu5BD3DzgQ2RhaJqDsduudpzKwhTp7IljeAK2o51JdbUZkXinQNWOqPMdjvLdbhF6Iahofr0hVVp5JZ3cwS_PYQ_AiZ9EOjSWyTO6_CTGtAVc6WGH7ljmKKW34XWisonjN3aYVB_JYRTHxlmQKvTormSTfrR5VxOn5fa-EcdeEsvFTXqBn8Q5M2FnnXYKRkudgbpfA9kdTjI60Lz-44sTE7aM6EcbJRcbmUrhDqx6bc9oXI9uQLb54bCudycUU32eBjO6K2T325NZozD5N8ewkisPm1x1CPjUID1S8Hm6c4-4c19jPiE2EOnmNrNonGrvDGHFDPG7kLwXpAZIMeCC5mZkCD3ZFEl7NA7EiufM18c8Jb5ApgncMfDVQ7BK29660ZlYyQU-2D6S5bmfjHEMYh-i8OYNDsXeOW7W40XZJfI5zViWfpw3ulcYTkOgi5v33H9VmUPakb_7MJSsbBFxvvOsfnXaWGjC2P1vebc4pivPr-TpzK8eYyUtfICPjkKPu4G6kk6kOYjPtNSdCtoOOAx2kGgE4IPOa8K56vTWnmKFVBJlfHG4m0JEpFQkOGU8Afw3F-UKE1Fpl0edHQMmXX-e83Pew5RInwKAfU1cILP_4qQ0kVUL1oIbAQFmSc0muDf_2cVyiI72guUjto8t8sffHD_XEUvrQaAwRJedLPKZwKr_kcAA3D6jXQyiv2sPQZgDt4d0GkSUIRVcsbNzKxSre7h57RrVeA6g0oJmUQTqPWFY93wRBjJtQ5n8-akqzCsZBOJGIFxIe5li8AydB1m5ExwZWUiiIBOPLgxzgsEjTmNwWRWYWg2FUQr3XvORxVzXuXOiWE4iEg3olG2SOKRnMNiKar-Y3t_1QUjuLOch2h6vlaAtjK7wcpapP8OAJ8YKlJm-hHxThNWeLNrFIYm0nOowkFlT_k34DxmlcoCQFfnRIv5HxK8nK3vkJdfAPIk5S58nyxerZgvRU-392g-Q0oAbZi5-hAhEaeHvMhoNhRtuLoSMdk7dtgU5prar9NfkATt1ZIGD2HjAsN9evZSQ1AaKPplwc2xJxn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9
Referer: http://fayloobmennik.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 21:15:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fayloobmennik.cloud/	1970-01-20 00:44:42	Name: dkos Value: u7q3gv074bgnkvmt5u08b5nh64
.fayloobmennik.cloud/	1970-01-20 10:06:04	Name: __gads Value: ID=ca87883132a04ab4-226d4b4ab6cf005f:T=1644268523:RT=1644268523:S=ALNI_Mb6xTbuGysmltp12Vy3KXJPW6Ivhg
.doubleclick.net/	1970-01-20 18:15:40	Name: IDE Value: AHWqTUk0lwp6qK8KpmkA1HnhKbaENL4rUKyb4V4Jq1nmyztksfJLOh5r1K6OPNPo0v8
.doubleclick.net/	1970-01-20 00:44:29	Name: test_cookie Value: CheckForPermission
.fayloobmennik.cloud/	1970-01-20 09:30:04	Name: _ym_uid Value: 16442685241011256038
.fayloobmennik.cloud/	1970-01-20 09:30:04	Name: _ym_d Value: 1644268524
.fayloobmennik.cloud/	1970-01-20 00:45:40	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 09:30:04	Name: yandexuid Value: 3527465661644268524
.yandex.ru/	1970-01-20 09:30:04	Name: yuidss Value: 3527465661644268524
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 110857051644268524
.yandex.ru/	1970-01-23 16:20:28	Name: i Value: 91K4PS2DadourBYYetqa4cQIHAIPVKO20jlpfsgAmbT/d0kTWM+XO16MuGIpAIo5HBQa9b7ER1+LLNHnNfZwcBU56+k=
.yandex.ru/	1970-01-20 09:30:04	Name: ymex Value: 1675804524.yrts.1644268524#1675804524.yrtsi.1644268524
.vk.com/	1970-01-20 09:37:38	Name: remixlang Value: 3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
api.facebook.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
code.jquery.com
connect.mail.ru
connect.ok.ru
csm.us.criteo.net
fayloobmennik.cloud
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.va.us.criteo.com
share.yandex.net
static.criteo.net
tpc.googlesyndication.com
vk.com
www.google.com
www.googletagservices.com
yastatic.net
104.16.19.94
142.250.64.98
142.250.72.98
142.250.80.1
142.250.80.2
142.251.40.164
142.251.40.226
157.240.3.20
172.217.165.130
178.154.131.215
217.20.155.208
31.184.194.236
69.16.175.42
74.119.119.130
74.119.119.131
74.119.119.137
74.119.119.145
74.119.119.147
74.119.119.149
87.240.190.67
87.250.251.101
87.250.251.119
94.100.180.54
0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2
08bae3bb661a3a077cc9245a1d654eaf6603033a7d155c3f1167459568308ade
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1cb1f8f1b4507a6968eea2dd181bdc0f8617d395ab4854fc4a94d1114716bedf
1dd8ccee912d3f0192274a8f5855c519c148d5ae3e4ef1fa5ef04690783dfcf7
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
223ff4f7605d9f9fddfc750aa256373f96869ffc4852964f46c246e4b67fcddb
22c1125a971b68bf6713d2c31f158b97a94582479206c6f817c1b3d1c0b9225c
22d13ef0a71d176653d3d5a0c5860f9f8945b4121822aee537399147e3f0dba2
32a0c85e2263187f149c3f876096efd80271d477c5f308c084b27e6ff101e998
38253ad3d3f18237cd8f956c9898cb1a2ac1e3b3e4a1ce7dada9ffec4ded8c0a
3b11505e07d58d1e8b9e0fbb8d14b3994779b4594d1316bc87ea349ae9ec9112
437092998007531a51f00dd90ebb68448975e813d15a3f767e1e7d5888b17578
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4af394fb1b5e6300690d462513f13d74d51ffffb77a815d7c2c8a822e1a5205e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52c33516c01e8c88fc5c97c3f201260d7f71870d14c30a4fb3e1b5d19c478152
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fb467ca759c60a10f57e3ecb951e3938557796c10ba540dc31155526716f0ae
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a8176f88e02a3890ba1761c83efbffda8196dd67d30828774b6250a071fdb64
6b8c59ac0a5085a730ea4a6742a18f078bfc3848ccb082f629fff11b576c6901
6baa1e93b604608d8613d4f1ea5279d1b8c3c55bdfd9213ed7c2d7c0956cfa76
7e29b8fa68a48c0fa32321c441c867176c5403716f3c7cf7e542b668c218cac2
8bddf400b179123d5e0a376203087cd3b664fc1542d5510b3b132245db886446
8bf51ae87263999eff3fd65b3948cc8605f35da3a853399205240d802f5cc12d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9181f490fa54d2993853622fbcd091d405ee3724a3e537a0df8747ccd1595b14
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
95f96ce012ff5c1b7a2e7037deca82eb90d14367ddba9d75547b409dd879535c
99a21bc264caef52c9a925e3d089c416356c0a574d0e6cfc4aae5b1c89437d29
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acb5f6b811304e63584b2a2712d8f04121781c05ee22dc218627fc0b25299485
b005727cc1f8834292fc08b50895b4c0b4e3bea50147d45bf0e561978379eb9a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b215b8f129801d9802b0ba39133991f6072d0bfe5d22f77f2694ad1640454767
b88129b3c959f6dc65940ef5a70c83983e77bbcd9ade261b920da66f42d7f916
c22d790976bc87b01f6ae9d9966e2ee715a30fc78f119cbf990fe09d0ceab002
c3f017417990fc441fcab7b3f31b12cf99d2602ebe2a4c41707750a30d352972
c4903fa530d51c564867489760f119736ec20a22f0c044e10d88ebcb3d7e0fba
d2f490d3ef75b1e7708b164ad1845d80e81f73e0ea5a696e83034fb286dbcd71
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78b6d74434a2318e1f3907c0a621a7f7b5883614e7589f79c180fbdad59e943
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

fayloobmennik.cloud Open in urlscan Pro 31.184.194.236 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

71 %HTTPS

0 %IPv6

17 Domains

23 Subdomains

24 IPs

3 Countries

1599 kBTransfer

2335 kBSize

13 Cookies

8 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

fayloobmennik.cloud Open in urlscan Pro
31.184.194.236 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

71 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

24
IPs

3
Countries

1599 kB
Transfer

2335 kB
Size

13
Cookies

62 HTTP transactions
2 data transactions