urlscan.io logo urlscan.io
SecurityTrails logo

1275.ru Open in urlscan Pro
172.67.140.84  Public Scan

Go To Rescan Add Verdict Report
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Submission: On March 16 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 12 countries across 40 domains to perform 136 HTTP transactions. The main IP is 172.67.140.84, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1275.ru.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2023. Valid for: 3 months.
This is the only time 1275.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 172.67.140.84 13335 (CLOUDFLAR...)
8 22 77.88.55.60 208722 (GLOBAL_DC)
1 104.16.87.20 13335 (CLOUDFLAR...)
3 15 87.250.250.119 208722 (GLOBAL_DC)
1 95.216.200.119 24940 (HETZNER-AS)
15 178.154.131.215 208722 (GLOBAL_DC)
1 2 149.5.244.255 174 (COGENT-174)
1 25 213.180.193.90 208722 (GLOBAL_DC)
3 87.250.247.183 208722 (GLOBAL_DC)
3 87.250.251.15 208722 (GLOBAL_DC)
1 1 87.250.254.45 208722 (GLOBAL_DC)
1 185.70.202.8 6762 (SEABONE-N...)
1 87.250.250.114 208722 (GLOBAL_DC)
1 1 35.177.4.157 16509 (AMAZON-02)
3 3 157.90.179.28 24940 (HETZNER-AS)
1 1 193.3.184.200 50214 (QWARTA)
3 4 203.195.121.142 7979 (SERVERS-COM)
1 2 13.230.123.188 16509 (AMAZON-02)
1 3 52.74.90.199 16509 (AMAZON-02)
1 52.45.175.185 14618 (AMAZON-AES)
3 142.251.42.162 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
1 1 194.226.130.228 52016 (TNSMSK-)
2 2 37.18.16.23 205675 (HYBRID-AS)
2 2 185.15.175.144 43226 (SAFEDATA ...)
2 2 108.129.32.233 16509 (AMAZON-02)
1 1 167.235.7.148 24940 (HETZNER-AS)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 1 23.88.12.14 24940 (HETZNER-AS)
1 1 91.192.149.30 42481 (BEGUN-AS)
2 2 193.232.148.140 48061 (UMA-TECH-AS)
2 2 35.190.24.218 15169 (GOOGLE)
1 104.26.15.69 13335 (CLOUDFLAR...)
1 1 185.98.54.153 39572 (ADVANCEDH...)
2 2 217.66.147.42 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 2 95.217.109.66 24940 (HETZNER-AS)
1 1 88.212.201.204 ()
2 81.222.128.213 20597 (ELTEL-AS)
1 87.242.89.90 208677 (SBERCLOUD-AS)
1 31.172.81.158 44066 (DE-FIRSTC...)
1 148.251.4.142 24940 (HETZNER-AS)
2 2 89.108.119.43 197695 (AS-REG)
1 1 45.9.26.83 ()
1 1 87.242.93.185 ()
2 3 142.251.42.130 15169 (GOOGLE)
2 6 142.250.196.98 ()
2 6 172.217.175.36 ()
6 142.251.222.3 ()
136 29
25    172.67.140.84 (United States)

ASN13335 (CLOUDFLARENET, US)
1275.ru
22    77.88.55.60 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: yandex.ru
yandex.ru
1    104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    87.250.250.119 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: mc.yandex.ru
mc.yandex.ru
1    95.216.200.119 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: moderate5.cleantalk.org
moderate5.cleantalk.org
15    178.154.131.215 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: static.yandex.net
yastatic.net
2    149.5.244.255 (United States)

ASN174 (COGENT-174, US)
mc.webvisor.org
25    213.180.193.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
3    87.250.247.183 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: avatars.mds.yandex.net
avatars.mds.yandex.net
3    87.250.251.15 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: log.strm.yandex.ru
log.strm.yandex.ru
1    87.250.254.45 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: rtc-strm.yandex.ru
strm.yandex.ru
1    185.70.202.8 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)
ext-strm-itt06.strm.yandex.net
1    87.250.250.114 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: ysa-static.passport.yandex.net
ysa-static.passport.yandex.ru
1    35.177.4.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com
px.arcspire.io
3    157.90.179.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1487986.sapientru.net
acint.net
1    193.3.184.200 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
4    203.195.121.142 (Singapore)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    13.230.123.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-123-188.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
3    52.74.90.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-90-199.ap-southeast-1.compute.amazonaws.com
match.360yield.com
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
3    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
cm.g.doubleclick.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    194.226.130.228 (Russian Federation)

ASN52016 (TNSMSK-, RU)
cm.tns-counter.ru
2    37.18.16.23 (Russian Federation)

ASN205675 (HYBRID-AS, DE)
dm.hybrid.ai
2    185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    108.129.32.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-32-233.eu-west-1.compute.amazonaws.com
euw-ice.360yield.com
1    167.235.7.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.7.235.167.clients.your-server.de
exchange.buzzoola.com
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    23.88.12.14 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de
nr.bidderstack.com
1    91.192.149.30 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    193.232.148.140 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.sender.ltmse.com
px.adhigh.net
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    104.26.15.69 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb-eu-warsaw.intent.ai
1    185.98.54.153 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    217.66.147.42 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
1    88.212.201.204 (None, )

ASN- ()
counter.yadro.ru
2    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
sync.1dmp.io
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de
sync.dmp.otm-r.com
2    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
1    45.9.26.83 (None, )

ASN- ()
yandex-dmp-sync.rutarget.ru
1    87.242.93.185 (None, )

ASN- ()
yandex-sync.rutarget.ru
3    142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
www.googleadservices.com
6    142.250.196.98 (None, )

ASN- ()
googleads.g.doubleclick.net
6    172.217.175.36 (None, )

ASN- ()
www.google.com
6    142.251.222.3 (None, )

ASN- ()
www.google.co.jp
Apex Domain
Subdomains		 Transfer
67 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1730
mc.yandex.ru — Cisco Umbrella Rank: 3749
an.yandex.ru — Cisco Umbrella Rank: 3601
log.strm.yandex.ru — Cisco Umbrella Rank: 21350
strm.yandex.ru — Cisco Umbrella Rank: 18350
ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 30327
217 KB
25 1275.ru
1275.ru
242 KB
15 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7398
451 KB
9 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net
8 KB
6 google.co.jp
www.google.co.jp
995 B
6 google.com
www.google.com
1 KB
5 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2213
euw-ice.360yield.com — Cisco Umbrella Rank: 12945
1 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1603
3 KB
4 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 9126
ext-strm-itt06.strm.yandex.net — Cisco Umbrella Rank: 296382
1 MB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 171
16 KB
3 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 40204 Failed
tech.rtb.mts.ru — Cisco Umbrella Rank: 47864
2 KB
3 acint.net
acint.net — Cisco Umbrella Rank: 26782
1 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
837 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 18282
1 KB
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 29012
402 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 75258
976 B
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11767
593 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 18781
812 B
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 24619
1 KB
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 34294
833 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 28099
885 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 20496
69 B
1 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3808
390 B
1 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 15405
155 B
1 yadro.ru
counter.yadro.ru
332 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10851
205 B
1 intent.ai
rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 75027
824 B
1 rambler.ru
profile.ssp.rambler.ru — Cisco Umbrella Rank: 49627
244 B
1 bidderstack.com
nr.bidderstack.com — Cisco Umbrella Rank: 5192
403 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 39145
262 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 23927
178 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 76248
386 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1842
468 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12904
241 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 31755
698 B
1 arcspire.io
px.arcspire.io — Cisco Umbrella Rank: 71920
317 B
1 cleantalk.org
moderate5.cleantalk.org — Cisco Umbrella Rank: 608915
364 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
85 KB
0 whiteboxdigital.ru Failed
mitdmp.whiteboxdigital.ru Failed
136 40
Domain Requested by
25 an.yandex.ru 1 redirects yandex.ru
25 1275.ru 1275.ru
22 yandex.ru 8 redirects 1275.ru
yandex.ru
yastatic.net
15 yastatic.net yandex.ru
yastatic.net
1275.ru
15 mc.yandex.ru 3 redirects cdn.jsdelivr.net
yastatic.net
mc.yandex.ru
6 www.google.co.jp
6 www.google.com 2 redirects
6 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
4 ads.betweendigital.com 3 redirects
3 www.googleadservices.com 2 redirects yastatic.net
3 cm.g.doubleclick.net
3 match.360yield.com 1 redirects
3 acint.net 3 redirects
3 log.strm.yandex.ru yandex.ru
yastatic.net
3 avatars.mds.yandex.net
2 x01.aidata.io 2 redirects
2 ssp.adriver.ru
2 sonar.semantiqo.com 1 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 px.adhigh.net 2 redirects
2 sm.rtb.mts.ru
2 euw-ice.360yield.com 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 dm.hybrid.ai 2 redirects
2 dpm.demdex.net 1 redirects
2 mc.webvisor.org 1 redirects
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 sync.dmp.otm-r.com
1 sync.bumlam.com
1 sync.1dmp.io
1 counter.yadro.ru 1 redirects
1 tech.rtb.mts.ru 1 redirects
1 s.uuidksinc.net 1 redirects
1 rtb-eu-warsaw.intent.ai
1 profile.ssp.rambler.ru 1 redirects
1 nr.bidderstack.com 1 redirects
1 match.new-programmatic.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 cm.tns-counter.ru 1 redirects
1 t.adx.opera.com
1 im.bluevoox.com
1 ssp-rtb.sape.ru 1 redirects
1 px.arcspire.io 1 redirects
1 ysa-static.passport.yandex.ru
1 ext-strm-itt06.strm.yandex.net
1 strm.yandex.ru 1 redirects
1 moderate5.cleantalk.org
1 cdn.jsdelivr.net 1275.ru
0 mitdmp.whiteboxdigital.ru Failed
136 50

This site contains links to these domains. Also see Links.

Domain
g-soft.info
Subject Issuer Validity Valid
*.1275.ru
GTS CA 1P5		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA		 2022-09-12 -
2023-09-24		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-21 -
2023-04-21		 6 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018		 2022-03-04 -
2023-04-05		 a year crt.sh
log.strm.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2022-12-16 -
2023-05-15		 5 months crt.sh
ysa-static.passport.yandex.net
GlobalSign ECC OV SSL CA 2018		 2023-03-06 -
2023-10-06		 7 months crt.sh
*.intent.ai
GTS CA 1P5		 2023-02-10 -
2023-05-11		 3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh
sync.1dmp.io
R3		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.bumlam.com
R3		 2023-02-09 -
2023-05-10		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Frame ID: BDF6325261065FF3833E12535E3D9D41
Requests: 72 HTTP requests in this frame

Frame: https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678939200
Frame ID: CE09A120AA1FDB881E139B49E55901B2
Requests: 6 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: E0A566E5F160F143365B2C878639CB92
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ALC Ransomware IOCs - SEC-1275-1

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

136
Requests

72 %
HTTPS

0 %
IPv6

40
Domains

50
Subdomains

29
IPs

12
Countries

2205 kB
Transfer

4600 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1125801428483%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A597524417%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Ast%3A1678946901&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1125801428483%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A597524417%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Ast%3A1678946901&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 31
  • https://mc.yandex.ru/watch/89548966?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A720781372377%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A991980355%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Arqnl%3A1%3Ast%3A1678946901%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/89548966/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A720781372377%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A991980355%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Arqnl%3A1%3Ast%3A1678946901%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 47
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9944.x14HNBPw-8cdqNyCGXcjkmbJIaO_Gi_-jYFtf2gkOPPr9N_hIHVghNRWR0c4hrDF.2y_t4nv4a7jv90gLotp7KHzjars%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9944.epSciuMlW3PszebS_8hWa9WXrEKAtaepuFLI5U1ZaAb6gmN0U13TN1aM5xkbMQ0UeuXORI1kLULfs7iAibaZi-QBB9zmxNSe2LxrZM2BuJr28VDveH5-fqx-e_F6LlcPGboc8IPyBG5iwj3V5mXWi_mxsm6gHoHtRppjxUVw7BWG1dL7FqmVfLG1Z7ljNaJCgABI44iBGRhU00dpE8OXnZ11h4DMAERLuwd7XhcfNy8%2C.mE1LarJoYCUwmALGXROVIvjoTGY%2C
Request Chain 73
  • https://strm.yandex.ru/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902 HTTP 302
  • https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&noredir=1&lid=1529
Request Chain 75
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
  • https://an.yandex.ru/mapuid/arcspireis/f21b03b046541740ac215b
Request Chain 76
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=1D03420A5DB21264ED00DC4102D07B54&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/sapeis/0A0909B05BB212644704C1B9025C6F6F
Request Chain 77
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/13008e1d-5bc9-544b-b704-ca41d316781b
Request Chain 78
  • https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=9EA2D93F0233AEEB HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9EA2D93F0233AEEB
Request Chain 79
  • https://yandex.ru/an/mapuid/azerionis/ HTTP 302
  • https://match.360yield.com/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
  • https://match.360yield.com/ul_cb/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect
Request Chain 81
  • https://yandex.ru/an/mapuid/betweenx/ HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5291EA53B494B0EE HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5291EA53B494B0EE&crf=1
Request Chain 82
  • https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=5E4FC251AEAE8E9F
Request Chain 84
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 85
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 86
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Request Chain 87
  • https://yandex.ru/an/mapuid/operacom/ HTTP 302
  • https://t.adx.opera.com/sync?vendor=60143&uid=F3D8335DFEFF061
Request Chain 89
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/7b7ff066cb2985834a1a109a5ea7e0a59493a8d0ea799a96481c3063f235fd17
Request Chain 90
  • https://dm.hybrid.ai/match?id=182 HTTP 302
  • https://an.yandex.ru/mapuid/targetixis/e6800117184a74d54143
Request Chain 91
  • https://dm.hybrid.ai/yandexdmp-match HTTP 302
  • https://an.yandex.ru/mapuid/dmphybridai/031300bd442654554540?sign=2481009214
Request Chain 92
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1678946902 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678946906998&i=1678946902 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/xbE-FFMNb3cJnGW7C3pP
Request Chain 93
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
  • https://an.yandex.ru/mapuid/azerionis/5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67 HTTP 302
  • https://match.360yield.com/match?external_user_id=5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67&publisher_dsp_id=429&publisher_call_type=redirect
Request Chain 94
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/9318f69c-f2f1-4d19-4668-823de6b75f3b
Request Chain 95
  • https://kimberlite.io/rtb/sync/yandex HTTP 307
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FZBKyXJxH12Y%26n%3D1 HTTP 301
  • https://kimberlite.io/rtb/sync/buzzoola?u=8f2e9901-8273-4119-6a66-be92627b62be&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBKyXJxH12Y&n=1 HTTP 307
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBKyXJxH12Y HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBKyXJxH12Y HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c10091fb-3069-4832-9ca5-e82198c2fd79&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FwQCR-zBpSDKcpeghmML9eQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D140574055 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/wQCR-zBpSDKcpeghmML9eQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=140574055 HTTP 302
  • https://sm.rtb.mts.ru/em?next=59&em=0
Request Chain 96
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/
Request Chain 98
  • https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
  • https://an.yandex.ru/mapuid/hyperdspis/62c8ed60-43fa-4614-89a0-8442543b2116
Request Chain 99
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/
Request Chain 100
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/5CDWWxEQY1X.AikABlGG6Qi6Jw
Request Chain 101
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1084006634 HTTP 302
  • https://an.yandex.ru/mapuid/dmpweborama/MCv0InYV6uwChNA/DGAbw.
Request Chain 103
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/RTcrQFCHPLQBAs1OHbWe
Request Chain 104
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=c1e763a0-4a0a-449b-b4fb-53036eb7e260&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fc1e763a0-4a0a-449b-b4fb-53036eb7e260 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/c1e763a0-4a0a-449b-b4fb-53036eb7e260
Request Chain 105
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=c86e8b19deca49d797f6c74eb2c255ce HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=c86e8b19deca49d797f6c74eb2c255ce
Request Chain 111
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1 HTTP 302
  • https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
Request Chain 112
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/225e05f5-9cf5-4a40-a2ca-16dd01064be4
Request Chain 113
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/8Ungx4RPPTpvYBemQ4t51g?sign=1190988194
Request Chain 114
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/Q9_8Bz2sxl2W?sign=1196239771
Request Chain 115
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/pg4ShOfz36mo
Request Chain 122
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=X7ISZJEnhIfzA9KbtYgL&random=1614421062&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594 HTTP 302
  • https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594&ipr=y
Request Chain 123
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=X7ISZPwsh772BbGXivAG&random=1527367247&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860 HTTP 302
  • https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860&ipr=y

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1275.ru/ioc/1513/alc-ransomware-iocs/ 		68 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e984185c3bc3bc2b7141fafc4d94a473b4e8bd09bcdfcf8637eb49f00b081b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7a8ad2243ab4dfd9-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 16 Mar 2023 06:08:19 GMT
last-modified
Thu, 16 Mar 2023 03:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0G6spslfdy%2BGpaGLgHQv0N3ViB7TvPDOqrtf64NLNF7HEk7mqwXiFlKOqVOrJJSQdzBRNgt70xgIA7a%2BallZg%2FBNTPaPnuhxASjrEOssjmTHtORrCNSUPd6W"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
wpo-cache-status
cached
x-content-type-options
nosniff
x-xss-protection
1
classic-themes.min.css
1275.ru/wp-includes/css/ 		217 B
447 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-includes/css/classic-themes.min.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 02 Nov 2022 05:05:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYmqDj%2Ftjr6jObWeiZLpdZ5jxAhbOjUwMdGf85oMGHoLmucZTBsF8O9SRfK33jiEAXXpHHez4z0c9psUWhuubNkHbq797oC0cla6uXyKq8spBQGuDYkES4t4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229d8b6dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
cleantalk-public.min.css
1275.ru/wp-content/plugins/cleantalk-spam-protect/css/ 		1 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732ed50433ac0b64ff46aac809ec7c4c42214ab43bbfa27bde87ae2bfaa48678
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 02 Mar 2023 08:46:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csfETrTZttSzusdo20QTebqHr0BzEMl%2BUR7Z5Del7R%2BJb4lj2MhCosRPVxRCpjkhHQp%2FVbDZ4ZQry6VHD1m70T5WJtmprgHZV3OxlQRJsIagN8TJKvHAhE9j"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8e4dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
styles.css
1275.ru/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=2859
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
cf-bgj
minify
last-modified
Sun, 19 Feb 2023 21:17:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Re2Wp7FJI0udPIIf1yJvvM69VB5csbO4bpE1IxNjFAOa3R5u58ToeZtLP%2BvsIPNYXr5ynkvYFMASgXSXaXWOM0m%2Fx4HKl1EiUE3ta%2Bp1V08te80Bb19SjKcu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8e8dfd9-NRT
page-list.css
1275.ru/wp-content/plugins/page-list/css/ 		1 KB
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/page-list/css/page-list.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac2d33cb8b99a8aadfab5ca4f107c918053d27f9fea47420ae33e370cc3b9ede
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=1548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
cf-bgj
minify
last-modified
Sun, 08 Jan 2023 19:33:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXEG528%2FmwknN6A%2FTMFWmiLDh%2FsX8yaNWbsGZ5F7gkONZZeAv5MnOhwVcyBGsgTNkbiIQAh5JHkb2khELz3GOqwLkaVba7nLzR0wd%2B0bbRdG%2BYIMVKdgVt%2BP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8eadfd9-NRT
style.min.css
1275.ru/wp-content/themes/reboot/assets/css/ 		223 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/themes/reboot/assets/css/style.min.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
395ac78b9fce196f0c2c861789b3d87f9944651d5a80028fa3b1f9e6a1847f0d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 14 Jun 2022 20:46:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLzYSImtRD%2FpFndohkRy2%2FVw8ysDYsq66eLoZ7Lwvpo9xrym7gPLo2MGcdVG6rwGO9AbxMyYKb5jHQnIOUJHofOPAesaZLV%2Bloa7lr6BnatWaQBoZAHIJ%2FHp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8ecdfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
jquery.lazyloadxt.fadein.css
1275.ru/wp-content/plugins/a3-lazy-load/assets/css/ 		365 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.fadein.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a680a9a11eab21ba500e4a3a47db62838b7106ea7f58ac173703ca594218f32b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-polished
origSize=445
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
cf-bgj
minify
last-modified
Wed, 04 Jan 2023 11:58:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FyNukAM87pqtofzhfCKZR6l59BOFx%2FcaJQuH%2B0PnBTAQQGDc6XJ7Lgj%2F3dKk1INinWUxXNW9UR4Mij3FxCrd%2BqioFlgKvc5Li1xTrifvCjMQGhfHwlxaCiw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8eedfd9-NRT
a3_lazy_load.min.css
1275.ru/wp-content/uploads/sites/3/sass/ 		127 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/uploads/sites/3/sass/a3_lazy_load.min.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Sat, 16 Jul 2022 06:23:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHFafCopbtdXvhb0lm2k1ankbo5gZDo8%2BlAexOOgCD6iZciNkpiIiQq%2B%2FQ1UdQ%2B%2Fd9tTj7EWciGyDtuaf%2FWtYfIlRaC56IrHRvoDjbBv6rRuGrIgXquW7DKh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8f1dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
hcb_style.css
1275.ru/wp-content/plugins/highlighting-code-block/build/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/highlighting-code-block/build/css/hcb_style.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7581c9c63bfd5b4980fc4fced9e945841109ce23bc560cfb83badc1d0f258857
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
last-modified
Mon, 31 Oct 2022 14:36:56 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fd%2BB6hC6BAIAunVh7VdS18GecU%2FWEGCSkt0B7IfFfs9qzNi5wXH%2B9OnYvnnAFkDpJJIuXHo%2BjuBVNPwS7LOydQu7%2BSRbvG%2FQl8RXRKvjeOrb7dnYK9oBzHv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8f4dfd9-NRT
coloring_light.css
1275.ru/wp-content/plugins/highlighting-code-block/build/css/ 		1 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/highlighting-code-block/build/css/coloring_light.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1300ca40188062ec4c78286fd3fe14d9a75a1f34b44f66dd6f930fd773271a8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
last-modified
Mon, 31 Oct 2022 14:36:56 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bfLfFYMU79S7Y%2FaA%2FYofWxNN22nG%2BfNjmBj4di8ayINE1S4VZSvaSa5pkEVuRbujYoc%2Bq0iwc%2FWtCMLVPxPg9377SVYVPdCrO5bL3UXwDI9VKhPz97lxx9V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad229e8f6dfd9-NRT
wpshop-core.ttf
1275.ru/wp-content/themes/reboot/assets/fonts/ 		57 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 14 Jun 2022 20:46:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91kAQyF0IrZpDiTLQLzSmnP3uu35cnpTdGN69RkUbX8oQSNTn7ijVTv7ZFW5LyC4D6HTD8W%2Bn2rJjBlWXxE9G8hlQXEtwSf%2BjmMNrGdPdz8Nl9dJjy%2BdDskW"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
cf-ray
7a8ad229e8f8dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
ransomware.png
1275.ru/wp-content/uploads/sites/3/2022/07/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1275.ru/wp-content/uploads/sites/3/2022/07/ransomware.png
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c3e42954b742091b2a210db16724a55be6760e74bd8ce569c5baa601f61cf7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22912
x-xss-protection
1
last-modified
Sun, 17 Jul 2022 14:06:11 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zx0LJPLKcq9944Ait2h%2F3nbUWSQJuMzPAZu7Jq6ygnl4272ZOnTIDgOnZvLcIHI%2FbOtCD88IDeVopAjKba89eCxtOCRwXI6Gw43QGKVwn%2BdhhfnU3OfD2%2BsK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a8ad229f90edfd9-NRT
ransomware-870x400.png
1275.ru/wp-content/uploads/sites/3/2022/07/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1275.ru/wp-content/uploads/sites/3/2022/07/ransomware-870x400.png
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc332145c284c7c77c023a14d5a3691bac3ce0d45de0f52d1a07ae79364e301
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6862
x-xss-protection
1
last-modified
Sun, 17 Jul 2022 14:06:41 GMT
x-wpo-webp
Redirected directly to existing webp
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Madl3HI%2BoRDkulOH5s6b0xXC4ObjeXZDcHwIy8eabeS%2BbC10Sx3VpL3bCRKWCFzKQx1M1Szhv5fWk%2FxAhgiTRyToWoYV6l81aqSgOGJfbMvY3jvqenvWnz9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7a8ad22b8aa7dfd9-NRT
related.css
1275.ru/wp-content/plugins/yet-another-related-posts-plugin/style/ 		307 B
429 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/plugins/yet-another-related-posts-plugin/style/related.css
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
last-modified
Mon, 30 Jan 2023 05:11:52 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHU%2Fe5XM5mq%2Fr49gEkHcVC377pyT7LcWTyF7SrpkLULrHcqr0b6jTF1ghL%2FDQ7O6bkkLlJgDJeO%2Bpxpo53HboIddkEDSSNevpXKDVD3tASfC1pFoR5IaSUaL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7a8ad22b9abcdfd9-NRT
rocket-loader.min.js
1275.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:19 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"6407c11e-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYvMmRr6B5rQzNnPO6clZr07FIWCHfsKxIMPa%2BwoIfd6%2BUSFjjR0TSTySiUG0KuGBiDd%2B90EZGpJW47CuGcU6lhusP1JmuDvSmw0pl1xbyBsVEAhmJtJwn%2B5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7a8ad22b9abddfd9-NRT
expires
Sat, 18 Mar 2023 06:08:19 GMT
truncated
/ 		969 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		290 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		442 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		544 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3f3db2e6ac9e2b19172879a80a8605f4db7a179745be21a0828e3c1e49510ee

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		624 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b5acb20b58ca9f25a996cd5f44fcbde42154bb94cd95666197a59d4b539f07d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9501cc809fac65ba3bc7fdc1686f8cc6651018b290308eddd1e46454063bf5f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
wpo-minify-footer-e2924663.min.js
1275.ru/wp-content/cache/wpo-minify/1678889149/assets/ 		134 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/cache/wpo-minify/1678889149/assets/wpo-minify-footer-e2924663.min.js
Requested by
Host: 1275.ru
URL: https://1275.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc93a3613160a45be4b14ec89c18d15c268277489b3d3ed2f14ee3e05d0ace2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 14:06:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FNXZ%2FELOYwykGLByoqd2UvAMwuyJaEwUZgejBQ5T%2BOUQdhQKrVZkYpuuGYMl17qoUjBYtcRRLOTGytsXd4MKSG0mqw1lti0bD3igsoSuOwn3HSSjFtZPkFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a8ad22dbd0fdfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
context.js
yandex.ru/ads/system/ 		283 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: 1275.ru
URL: https://1275.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
ab38ad079162768129820f022b3bcac5580bf97b0b869f387d96f45c74a340fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946901481314-384150641001409723-sas2-0307-sas-l7-balancer-8080-BAL-3142
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 16 Mar 2023 07:08:21 GMT
wpo-minify-header-93751093.min.js
1275.ru/wp-content/cache/wpo-minify/1678889149/assets/ 		142 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-content/cache/wpo-minify/1678889149/assets/wpo-minify-header-93751093.min.js
Requested by
Host: 1275.ru
URL: https://1275.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4ff1d10f1dbd06ad96669e4e256c87c1c9e851bfaddb699c521f2dbd65fba0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 14:06:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zv9owKlFR2znJk3M9kHaVDLFX31IbbetC8L%2FAz1vLrUnV42PR%2BQ6p77%2BHv6ZOsg9%2BUhDt%2BBCVwAnVqRqWAal6UDdWNHd70SsYSqPq1exH9cQx9H7B6sHWAVc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a8ad22dbd10dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
invisible.js
1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame CE09 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678939200
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3362b0c90f250df4eba366c79cbcacc2cff590748d35fb81ca75ec9b26495a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAAI5GcuINAKuIadzxs7KbOEuhUdFtXawta%2BjJqdJTu358jKyykxDKJ2POwb6yQ9JkzGbywZWg6O4FhhB84ho4rU%2F8QPr1kjYW0PAGBbPFqcOg41L9enxPTl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a8ad22e0d71dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
1275.ru/cdn-cgi/challenge-platform/h/g/scripts/ Frame CE09 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7306e80208119a30a8641fdf0a74d1e6fe154f0bc0988101fe7798db79e9623a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFZm0%2BU0wyvL6lCSLxK%2Bk9M2oCMpfW4ddtU4lQw8qN7dmQZcIQYJ0im1rQBpM7O90Uc4qrA4WwnMpgGKJbH4659w2g0qLQZGEPfPlM%2F5vd8ungwwMYbfE3DO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a8ad22e4da7dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7a8ad2243ab4dfd9
1275.ru/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CE09 		2 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/cv/result/7a8ad2243ab4dfd9
Requested by
Host: 1275.ru
URL: https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678939200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLa%2FdZk66rF4RgSUriCH%2B1GPOA5ooPDcLx2jNSKV%2FcI0BnysUoXxDVO77buFBp9jDtqBuu%2FuS4OK8lgI%2BX5aL5Kl%2FvkFzqJi0cP6ZzL%2Bwl3nl6hk34MgbuW%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a8ad22fef82dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		212 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ad9acd9b4374cc4a4411ff72653f7940965f416237d1ea765019541d9d44c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30360
x-jsd-version
1.259.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"34ed4-+DhUIHyDrLGOPBMQNI6rR1Bj+fE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6V3JeurIyaUvIwI0pEuFDGXw88DVInNg8U0y0AJcQ4KijrPAISZeYweFBkBHcmLYvHQYxWKGbd7V4saITxLBVGAfI%2BbjGIHACttDJ%2Bxhn72LB0gdeSPXrGN%2Fk5qgzRK1GUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7a8ad2325ba780e7-NRT
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu...
264 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1125801428483%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A597524417%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Ast%3A1678946901&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
41bd37403dbff833850e72ec0f4ec5dc4575757db434b52d7337b4f8ec7f0f52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 16-Mar-2023 06:08:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:22 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:21 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A2%3Adp%3A0%3Als%3A1125801428483%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A597524417%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Ast%3A1678946901&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:21 GMT
1
mc.yandex.ru/watch/89548966/
Redirect Chain
  • https://mc.yandex.ru/watch/89548966?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0...
  • https://mc.yandex.ru/watch/89548966/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3...
435 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/89548966/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A720781372377%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A991980355%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Arqnl%3A1%3Ast%3A1678946901%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
6e250df6e1336107dd488a7e911ef6dc65508fd820a410983c6a2476ad4b5b8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 16-Mar-2023 06:08:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:22 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:21 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/89548966/1?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A0%3Als%3A720781372377%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060820%3Aet%3A1678946901%3Ac%3A1%3Arn%3A991980355%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Arqnl%3A1%3Ast%3A1678946901%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:21 GMT
invisible.js
1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame CE09 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678939200
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d530880db815b522c05c64d30b5fcff5eb4c35068004e72b1f7501b42cf7f6b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baM0xaLGjlbfmOQyaZ7sfEgZFhJnA%2BsWfkFAFqqR80eEYjjb8GpJIR6KCVIkZr5s0pmmRFZwcJYA%2B2pQGuMohiVu5yVVKKRsFHOIuM6z%2BMQWfivd3duz%2Bng6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a8ad2352c32dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
admin-ajax.php
1275.ru/wp-admin/ 		74 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1275.ru/wp-admin/admin-ajax.php
Requested by
Host: 1275.ru
URL: https://1275.ru/wp-content/cache/wpo-minify/1678889149/assets/wpo-minify-header-93751093.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d1d92d95ddb4b80a11e7d55d8d7b0dae149ac256fbcf038aaf9426d945c24ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryo95uX0IOAZ1w9Got

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sinJTNoKBEUV5WOyv8SPSKxiF2ZAa8VxmlFtkI4feF8T1%2B0hX5xTszHuDKlnOY1HimsbZFskYboh81BH7Gkpvv559zkVSMJHQmhgZqqSD8vPAYrtT%2BIJMo5"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://1275.ru
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-robots-tag
noindex
cf-ray
7a8ad2354c4fdfd9-NRT
expires
Wed, 11 Jan 1984 05:00:00 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 10:05:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6406e24d-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 16 Mar 2023 07:08:21 GMT
/
1275.ru/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1275.ru/
Requested by
Host: 1275.ru
URL: https://1275.ru/wp-content/cache/wpo-minify/1678889149/assets/wpo-minify-header-93751093.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept
*/*
Referer
https://1275.ru/ioc/1513/alc-ransomware-iocs/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache
cache,platform=wordpress
date
Thu, 16 Mar 2023 06:08:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGigRVNwiF9H370TryAz7pbm4b%2Be8hLEnaqQvuivMaxMYDpma5xjs9EgyegXoCDx8OtnNSoHpXeaDHRO46Pf9TN0BjPW1gGbJlRIhACiVmg2Gsvj55iHC8Xa"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=15, s-maxage=0
cf-ray
7a8ad2354c50dfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pica.js
1275.ru/cdn-cgi/challenge-platform/h/g/scripts/ Frame CE09 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c1ece351112e69bba7ce8687c834c37ebd1c8d3e2eeab58f91c061c225f1b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFddlWdZRX21qbrzBfTN7MZ9AMvKO%2BaRQlqbE2X2KaBB4hiG7DmkKwLSz4ZEWtghnv2c9ygoNFCKwLebvMKORla54T9FCJfYq0MLVd7xfbYmfyaT67FhH9BT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a8ad2359cabdfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7a8ad2243ab4dfd9
1275.ru/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CE09 		2 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1275.ru/cdn-cgi/challenge-platform/h/g/cv/result/7a8ad2243ab4dfd9
Requested by
Host: 1275.ru
URL: https://1275.ru/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678939200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 16 Mar 2023 06:08:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erpe0Wtjd%2FvjlAVid1MNUb%2BKDlYw2u12oowdsDeR7r8Rbj0jwEqRHFqBMr%2Bpm4LpmPOAal98Oppr3HekBJqaj42%2FQUjFFa2cUIm5kDKy1S1V7rWz4qHCgjQO"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a8ad236ee5cdfd9-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
be7a8c6ba834a19971a1bb9114b667de.gif
moderate5.cleantalk.org/pixel/ 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moderate5.cleantalk.org/pixel/be7a8c6ba834a19971a1bb9114b667de.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.216.200.119 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
moderate5.cleantalk.org
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 06:08:23 GMT
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
1c0942547d39e10f5f56.js
yastatic.net/partner-code-bundles/737296/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/1c0942547d39e10f5f56.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
a28d910858ab19342edf3e236c75b746fa1f77a6321447a922bd6634509c3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4802
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"b31dd13c0b4d3ab37a3660ffedb9d110"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:44:12 GMT
c9cea445a0bf2bf4b60d.js
yastatic.net/partner-code-bundles/737296/ 		112 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/c9cea445a0bf2bf4b60d.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
0dfee99c9907980f5452422b14b955d6c9052805005fa0ef0a7350982dd0318a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24244
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"41389bca1f33fc74ec000426fdf4fb0f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:44:12 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:41:50 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
a086468bc16e4fc5
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 11:55:02 GMT
1788970
yandex.ru/ads/meta/ 		112 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/1788970?target-ref=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C63%3B733958%2C0%2C87%3B732449%2C0%2C95%3B732231%2C0%2C44%3B729111%2C0%2C34%3B729106%2C0%2C3%3B734894%2C0%2C76%3B737296%2C0%2C45%3B737282%2C0%2C35&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEgwAWlEyGYwSK7Y6vnQcO3Wd8b93AVIyKdmQ2yfLlPZgsXv27C5%2FTU6xUGLGFgrnqsQpKVXBuKK1SnFdEz45%2Bfxr8nN1eb%2BenEwkb8nk3eRu%2FeOOnsH%2FCPl%2BEE2evrx7hmk4y9tMCsVq1eBWECtC5CaB3yGQGqclUSRj1TNISYXUzpzSnDD9Ab5NmcK8GsGuH%2F7aQw390KDmVBjYjLW1VJzklJNMQ%2BKmsXvmOUHg7e4GF1FVW0rKWVkCWi31B8LVAstsRnIlaUUUKwpBpB3X95xoEDNp3DslXFBWjywj342ccGwbOs6zT2krJdMhKdk4T7%2F70fexHUpCZOyajOVkZGnyPY7vW8HampYM56TDwNUoone39%2BuBWeDFfuJ0ZhBLIQzJ9mz2EzkwAnoKQmrFUkH46R4x19err5frkaWPvKQLc0E%2FqgrOmhE6nUlVS%2FuRQegnrjFc4jonHxVvVc4qTGubWehEno9256WczcFZOEtNOc2tlm4UxujFAxWwV3KaWs0910GBMf9Eak8VLfBzQXM5U7TCU2K1Ddwgdp5tt8WSMq6TynFOW%2FHbGxGWWPvdOaxwucBLYbf0oz7OedFAZYqG1UAMXUesHdeQ5zjO2DZw%2FGDA50yb1tJ%2BXggwPZUKBlEmmrvb8xT5aKUFHBlF3qE5LbRwLnQlAzv%2FD8LWgVNctqNs%2Bc7L1iXBvFYV4yAbmFO8d29vdCgIRh%2FlhlPGqVyqdAnlThYN4%2FaAoQj1tbflRS%2BemeBWw8SN4gEjqVAZ5pxJhbMMsiQsKhEmfui6I1vDYgGUljMdpgbnOa2ndpAgDDrPjewDleWyIcq3ex3EUThIT8UziJOgKS0havbjkgi9aqkbYVbSbH7k9C2G6TJd81UgsAWF5kL1JQqc2as5ib2%2Bs3R%2B9CCdtkumidqUeJnibD7oYDZI5HiB743SMSNG8KGTEkGnVsYjN%2FRQl4eaLMCkgCqfqZJNaWa3i%2F1e0sDNgvJKc5aTettpGk5Su6giUEXPHZEXug4HJsEUAP0aIqCFUmRc9xQhrLWP3MQNghHYjErjyQAE4jGXzA7kR57nD6edvbkmJwWG9MODgtZUEmB7NoexylqoKAgdhEbuiQpzqT60pCUa%2FNj9QoRQuBsr5IzDHLfnGYEC5prKtAahotCMyyNeRW7UUyfD0JJY3ScQF7ogacExDExmfLBnMooTlOzmhoJTgCmXqrPXI0Rjv9zYPp0rQT9Z6wihxO%2FTPbAQx%2Bakg3OTwIl2KCDauUawzq0IxQFy909WFUyt2H6W5%2FVz4YCQevB4EytjFLj%2Bttygf8PkDVcF0iiYVbuBwghYNxscrgUHeFHsH95CTu13gDTF7rA2tGZ0IvNC6E0%2FOLYHoMRD%2FXTSVYSY00ZJbgTwmCSjBFaTznjv6KJketzNVefoEZC4r4LXQAy5RhjfNw%2FqavWgLtab84u7V%2BDMBqPmJMWpgonTug450NpGpdhV82IGLBkQpoYWbQR32oK86yUBRDcj9NReoZHrBH3n5Fx1Si9bGFG6SjeBNqLSTmdHlkFA6kq1xJ%2BWRhyUGfCGZr8m39d33y6q1e355npy4oYwJl3dfN1crsW31eXm%2Bnxy4j2NUEPoiwMSdLII855KS80EvWMOD%2Fg8uVptLt%2Ff3oNv%2F6yuz9YP8PmPzdXqfP1j9Oh8dWWenD2ur7ufr35u7m66j1fvB%2F%2BcXW%2F6pxp5hwAPblePlzePF%2F3Xj7fd3%2Fvb1fvr9d8%2FDn7w5%2BrmamNMv7x8xWHFPafWnj605fnIWPMTH0k8WLr7soNbGDWyku1t%2FrAaj9dr2NA60tRYAsVA5fi01zol8dS6PEBn8QZCWRCgKyc4k7BDHzEMfcc7nJFo3cBsoIek%2FzghwTbso%2FhVwIGUgfbY8%2FCMpLswjEow52ez7s0DTAMVLnsh7Zw0L2zonLzlXYYfu4NeBGUAKtDpEScfWpjqKz2XQ87x1O7iDmf3vkdSCReExRW2xtw41WDdmnXp9%2BPMEd%2F8JNwGUOTz%2FdUeUh2AKIyTH%2FQyISRoizlUTzkznINDsDqPAL7dXe5TpyftsNtlTJigLmiZpyCPlNh55CWu%2BzrKEiuQmjmxTkgaw%2BnmNt1ru9caSpIKIKS1q0R%2BECeD%2FfcwZoCNxhbmydOXp38B3z%2FcRQ%3D%3D&pcode-icookie=PfO6LnZfrtdhw9V57dfois%2FW7YwPrZBuEb9psMB%2BVmgmYvyh9BED7Hum6MghVZ4rdJBZ02wzuhZ9HYphfK3%2FFmnDleA%3D&duid=MTY3ODk0NjkwMTExMDY4NDEwMw%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=8796093022210&ad-session-id=9853161678946902420&target-id=40533225&tga-with-creatives=1&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&use-small-video-requirements=1&pcode-version=737296&pcodever=737296&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1050%2C%22top%22%3A149%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9ChKlpJDkOOqBCFBnDdb5t3RENBrar_vXTRz7TuQoiS7pvt8zETF15GyjiYjmpJBJ6qCtxOmF_H3_lmVB6F_XLl2bdgX0G8AVxpiZ0KNRG0sxnJ5n6xiNGaNAjBntUiAnn0iG0AtECIbfJ9hgkntTPRGjJFeXhTxTl2hLXe5oC6MU2gJsYRwmww18bwbRJA9EAj8Qhd6L5ojBoSgyxQPOBI7JYsBmsphQmGwmZzLxmDwmJpPNgMtkQzDRUklckZiSStJHTEnlhq64U0JyRCrqxpFK1N0xhUPUwdfG3Uv8UOCGgVA7k0DodqELvlZn7UmpJwMkBhwmazKxmBwm_k_LfUAfGObPRPTA2UwuAwaTxyBiwGUQvQwD3rdP8GA8JvYD5KlfAPoD_nLPFc7vhsyAhnoyAf6befNZ4P1uzrOBs_LLHVszGTAbVdz5DXCfyUsdYKwHSMgA-YFhPSP2XM5PPw6D-Kfl3GS8nf3mgrw8eSs3tUyA_TRwr2IMqPNYcY4D5o8Kb-ng7BRc7c8I7C1lwHrqeb-bfSMyoGupKamoWwHSICaZiXh4HvhaQeC5areLBOLhdnXco8EXu9MLhaTiXkHVx3keeBiry6zMHYko8EXDVXvuEMbDjycCgbqL0h6r_e4JAqEXgnrb454OX-2HpBJXS0kVh6A6tHih21962EAQhgK1OBQinJ-b3oW_ecTd_xHhP7MP0OuOw8T9jr4DnFYw_JWC8m1hXZmpqEcLze6baFZX2SiE32Oa0auIOhQKjy9fLNbnnPrf2ffRRCv4oDTF01NCvTImsAXni52loi7k_3ZxuGx6wvdDl6SxOskm8dFjkAWVL_4ZRxqK9Tl4IalwuPwvhEEY2RCfrxtkUKGgMMgyAbpVw_5IxmJAt4So-WJz107ntZxeH34i0RobaWI01avuhFHmq0BLPJ2AI_pNjxcWjVBIz2rlh--GycdZ8iF3YdqAORwdITtiWswsMJdEUMU_ZFy-pxbwU3HoSaYhOCTDUzdnlvBFqXCEn6d3Y9LAJ1GHQTLdQaoe4gbyjNyQlP8s1eKReivp28fqBK4nGEIH7FMPqPem9qx_tXOdCF4NEVhMXss0HWs7ppu8A7o7JKXTwtfwp9u30uqe0KeypC9HYx-KBmlvJb1SWYCSkdnl12IwtCGS2667i8qWTjwe-_Y04l_A_hT_EWH-qxHeUzJx7hC3yiyHQjcUdUqVHLUqR12oivys98tDeuQapU-RgBIAtpzelk9wL3pQXPRM5Bc9tSfeUgZ5u2a35Q3IVpFBTFtrBrFerXfYb3FDAt43fDr8b7ZqzmotY-4L4G8xt7PPO4cBp1WY8AHgbkodpif9Gz6138_t3KJ9OPOe-mfY8tjWbO1vyN_O_YYJdgc-aipqgekWTMHmjvSPO4icKPbIyCRvGCdonppWVH3CH0bAGmwqk0MXaIEY_Q1_uq7OhhO2DTado9Caaow1RwPHpiyazX9gm39JQUv5y74fM0F8Uw7Kh-SZb94F7pXnwuqrgHOpvvStprfBDqVFDINIM1e3w2zpZOJ97HM2srGr512iCTbGMZcrrqamEX8Lh9XSuMxv2cd6dSTWBs-xfB7rgfgbSX_kmotjnDbsjcp9YJxPw4tfOO76D91ng18jk0F87rcByN0p9u5ZD-x8GuZFywfkRirrpsffcQheELZ5gmk9QAtQAeUqMnDPkaoy89TekLzVnywOLSrwthVO7a31voV8kPkF4DFxf-t7XCvuVuV9vvr_TsBqlF5qYTSjoF5fv7t_z9-6Eh67U0zPr-YeIPuYt0CyXOzqgrOl_6p93jnrMksVHgPWH7ix-S2U1TcD6hWpjjIpxAmqMELd4XfNntJ6FJ4pN_aDOXRDsb7uQB-YUykkQEIMVNQufNd8GRZx-0pkvC6NUWP7lDQDZHygm6A14twRewtw42G3dYQbqKz2IZtzu55P6fb6XLlW4tb6s6xS_SqnXLWcRO0Nr6DOi7L2KtpxEZ0qObesBHs1uDXMCY4yoqUQZ50f-GrVL2XflmZqUfXEJxG4r3Ci6-v4G8lQWigQMqBfSEwtSqHF6FtHwvc8LxxG-2Us7BnKak036Ty7Uq2oRktK1Iwsa_vkvSyWIWscmqzRWBv9uLtv5QBwBs1KKvYShzZvF034NQiI93O57eknE4TNKm9PFMSmMD6ggFkK1g4-Xc3m2Ue-1XZ0wPc059EBTduC7UM7VLNrq7sRtOjccD5t_cLe_KsXJLfzK3EDfa5g1IpjVRUVe83YrsObiLq4k_pDVH3sFM-LNng1W7-tUXOEzGdAuOx2YvPxVFVy1tiD3EpYo_8m2f96NthOovHasTJAsTXz9vgbDtjfHNbKcMwyBl9qDk5n_k8zNdRtvZLY_MS8uRNhbRJxmkZ587F1jSK7KcCwnDmscOPZOQQeQDs046tZZu3nJ7q32KOz76tFX3NRvFpU9t6AdVJN8dK3Rc5Lt9ybTTJWa5CwmXHLq_by72lMlWPvwVlNfOw-dRgZR9ua8nR9iY6PNR13OqX_RSA9tY14i9Wi6SIPSrvHfX3ol8HVKaA5Sg1x071O3rKCxKd1X1ivHTxf-8rbK-YSxc_WOvoQzgYrILZPtsnzeHol0jUn--BYS10z5lwNRoV3rM8q3HBMu1nt6RrJ2tF57VVXAdp1LVxumP9CzOocOL8N6inNR7n2wr51foXY429zX8jB_FWARF-kabn0-ywyLdtWRTaf9Knh0JDiodf22S0V1cjVlBjYnAppV_xcj2Z202tZ-uP-72qRdBFDSyTlNvIkTtVZW_N24Jzebg5m8_fT6efso9b40U035q3t_rDW6P4y1J0XZy8Mc-e_w4bRSKyt-hjcBU9TD_aIl6Ypz5OIHb62wox78-M3XeXup4m0CtTAYtukKlu3NFtc4xtZdaalYF8IdrNnTnA45hSrqQ1H1FvSh9l7HWKZrRGYCT91Yr2qXgIdncukJjS3Wp0ZyEjUSzF-5eioLXXC7xKEphqeGJymlFZitvltOcboN5touimXAHPf4Axis9xwXPPelMlflmXKiSwQdj-YEJqPRqaaKpVqa3s7iD_zcK-8N2whv-B6bXu33j0c_va8Uc6d0GiuAt_iOtd2Yte_xQedoTNbxlkcVbavAruutLohgY1ryjKT5fVI-9U8WLfWwg5nCbAmgrLmXHnVvlUtQVmcznop7R6WoS5Ws6OxLkkYctV36LV9mhtaNRNOxRDnrpJi6xGmDC7jHRnqZ5tga8xZB3eaPcv-K2Fu11X1wVt9Haaj_17yX42BYWbq6B8GMuCp8oBtxJSJAsyZhAJJ9x0jQoESsYa2WvX5Tmyty1qZTwfIr_JBrY9yyrYTNNP6sYkEMcXqWPbNmQjQGOqXuBZlFz420RA5OVgoAY9G4xh_zp3Q1rhiF1d-jRDMa5jNkHcmxzjgmolQV7mmDn4R20nb2LztO1iHqg_S3idsI-mG2xrBrxdWFXh0L8JWrhquLb5TVKzlj-9g8zc5fJtMBqGNuWiRQ8mPhKWlMfV0c9BFAT3Nn1TYNq63ozuRo_lYAUhD3bbwtzmOPsJdwjVRJYhd4OMcx_vBI0JtbDbSspm8xG3nzsSGYK77E6JHkLe1UbNCuXpGU9tWF222GtoRjOfdq23MNc5h7H9ZJMLVQyyiqL52q__cVtRqzHPoM1pi0Tvl2f1WZ9jbDdusjx2BGc5iEu1QcA8rvn2hpEAfm_KwOCW5jVv5gFEdgrU4pEyjSCUfPUuSPhSKVJHJ5LI8SiKpUtVHpEjHUGZ5muXKERU97dJUropKpbTIZfIylhWRjZ0YJ5lqJGWmLJWpvJA_0zyJe9bLtJCl0RiyLM_yuOeyWJkW5ZAlqVSqUJZFoooUXZkX9l7VSHs5Umkiz3JpNpTJkBVSVSGLpYksUWS5Ko3zNIqHUtqVqSz7YaJfI02lY-SKPjJ7b5lkuVwep7JSnqjyKE8KeVnGeVb-7CpFWRbSMs2keZYOVS9SVdzlirwre6SUq_rLpfZeZaaQKsokHdIhi6Pku1UoVLIyUQz574rKnijkiuhbikdSKB-4LJJJVSNXFlmXFwqVtVeWquTK9EG_7lGZJaOQSb8ihaLLsqctihVRKe2yQqmKpbksLZVRXipLeZpLY2kUW8WV92hkI4mffkUhV8RlUaTF9y5TZdlQKONE-SWUR4lCpZDHea6SS-V5_h1kypGp5JGVSpky_vqUZVLko1ClaVGoPnlx2vOvWR6lcrny20oVpUqRfBmjRBrL-kh_0DRLFUViRmM0oJSLJGQWYrkR1c3hTDJ8gWAumNrvhwYU0wFVI-jpIVNWKRt1p2LIfNygixzQwiIQO7g15JIReLRoCwZ8GKAECAOSgWBAih-SgC-M-QIzR2pySSjuE3mQIHy7p8N2kAqH7_CGJO3IQn-EmomEAknZeGnmInwjC4U09JuxNypYRZPTR5F1B6lnQgmxpRalcZfpChqRnTHiaMAB0EEM9YIkHGKtvkASiESLTl-RpWhEKwpBjKGYQGwjzD3h7vCMFwew3cDi1DrYCovoz36DUSc_NCnDwpM8VEZdCfXgu5LgkHUWgc9G79GFwQ_im1WiSY9y7HfA8UN_kV0cZOddTNmUJj3quqihh0GKPpTHDyIorMCBaXcg6BZJh_Jd4vFTUbjn_qLUJ2uMnUOrcICPgzbusEAQxqTd1Y9u70MB4Udogwp-yKl00lqaS70Z2sKZ8D03EKkPUq-6yWLwn5V1AyXze_KlJbsYCbun1edWIYcvsiO3Yu_SfWmlnG9_KRgoEKtLqRT0uac_wQtc4VPX0DToPh3RNzcpkCLSE7tje53dpJo1Atsr6asU2Phff20uil9ddTNyyavuvaknlZBj0kOOLH0EDuLLyCEqjaSnQYDQVq64DjGnoug3JcbBFT4N2AQx3NSMDJg3g2yIxQF8fXioSP8EZ0F7Eh0-35vgDSHCUEg6EfkBaO_nuovAOHLWIR-UStAX0bXiGUO2K4sKBcWEMA4WNjhpP6jOB99zDjFp4IeuRIRGp1c5MO9V9pZnohg_npMyjPoFQhcG&uniformat=true&callback=Ya%5B4932733593279%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
a2e6d321fb250c0a4d10159010b3df6118cf118ce5fdebbc242c7533c3b313d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1678946902882945-10654108978237291257-sas2-0307-sas-l7-balancer-8080-BAL-6615
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:23 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:23 GMT
07cea2bf8567304efc16.js
yastatic.net/partner-code-bundles/737296/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/07cea2bf8567304efc16.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
7cf322218cc72de9537adffa91fdfbc39b162614469c6edbcfd4cc0a185b9422
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7926
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"2463e7171610f161ae082eb3c6b848a9"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:44:12 GMT
2ec9a88e40a26b53acde.js
yastatic.net/partner-code-bundles/737296/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/2ec9a88e40a26b53acde.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
81cae2daad6c8bf6978dd693b980865bd9e155935f1b1c908cb75ccb0927fa89
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2065
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"ae36fc220722c0bc55a2cf1b6ed051fd"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:44:12 GMT
37fe5f11066e37e7548b.js
yastatic.net/partner-code-bundles/737296/ 		577 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/37fe5f11066e37e7548b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
44884191665db88dc9f0e9c56d49c0af4830027724180796e6bb243ed3b0c0c0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:23 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
111843
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"a6a7f4968278e5cd5940866fd0032bc1"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:44:12 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9944.x14HNBPw-8cdqNyCGXcjkmbJIaO_Gi_-jYFtf2gkOPPr9N_hIHVghNRWR0c4hrDF.2y_t4nv4a7jv90gLotp7KHzjars%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9944.epSciuMlW3PszebS_8hWa9WXrEKAtaepuFLI5U1ZaAb6gmN0U13TN1aM5xkbMQ0UeuXORI1kLULfs7iAibaZi-QBB9zmxNSe2LxrZM2BuJr28VDveH5-fqx-e_F6LlcPGboc8IPyB...
43 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9944.epSciuMlW3PszebS_8hWa9WXrEKAtaepuFLI5U1ZaAb6gmN0U13TN1aM5xkbMQ0UeuXORI1kLULfs7iAibaZi-QBB9zmxNSe2LxrZM2BuJr28VDveH5-fqx-e_F6LlcPGboc8IPyBG5iwj3V5mXWi_mxsm6gHoHtRppjxUVw7BWG1dL7FqmVfLG1Z7ljNaJCgABI44iBGRhU00dpE8OXnZ11h4DMAERLuwd7XhcfNy8%2C.mE1LarJoYCUwmALGXROVIvjoTGY%2C
Protocol
H2
Server
149.5.244.255 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:24 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9944.epSciuMlW3PszebS_8hWa9WXrEKAtaepuFLI5U1ZaAb6gmN0U13TN1aM5xkbMQ0UeuXORI1kLULfs7iAibaZi-QBB9zmxNSe2LxrZM2BuJr28VDveH5-fqx-e_F6LlcPGboc8IPyBG5iwj3V5mXWi_mxsm6gHoHtRppjxUVw7BWG1dL7FqmVfLG1Z7ljNaJCgABI44iBGRhU00dpE8OXnZ11h4DMAERLuwd7XhcfNy8%2C.mE1LarJoYCUwmALGXROVIvjoTGY%2C
date
Thu, 16 Mar 2023 06:08:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/89548966/ 		43 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/89548966/1?page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&hittoken=1678946902_b9901716e8dc445a240c48da2bb252387343512890321f4393e257315f6a94fa&browser-info=pa%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A1%3Adp%3A1%3Als%3A720781372377%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060822%3Aet%3A1678946903%3Ac%3A1%3Arn%3A170694685%3Arqn%3A2%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946897864%3Aadb%3A2%3Ast%3A1678946903&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(36100)aw(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:22 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:22 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1275.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://1275.ru
access-control-max-age
1728000
content-encoding
gzip
date
Thu, 16 Mar 2023 06:08:26 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT
1788970
mc.yandex.ru/watch/ 		399 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/1788970?wmode=7&page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A3%3Adp%3A1%3Als%3A458037413024%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060824%3Aet%3A1678946905%3Ac%3A1%3Arn%3A846092775%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1678946897864%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1678946905%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr(14)mc(p-1)clc(0-0-0)lt(36100)aw(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d55357d84b02f4a871bd5385b1708817d37af6cbbdc24488f7138f291e4669c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 16-Mar-2023 06:08:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
399
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:24 GMT
1788970
yandex.ru/ads/meta/ 		124 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/1788970?target-ref=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C63%3B733958%2C0%2C87%3B732449%2C0%2C95%3B732231%2C0%2C44%3B729111%2C0%2C34%3B729106%2C0%2C3%3B734894%2C0%2C76%3B737296%2C0%2C45%3B737282%2C0%2C35&pcode-flags-map=eJydWNty2zYQ%2FZWO%2BppJeQVJv4EkKGFEEgwAWlEyGYwSK7Y6vnQcO3Wd8b93AVIyKdmQ2yfLlPZgsXv27C5%2FTU6xUGLGFgrnqsQpKVXBuKK1SnFdEz45%2Bfxr8nN1eb%2BenEwkb8nk3eRu%2FeOOnsH%2FCPl%2BEE2evrx7hmk4y9tMCsVq1eBWECtC5CaB3yGQGqclUSRj1TNISYXUzpzSnDD9Ab5NmcK8GsGuH%2F7aQw390KDmVBjYjLW1VJzklJNMQ%2BKmsXvmOUHg7e4GF1FVW0rKWVkCWi31B8LVAstsRnIlaUUUKwpBpB3X95xoEDNp3DslXFBWjywj342ccGwbOs6zT2krJdMhKdk4T7%2F70fexHUpCZOyajOVkZGnyPY7vW8HampYM56TDwNUoone39%2BuBWeDFfuJ0ZhBLIQzJ9mz2EzkwAnoKQmrFUkH46R4x19err5frkaWPvKQLc0E%2FqgrOmhE6nUlVS%2FuRQegnrjFc4jonHxVvVc4qTGubWehEno9256WczcFZOEtNOc2tlm4UxujFAxWwV3KaWs0910GBMf9Eak8VLfBzQXM5U7TCU2K1Ddwgdp5tt8WSMq6TynFOW%2FHbGxGWWPvdOaxwucBLYbf0oz7OedFAZYqG1UAMXUesHdeQ5zjO2DZw%2FGDA50yb1tJ%2BXggwPZUKBlEmmrvb8xT5aKUFHBlF3qE5LbRwLnQlAzv%2FD8LWgVNctqNs%2Bc7L1iXBvFYV4yAbmFO8d29vdCgIRh%2FlhlPGqVyqdAnlThYN4%2FaAoQj1tbflRS%2BemeBWw8SN4gEjqVAZ5pxJhbMMsiQsKhEmfui6I1vDYgGUljMdpgbnOa2ndpAgDDrPjewDleWyIcq3ex3EUThIT8UziJOgKS0havbjkgi9aqkbYVbSbH7k9C2G6TJd81UgsAWF5kL1JQqc2as5ib2%2Bs3R%2B9CCdtkumidqUeJnibD7oYDZI5HiB743SMSNG8KGTEkGnVsYjN%2FRQl4eaLMCkgCqfqZJNaWa3i%2F1e0sDNgvJKc5aTettpGk5Su6giUEXPHZEXug4HJsEUAP0aIqCFUmRc9xQhrLWP3MQNghHYjErjyQAE4jGXzA7kR57nD6edvbkmJwWG9MODgtZUEmB7NoexylqoKAgdhEbuiQpzqT60pCUa%2FNj9QoRQuBsr5IzDHLfnGYEC5prKtAahotCMyyNeRW7UUyfD0JJY3ScQF7ogacExDExmfLBnMooTlOzmhoJTgCmXqrPXI0Rjv9zYPp0rQT9Z6wihxO%2FTPbAQx%2Bakg3OTwIl2KCDauUawzq0IxQFy909WFUyt2H6W5%2FVz4YCQevB4EytjFLj%2Bttygf8PkDVcF0iiYVbuBwghYNxscrgUHeFHsH95CTu13gDTF7rA2tGZ0IvNC6E0%2FOLYHoMRD%2FXTSVYSY00ZJbgTwmCSjBFaTznjv6KJketzNVefoEZC4r4LXQAy5RhjfNw%2FqavWgLtab84u7V%2BDMBqPmJMWpgonTug450NpGpdhV82IGLBkQpoYWbQR32oK86yUBRDcj9NReoZHrBH3n5Fx1Si9bGFG6SjeBNqLSTmdHlkFA6kq1xJ%2BWRhyUGfCGZr8m39d33y6q1e355npy4oYwJl3dfN1crsW31eXm%2Bnxy4j2NUEPoiwMSdLII855KS80EvWMOD%2Fg8uVptLt%2Ff3oNv%2F6yuz9YP8PmPzdXqfP1j9Oh8dWWenD2ur7ufr35u7m66j1fvB%2F%2BcXW%2F6pxp5hwAPblePlzePF%2F3Xj7fd3%2Fvb1fvr9d8%2FDn7w5%2BrmamNMv7x8xWHFPafWnj605fnIWPMTH0k8WLr7soNbGDWyku1t%2FrAaj9dr2NA60tRYAsVA5fi01zol8dS6PEBn8QZCWRCgKyc4k7BDHzEMfcc7nJFo3cBsoIek%2FzghwTbso%2FhVwIGUgfbY8%2FCMpLswjEow52ez7s0DTAMVLnsh7Zw0L2zonLzlXYYfu4NeBGUAKtDpEScfWpjqKz2XQ87x1O7iDmf3vkdSCReExRW2xtw41WDdmnXp9%2BPMEd%2F8JNwGUOTz%2FdUeUh2AKIyTH%2FQyISRoizlUTzkznINDsDqPAL7dXe5TpyftsNtlTJigLmiZpyCPlNh55CWu%2BzrKEiuQmjmxTkgaw%2BnmNt1ru9caSpIKIKS1q0R%2BECeD%2FfcwZoCNxhbmydOXp38B3z%2FcRQ%3D%3D&pcode-icookie=PfO6LnZfrtdhw9V57dfois%2FW7YwPrZBuEb9psMB%2BVmgmYvyh9BED7Hum6MghVZ4rdJBZ02wzuhZ9HYphfK3%2FFmnDleA%3D&duid=MTY3ODk0NjkwMTExMDY4NDEwMw%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=8796093022210&ad-session-id=9853161678946902420&target-id=37616813&tga-with-creatives=1&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&use-small-video-requirements=1&pcode-version=737296&pcodever=737296&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A730%2C%22h%22%3A300%2C%22width%22%3A730%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A2774%2C%22ad_no%22%3A1%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMjd9ChKlpJDkOOqBCFBnDdb5t3RENBrar_vXTRz7TuQoiS7pvt8zETF15GyjiYjmpJBJ6qCtxOmF_H3_lmVB6F_XLl2bdgX0G8AVxpiZ0KNRG0sxnJ5n6xiNGaNAjBntUiAnn0iG0AtECIbfJ9hgkntTPRGjJFeXhTxTl2hLXe5oC6MU2gJsYRwmww18bwbRJA9EAj8Qhd6L5ojBoSgyxQPOBI7JYsBmsphQmGwmZzLxmDwmJpPNgMtkQzDRUklckZiSStJHTEnlhq64U0JyRCrqxpFK1N0xhUPUwdfG3Uv8UOCGgVA7k0DodqELvlZn7UmpJwMkBhwmazKxmBwm_k_LfUAfGObPRPTA2UwuAwaTxyBiwGUQvQwD3rdP8GA8JvYD5KlfAPoD_nLPFc7vhsyAhnoyAf6befNZ4P1uzrOBs_LLHVszGTAbVdz5DXCfyUsdYKwHSMgA-YFhPSP2XM5PPw6D-Kfl3GS8nf3mgrw8eSs3tUyA_TRwr2IMqPNYcY4D5o8Kb-ng7BRc7c8I7C1lwHrqeb-bfSMyoGupKamoWwHSICaZiXh4HvhaQeC5areLBOLhdnXco8EXu9MLhaTiXkHVx3keeBiry6zMHYko8EXDVXvuEMbDjycCgbqL0h6r_e4JAqEXgnrb454OX-2HpBJXS0kVh6A6tHih21962EAQhgK1OBQinJ-b3oW_ecTd_xHhP7MP0OuOw8T9jr4DnFYw_JWC8m1hXZmpqEcLze6baFZX2SiE32Oa0auIOhQKjy9fLNbnnPrf2ffRRCv4oDTF01NCvTImsAXni52loi7k_3ZxuGx6wvdDl6SxOskm8dFjkAWVL_4ZRxqK9Tl4IalwuPwvhEEY2RCfrxtkUKGgMMgyAbpVw_5IxmJAt4So-WJz107ntZxeH34i0RobaWI01avuhFHmq0BLPJ2AI_pNjxcWjVBIz2rlh--GycdZ8iF3YdqAORwdITtiWswsMJdEUMU_ZFy-pxbwU3HoSaYhOCTDUzdnlvBFqXCEn6d3Y9LAJ1GHQTLdQaoe4gbyjNyQlP8s1eKReivp28fqBK4nGEIH7FMPqPem9qx_tXOdCF4NEVhMXss0HWs7ppu8A7o7JKXTwtfwp9u30uqe0KeypC9HYx-KBmlvJb1SWYCSkdnl12IwtCGS2667i8qWTjwe-_Y04l_A_hT_EWH-qxHeUzJx7hC3yiyHQjcUdUqVHLUqR12oivys98tDeuQapU-RgBIAtpzelk9wL3pQXPRM5Bc9tSfeUgZ5u2a35Q3IVpFBTFtrBrFerXfYb3FDAt43fDr8b7ZqzmotY-4L4G8xt7PPO4cBp1WY8AHgbkodpif9Gz6138_t3KJ9OPOe-mfY8tjWbO1vyN_O_YYJdgc-aipqgekWTMHmjvSPO4icKPbIyCRvGCdonppWVH3CH0bAGmwqk0MXaIEY_Q1_uq7OhhO2DTado9Caaow1RwPHpiyazX9gm39JQUv5y74fM0F8Uw7Kh-SZb94F7pXnwuqrgHOpvvStprfBDqVFDINIM1e3w2zpZOJ97HM2srGr512iCTbGMZcrrqamEX8Lh9XSuMxv2cd6dSTWBs-xfB7rgfgbSX_kmotjnDbsjcp9YJxPw4tfOO76D91ng18jk0F87rcByN0p9u5ZD-x8GuZFywfkRirrpsffcQheELZ5gmk9QAtQAeUqMnDPkaoy89TekLzVnywOLSrwthVO7a31voV8kPkF4DFxf-t7XCvuVuV9vvr_TsBqlF5qYTSjoF5fv7t_z9-6Eh67U0zPr-YeIPuYt0CyXOzqgrOl_6p93jnrMksVHgPWH7ix-S2U1TcD6hWpjjIpxAmqMELd4XfNntJ6FJ4pN_aDOXRDsb7uQB-YUykkQEIMVNQufNd8GRZx-0pkvC6NUWP7lDQDZHygm6A14twRewtw42G3dYQbqKz2IZtzu55P6fb6XLlW4tb6s6xS_SqnXLWcRO0Nr6DOi7L2KtpxEZ0qObesBHs1uDXMCY4yoqUQZ50f-GrVL2XflmZqUfXEJxG4r3Ci6-v4G8lQWigQMqBfSEwtSqHF6FtHwvc8LxxG-2Us7BnKak036Ty7Uq2oRktK1Iwsa_vkvSyWIWscmqzRWBv9uLtv5QBwBs1KKvYShzZvF034NQiI93O57eknE4TNKm9PFMSmMD6ggFkK1g4-Xc3m2Ue-1XZ0wPc059EBTduC7UM7VLNrq7sRtOjccD5t_cLe_KsXJLfzK3EDfa5g1IpjVRUVe83YrsObiLq4k_pDVH3sFM-LNng1W7-tUXOEzGdAuOx2YvPxVFVy1tiD3EpYo_8m2f96NthOovHasTJAsTXz9vgbDtjfHNbKcMwyBl9qDk5n_k8zNdRtvZLY_MS8uRNhbRJxmkZ587F1jSK7KcCwnDmscOPZOQQeQDs046tZZu3nJ7q32KOz76tFX3NRvFpU9t6AdVJN8dK3Rc5Lt9ybTTJWa5CwmXHLq_by72lMlWPvwVlNfOw-dRgZR9ua8nR9iY6PNR13OqX_RSA9tY14i9Wi6SIPSrvHfX3ol8HVKaA5Sg1x071O3rKCxKd1X1ivHTxf-8rbK-YSxc_WOvoQzgYrILZPtsnzeHol0jUn--BYS10z5lwNRoV3rM8q3HBMu1nt6RrJ2tF57VVXAdp1LVxumP9CzOocOL8N6inNR7n2wr51foXY429zX8jB_FWARF-kabn0-ywyLdtWRTaf9Knh0JDiodf22S0V1cjVlBjYnAppV_xcj2Z202tZ-uP-72qRdBFDSyTlNvIkTtVZW_N24Jzebg5m8_fT6efso9b40U035q3t_rDW6P4y1J0XZy8Mc-e_w4bRSKyt-hjcBU9TD_aIl6Ypz5OIHb62wox78-M3XeXup4m0CtTAYtukKlu3NFtc4xtZdaalYF8IdrNnTnA45hSrqQ1H1FvSh9l7HWKZrRGYCT91Yr2qXgIdncukJjS3Wp0ZyEjUSzF-5eioLXXC7xKEphqeGJymlFZitvltOcboN5touimXAHPf4Axis9xwXPPelMlflmXKiSwQdj-YEJqPRqaaKpVqa3s7iD_zcK-8N2whv-B6bXu33j0c_va8Uc6d0GiuAt_iOtd2Yte_xQedoTNbxlkcVbavAruutLohgY1ryjKT5fVI-9U8WLfWwg5nCbAmgrLmXHnVvlUtQVmcznop7R6WoS5Ws6OxLkkYctV36LV9mhtaNRNOxRDnrpJi6xGmDC7jHRnqZ5tga8xZB3eaPcv-K2Fu11X1wVt9Haaj_17yX42BYWbq6B8GMuCp8oBtxJSJAsyZhAJJ9x0jQoESsYa2WvX5Tmyty1qZTwfIr_JBrY9yyrYTNNP6sYkEMcXqWPbNmQjQGOqXuBZlFz420RA5OVgoAY9G4xh_zp3Q1rhiF1d-jRDMa5jNkHcmxzjgmolQV7mmDn4R20nb2LztO1iHqg_S3idsI-mG2xrBrxdWFXh0L8JWrhquLb5TVKzlj-9g8zc5fJtMBqGNuWiRQ8mPhKWlMfV0c9BFAT3Nn1TYNq63ozuRo_lYAUhD3bbwtzmOPsJdwjVRJYhd4OMcx_vBI0JtbDbSspm8xG3nzsSGYK77E6JHkLe1UbNCuXpGU9tWF222GtoRjOfdq23MNc5h7H9ZJMLVQyyiqL52q__cVtRqzHPoM1pi0Tvl2f1WZ9jbDdusjx2BGc5iEu1QcA8rvn2hpEAfm_KwOCW5jVv5gFEdgrU4pEyjSCUfPUuSPhSKVJHJ5LI8SiKpUtVHpEjHUGZ5muXKERU97dJUropKpbTIZfIylhWRjZ0YJ5lqJGWmLJWpvJA_0zyJe9bLtJCl0RiyLM_yuOeyWJkW5ZAlqVSqUJZFoooUXZkX9l7VSHs5Umkiz3JpNpTJkBVSVSGLpYksUWS5Ko3zNIqHUtqVqSz7YaJfI02lY-SKPjJ7b5lkuVwep7JSnqjyKE8KeVnGeVb-7CpFWRbSMs2keZYOVS9SVdzlirwre6SUq_rLpfZeZaaQKsokHdIhi6Pku1UoVLIyUQz574rKnijkiuhbikdSKB-4LJJJVSNXFlmXFwqVtVeWquTK9EG_7lGZJaOQSb8ihaLLsqctihVRKe2yQqmKpbksLZVRXipLeZpLY2kUW8WV92hkI4mffkUhV8RlUaTF9y5TZdlQKONE-SWUR4lCpZDHea6SS-V5_h1kypGp5JGVSpky_vqUZVLko1ClaVGoPnlx2vOvWR6lcrny20oVpUqRfBmjRBrL-kh_0DRLFUViRmM0oJSLJGQWYrkR1c3hTDJ8gWAumNrvhwYU0wFVI-jpIVNWKRt1p2LIfNygixzQwiIQO7g15JIReLRoCwZ8GKAECAOSgWBAih-SgC-M-QIzR2pySSjuE3mQIHy7p8N2kAqH7_CGJO3IQn-EmomEAknZeGnmInwjC4U09JuxNypYRZPTR5F1B6lnQgmxpRalcZfpChqRnTHiaMAB0EEM9YIkHGKtvkASiESLTl-RpWhEKwpBjKGYQGwjzD3h7vCMFwew3cDi1DrYCovoz36DUSc_NCnDwpM8VEZdCfXgu5LgkHUWgc9G79GFwQ_im1WiSY9y7HfA8UN_kV0cZOddTNmUJj3quqihh0GKPpTHDyIorMCBaXcg6BZJh_Jd4vFTUbjn_qLUJ2uMnUOrcICPgzbusEAQxqTd1Y9u70MB4Udogwp-yKl00lqaS70Z2sKZ8D03EKkPUq-6yWLwn5V1AyXze_KlJbsYCbun1edWIYcvsiO3Yu_SfWmlnG9_KRgoEKtLqRT0uac_wQtc4VPX0DToPh3RNzcpkCLSE7tje53dpJo1Atsr6asU2Phff20uil9ddTNyyavuvaknlZBj0kOOLH0EDuLLyCEqjaSnQYDQVq64DjGnoug3JcbBFT4N2AQx3NSMDJg3g2yIxQF8fXioSP8EZ0F7Eh0-35vgDSHCUEg6EfkBaO_nuovAOHLWIR-UStAX0bXiGUO2K4sKBcWEMA4WNjhpP6jOB99zDjFp4IeuRIRGp1c5MO9V9pZnohg_npMyjPoFQhcG&uniformat=true&callback=Ya%5B8496381810369%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
c01c3388a0a493482e97192d0d56ee253460e3bff2d25c288712157e8e4781ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1678946904956598-16580390593069527163-sas2-0307-sas-l7-balancer-8080-BAL-8021
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:25 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:25 GMT
orig
avatars.mds.yandex.net/get-vh/6275370/2a00000180b548e8837b06ac202fe26d013d/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-vh/6275370/2a00000180b548e8837b06ac202fe26d013d/orig
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
8a5c4d85c8779b54a1c0bc1e00e0578dcff1b8a64143923403b346c62b76322d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
last-modified
Wed, 11 May 2022 22:41:35 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/jpeg
cache-control
max-age=86400,immutable
timing-allow-origin
*
content-length
74236
x-request-id
721b77c70917c76d
icon-192.png
yastatic.net/s3/games-static/favicons/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yastatic.net/s3/games-static/favicons/icon-192.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:26 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24134
last-modified
Thu, 14 Apr 2022 12:22:42 GMT
server
nginx/1.17.9
etag
"7819c957eaa80af5bf14f760d49b64a7"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
x-nginx-request-id
9db73b0a73158e1a
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:04:10 GMT
y300
avatars.mds.yandex.net/get-direct/5281630/T85GuF3dyOGr55bl5WokoQ/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5281630/T85GuF3dyOGr55bl5WokoQ/y300
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
b9d233788b43e3cb1a9886365f4fa1bfdbb8b721496aeda6c13b435559d5a522

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
last-modified
Wed, 11 Aug 2021 14:17:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
15056
x-request-id
6243002550e1fc09
02cea12995d91bd47132.js
yastatic.net/partner-code-bundles/737296/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/02cea12995d91bd47132.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34c6d86d4e8d6665b338ef0937ff960bdf0de9cfd2c65b9a7b9b371b5ec47c22
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:24 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8823
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"c7b0eb212586386d12828c0f32eabbc8"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:39:28 GMT
a43861a2d5505f0e2a09.js
yastatic.net/partner-code-bundles/737296/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/a43861a2d5505f0e2a09.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
d22d63c0b4dc2edb156457f512672b4a9e7f79a51b158804632c64304d40f808
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:24 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6692
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"f39f758ab2370dcc6fe77590a80c3169"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:39:28 GMT
8d1a43fc1f1deb2d16bd.js
yastatic.net/partner-code-bundles/737296/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/8d1a43fc1f1deb2d16bd.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
8eff75d3815e1eaccd3f2cf9bebddb26f57d0e69926e7aff2407dcd3cebaf969
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:24 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2947
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"3680188fb1388413d5f0a2759f8cd25e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:39:28 GMT
23ca9373a636015bee4b.js
yastatic.net/partner-code-bundles/737296/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/737296/23ca9373a636015bee4b.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
407ad6143bba09eefd9269f63d5ec210bdefa9678f163eed1b73bab8a9db3c17
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:24 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6687
last-modified
Tue, 14 Mar 2023 09:43:37 GMT
server
nginx/1.17.9
etag
"d0588a83535668158d8aeb290389990b"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:39:37 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame E0A5 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://1275.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Thu, 16 Mar 2023 06:08:26 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Sat, 15 Mar 2053 12:40:05 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
1K4ijCoz0Ha200000000U9nJ3ErZtRqZrTNAaF_G0eqhLd62bc6RX58OWC0J9X9wooj8ErRBHveXbH4edib_w88WIBmKnAlj11AjZ22o4yG70YQ6cOpRMfd0x8MC4b3HbOpf40R3NiRvktaPZeBvPncPWUHLHf2YkumCCWmCVnbd0RNEPGA9d6Nw3mIlc0Hg_1cJ-...
yandex.ru/an/rtbcount/ 		43 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1K4ijCoz0Ha200000000U9nJ3ErZtRqZrTNAaF_G0eqhLd62bc6RX58OWC0J9X9wooj8ErRBHveXbH4edib_w88WIBmKnAlj11AjZ22o4yG70YQ6cOpRMfd0x8MC4b3HbOpf40R3NiRvktaPZeBvPncPWUHLHf2YkumCCWmCVnbd0RNEPGA9d6Nw3mIlc0Hg_1cJ-0ynCCn8skVvxnihmryc5f2rpAn0ifTP4KXEPGPfcCiCidOba5G0sSIoaNcAeloUyBAz7IUPOJwz2bPv5qp-P7PmueSub4LDumcOjO9bMpVN1fR_CC2u0ubz08bzWUNuv-EhVwtSiapy9Wl4Qn_i7x94p9qWPp_fklrR5f075x1odcHjVS45bhx0sj3Gn7AJDNJL-ga_dZ5mVcK56TJ1ri0oWUtgd6atkhVVN6GrW-tAuU05RBzQBfxOlF_6HusLR30J3x1vd61ZViJ6w-5ZQPMPPLQMaPUTRlwI3MRtJpXh8llQ8oRFpfMzjP_5pcPkR6vaQRQ0dN45E-C6zgQ61fuTx3mdsCKViA-yzdlEnsMznur-iFCiu01wUmN73AOD7EaxE1W1KkYtIm00
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946905250464-6733421098333755251-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:25 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:25 GMT
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1275.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://1275.ru
access-control-max-age
1728000
content-encoding
gzip
date
Thu, 16 Mar 2023 06:08:26 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/1788970/ 		43 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/1788970/1?page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&cnt-class=1&hittoken=1678946904_6fec1c524c42dc5ad45aff0697866c298dc96d42fd8c45a89c65b9ee1ff3cd5e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afp%3A2035%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A3%3Adp%3A1%3Als%3A458037413024%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060825%3Aet%3A1678946905%3Ac%3A1%3Arn%3A483921467%3Arqn%3A1%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A267%2C448%2C892%2C282%2C0%2C0%2C%2C348%2C1%2C2242%2C2242%2C1%2C2241%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1678946897864%3Aadb%3A2%3Ast%3A1678946905&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(44700)aw(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:25 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:25 GMT
1788970
mc.yandex.ru/watch/ 		43 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/1788970?page-url=https%3A%2F%2F1275.ru%2Fioc%2F1513%2Falc-ransomware-iocs%2F&charset=utf-8&cnt-class=1&hittoken=1678946904_6fec1c524c42dc5ad45aff0697866c298dc96d42fd8c45a89c65b9ee1ff3cd5e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A29hzdyg3jxtu068q3vuhnr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A980%3Acn%3A3%3Adp%3A1%3Als%3A458037413024%3Ahid%3A33409291%3Az%3A0%3Ai%3A20230316060825%3Aet%3A1678946905%3Ac%3A1%3Arn%3A809776650%3Arqn%3A2%3Au%3A1678946901110684103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1678946897864%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1678946905%3At%3AALC%20Ransomware%20IOCs%20-%20SEC-1275-1&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(44700)aw(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:25 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:25 GMT
loader.bundle.js
yastatic.net/vas-bundles/732449/bundles-es2017/ 		680 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/737296/02cea12995d91bd47132.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
5fda8631625f6640514798fcc2d5238f0b754c44652c177cc673ed4ba5353f05
Security Headers
Name Value
Strict-Transport-Security max-age=946708560; includeSubDomains;

Request headers

Referer
https://1275.ru/
Origin
https://1275.ru
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
content-encoding
br
strict-transport-security
max-age=946708560; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
175177
last-modified
Fri, 03 Mar 2023 20:15:46 GMT
server
nginx/1.17.9
etag
"699122b5f3cceef8f9488923a491e778"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 15 Mar 2053 12:43:37 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1275.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://1275.ru
access-control-max-age
1728000
content-encoding
gzip
date
Thu, 16 Mar 2023 06:08:26 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT
x450
avatars.mds.yandex.net/get-direct/5281630/T85GuF3dyOGr55bl5WokoQ/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5281630/T85GuF3dyOGr55bl5WokoQ/x450
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
9551054109ecc749a675313a297c7c00216708739166116c501a5b01ccb1a268

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:25 GMT
last-modified
Wed, 11 Aug 2021 14:17:19 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
23992
x-request-id
cbd2f1cc3531e54d
log
log.strm.yandex.ru/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?PCODE=pcode_737296&event=INIT_SD_CLIENT_CODE_IN_CONSTRUCTOR_ERROR
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.251.15 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1275.ru
access-control-expose-headers
Date
date
Thu, 16 Mar 2023 06:08:26 GMT
access-control-allow-credentials
true
timing-allow-origin
https://1275.ru
content-length
0
x-request-id
1678946906488936-3919448205960754750
39370120
mc.yandex.ru/watch/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/39370120?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:25 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Mar-2023 06:08:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:25 GMT
log
log.strm.yandex.ru/ 		0
199 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=732449&event=PrioritiseMediaFiles
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.251.15 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1275.ru
access-control-expose-headers
Date
date
Thu, 16 Mar 2023 06:08:27 GMT
access-control-allow-credentials
true
timing-allow-origin
https://1275.ru
content-length
0
x-request-id
1678946906814213-17115179442824347246
VP8_426_240_500.webm
ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/
Redirect Chain
  • https://strm.yandex.ru/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1...
  • https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66...
1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&noredir=1&lid=1529
Protocol
H2
Server
185.70.202.8 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software
nginx /
Resource Hash
21e7c1a04f6747b3bc0f52d0da9ee68ba86e33bf0fb0302a074bebd1b253d8d7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-server-time-ms
1678946908445
date
Thu, 16 Mar 2023 06:08:28 GMT
x-amz-version-id
null
x-estimated-bandwidth
159344
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
Content-Range
bytes 0-1096167/1096168
x_h
strm-ams06.strm.yandex.net
x-strm-request-id
94cce604eb8f3cc3
x-connection-id
561762742
Content-Length
1096168
x-request-id
94cce604eb8f3cc3
x-estimated-rtt
282029
last-modified
Wed, 11 May 2022 22:41:46 GMT
server
nginx
etag
"b2df9bd759671dbce3ece1c05d6fd047"
x-strm-log-split
2
content-type
video/webm
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control
max-age=300
access-control-allow-credentials
true
x-robots-tag
noindex, noarchive, nofollow
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires
Thu, 16 Mar 2023 06:13:28 GMT

Redirect headers

date
Thu, 16 Mar 2023 06:08:26 GMT
nel
{"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
x-strm-request-id
d6c4887795393665
x_h
strm-anycast-ru-net-production-8.vla.yp-c.yandex.net
content-length
0
x-request-id
d6c4887795393665
server
nginx
x-strm-log-split
7
report-to
{"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
location
https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/4707711999591780230/f8f34ebf-5bd632c4-89690639-390ded24/webm/VP8_426_240_500.webm?vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&noredir=1&lid=1529
access-control-expose-headers
Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
cache-control
no-cache
access-control-allow-credentials
true
x-plg
host=strm-plgo-production-275.sas.yp-c.yandex.net; version=11055397
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
expires
Thu, 01 Jan 1970 00:00:01 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame E0A5 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
87.250.250.114 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
ysa-static.passport.yandex.net
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 06:08:27 GMT
Strict-Transport-Security
max-age=315360000; includeSubDomains
Server
nginx/1.14.2
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Fri, 17 Mar 2023 06:08:27 GMT
f21b03b046541740ac215b
an.yandex.ru/mapuid/arcspireis/ Frame E0A5
Redirect Chain
  • https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
  • https://an.yandex.ru/mapuid/arcspireis/f21b03b046541740ac215b
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/arcspireis/f21b03b046541740ac215b
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/arcspireis/f21b03b046541740ac215b
date
Thu, 16 Mar 2023 06:08:26 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
0A0909B05BB212644704C1B9025C6F6F
an.yandex.ru/mapuid/sapeis/ Frame E0A5
Redirect Chain
  • https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
  • https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
  • https://acint.net/rmatch?dp=14&euid=1D03420A5DB21264ED00DC4102D07B54&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
  • https://an.yandex.ru/mapuid/sapeis/0A0909B05BB212644704C1B9025C6F6F
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/sapeis/0A0909B05BB212644704C1B9025C6F6F
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:29 GMT

Redirect headers

date
Thu, 16 Mar 2023 06:08:29 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://an.yandex.ru/mapuid/sapeis/0A0909B05BB212644704C1B9025C6F6F
content-type
text/html
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
13008e1d-5bc9-544b-b704-ca41d316781b
an.yandex.ru/mapuid/betweendigitalis/ Frame E0A5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/13008e1d-5bc9-544b-b704-ca41d316781b
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/13008e1d-5bc9-544b-b704-ca41d316781b
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/13008e1d-5bc9-544b-b704-ca41d316781b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
demconf.jpg
dpm.demdex.net/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/adobedmp/
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=9EA2D93F0233AEEB
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9EA2D93F0233AEEB
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9EA2D93F0233AEEB
Protocol
HTTP/1.1
Server
13.230.123.188 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-123-188.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v043-037230f2c.edge-tyo3.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8xgjqYUET9k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-tyo3-2-v043-0ac48b3d0.edge-tyo3.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1mARQIMTQEc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9EA2D93F0233AEEB
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
match.360yield.com/ul_cb/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/azerionis/
  • https://match.360yield.com/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect
  • https://match.360yield.com/ul_cb/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/ul_cb/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect
Protocol
H2
Server
52.74.90.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-90-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 06:08:27 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://match.360yield.com/ul_cb/match?external_user_id=B0F0CCBC65F90B9E&publisher_dsp_id=429&publisher_call_type=redirect
date
Thu, 16 Mar 2023 06:08:26 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
yandex.ru/an/mapuid/behaviorx/ Frame E0A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/behaviorx/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
match
ads.betweendigital.com/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/betweenx/
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5291EA53B494B0EE
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5291EA53B494B0EE&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=5291EA53B494B0EE&crf=1
Protocol
H2
Server
203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=161&external_user_id=5291EA53B494B0EE&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
pixel
im.bluevoox.com/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/blueseaxcom/
  • https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=5E4FC251AEAE8E9F
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=5E4FC251AEAE8E9F
Protocol
HTTP/1.1
Server
52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-175-185.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Connection
close
Date
Thu, 16 Mar 2023 06:08:27 GMT
Server
openresty

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906435355-5039793569109526747-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=5E4FC251AEAE8E9F
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
/
yandex.ru/an/mapuid/eplanningrtb/ Frame E0A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/eplanningrtb/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906435900-661583139649653071-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
pixel
cm.g.doubleclick.net/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906436185-17596744913860440327-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
pixel
cm.g.doubleclick.net/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
Protocol
H2
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906436430-17751979269383134411-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=FF26300E552F64A8&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
sync
t.adx.opera.com/ Frame E0A5
Redirect Chain
  • https://yandex.ru/an/mapuid/operacom/
  • https://t.adx.opera.com/sync?vendor=60143&uid=F3D8335DFEFF061
35 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60143&uid=F3D8335DFEFF061
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906436664-11089173001257732975-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://t.adx.opera.com/sync?vendor=60143&uid=F3D8335DFEFF061
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
/
yandex.ru/an/mapuid/xapadsssp/ Frame E0A5 		43 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/an/mapuid/xapadsssp/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified
Thu, 16 Mar 2023 06:08:26 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946906727806-15149847070994368380-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:26 GMT
7b7ff066cb2985834a1a109a5ea7e0a59493a8d0ea799a96481c3063f235fd17
an.yandex.ru/mapuid/mediascope/ Frame E0A5
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/7b7ff066cb2985834a1a109a5ea7e0a59493a8d0ea799a96481c3063f235fd17
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/7b7ff066cb2985834a1a109a5ea7e0a59493a8d0ea799a96481c3063f235fd17
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
server
ms-counter-4.0.4/1.22.1
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/7b7ff066cb2985834a1a109a5ea7e0a59493a8d0ea799a96481c3063f235fd17
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
e6800117184a74d54143
an.yandex.ru/mapuid/targetixis/ Frame E0A5
Redirect Chain
  • https://dm.hybrid.ai/match?id=182
  • https://an.yandex.ru/mapuid/targetixis/e6800117184a74d54143
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetixis/e6800117184a74d54143
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://an.yandex.ru/mapuid/targetixis/e6800117184a74d54143
access-control-allow-origin
https://yastatic.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
125
content-length
0
x-xss-protection
1; mode=block
expires
-1
031300bd442654554540
an.yandex.ru/mapuid/dmphybridai/ Frame E0A5
Redirect Chain
  • https://dm.hybrid.ai/yandexdmp-match
  • https://an.yandex.ru/mapuid/dmphybridai/031300bd442654554540?sign=2481009214
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmphybridai/031300bd442654554540?sign=2481009214
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:26 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://an.yandex.ru/mapuid/dmphybridai/031300bd442654554540?sign=2481009214
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
126
content-length
0
x-xss-protection
1; mode=block
expires
-1
xbE-FFMNb3cJnGW7C3pP
an.yandex.ru/mapuid/dmpamberdata/ Frame E0A5
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1678946902
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1678946906998&i=1678946902
  • https://an.yandex.ru/mapuid/dmpamberdata/xbE-FFMNb3cJnGW7C3pP
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/xbE-FFMNb3cJnGW7C3pP
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

Date
Thu, 16 Mar 2023 06:08:27 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
Server
nginx
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
12
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://an.yandex.ru/mapuid/dmpamberdata/xbE-FFMNb3cJnGW7C3pP
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
match
match.360yield.com/ Frame E0A5
Redirect Chain
  • https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
  • https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
  • https://an.yandex.ru/mapuid/azerionis/5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67
  • https://match.360yield.com/match?external_user_id=5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67&publisher_dsp_id=429&publisher_call_type=redirect
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match?external_user_id=5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67&publisher_dsp_id=429&publisher_call_type=redirect
Protocol
H2
Server
52.74.90.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-90-199.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 06:08:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:28 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://match.360yield.com/match?external_user_id=5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67&publisher_dsp_id=429&publisher_call_type=redirect
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:28 GMT
9318f69c-f2f1-4d19-4668-823de6b75f3b
an.yandex.ru/mapuid/buzzooladspis/ Frame E0A5
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/9318f69c-f2f1-4d19-4668-823de6b75f3b
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/9318f69c-f2f1-4d19-4668-823de6b75f3b
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:27 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/9318f69c-f2f1-4d19-4668-823de6b75f3b
date
Thu, 16 Mar 2023 06:08:26 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
em
sm.rtb.mts.ru/ Frame E0A5
Redirect Chain
  • https://kimberlite.io/rtb/sync/yandex
  • https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadsp...
  • https://kimberlite.io/rtb/sync/buzzoola?u=8f2e9901-8273-4119-6a66-be92627b62be&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBKyXJxH12Y&n=1
  • https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZBKyXJxH12Y
  • https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZBKyXJxH12Y
  • https://tech.rtb.mts.ru/?dsp_uid=c10091fb-3069-4832-9ca5-e82198c2fd79&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FwQCR-zBpSDKcpeghmML9eQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
  • https://an.yandex.ru/setud/mts_banner/wQCR-zBpSDKcpeghmML9eQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=140574055
  • https://sm.rtb.mts.ru/em?next=59&em=0
0
0
/
an.yandex.ru/mapuid/targetrtbis/ Frame E0A5
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:28 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:28 GMT

Redirect headers

Date
Thu, 16 Mar 2023 06:08:28 GMT
Server
nginx/1.22.1
Vary
Origin
Access-Control-Allow-Origin
*
Location
https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
mitdmp.whiteboxdigital.ru/ Frame E0A5 		0
0
62c8ed60-43fa-4614-89a0-8442543b2116
an.yandex.ru/mapuid/hyperdspis/ Frame E0A5
Redirect Chain
  • https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
  • https://an.yandex.ru/mapuid/hyperdspis/62c8ed60-43fa-4614-89a0-8442543b2116
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/hyperdspis/62c8ed60-43fa-4614-89a0-8442543b2116
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:29 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/hyperdspis/62c8ed60-43fa-4614-89a0-8442543b2116
Access-Control-Allow-Origin
*
Date
Thu, 16 Mar 2023 06:08:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
/
an.yandex.ru/mapuid/ramblerssp/ Frame E0A5
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:29 GMT

Redirect headers

date
Thu, 16 Mar 2023 06:08:28 GMT
strict-transport-security
max-age=0
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/
content-type
application/x-javascript; charset=Windows-1251
x-passed
1bal2
content-length
0
5CDWWxEQY1X.AikABlGG6Qi6Jw
an.yandex.ru/mapuid/getintentis/ Frame E0A5
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/5CDWWxEQY1X.AikABlGG6Qi6Jw
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/getintentis/5CDWWxEQY1X.AikABlGG6Qi6Jw
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:29 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
server
nginx
x-backend-id
f1-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://an.yandex.ru/mapuid/getintentis/5CDWWxEQY1X.AikABlGG6Qi6Jw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
DGAbw.
an.yandex.ru/mapuid/dmpweborama/MCv0InYV6uwChNA/ Frame E0A5
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1084006634
  • https://an.yandex.ru/mapuid/dmpweborama/MCv0InYV6uwChNA/DGAbw.
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpweborama/MCv0InYV6uwChNA/DGAbw.
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:28 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:27 GMT
via
1.1 google
last-modified
Thu, 16 Mar 2023 06:08:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://an.yandex.ru/mapuid/dmpweborama/MCv0InYV6uwChNA/DGAbw.
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
y
rtb-eu-warsaw.intent.ai/um/ Frame E0A5 		68 B
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-eu-warsaw.intent.ai/um/y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:29 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
68
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTcXyR9RpogA9%2BeoULOtCD2Ngw70gvjJtFQ7mQv%2B%2BeGs0ht3Rw81ioxWxw9CRIacgt9Y53V1x%2FjbTbLIKYRMOirFzV5MKf757q7ISlNt4XSfV0dPy%2F52A7JU2pU027t3tpWnVzqRevvh"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
cf-ray
7a8ad262ce19f5d8-NRT
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Wed, 11 Nov 1998 11:11:11 GMT
RTcrQFCHPLQBAs1OHbWe
an.yandex.ru/mapuid/kadamis/ Frame E0A5
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/RTcrQFCHPLQBAs1OHbWe
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/RTcrQFCHPLQBAs1OHbWe
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:29 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/RTcrQFCHPLQBAs1OHbWe
date
Thu, 16 Mar 2023 06:08:29 GMT
server
nginx/1.19.0
content-length
0
c1e763a0-4a0a-449b-b4fb-53036eb7e260
an.yandex.ru/mapuid/mtsdspis/ Frame E0A5
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
  • https://tech.rtb.mts.ru/?dsp_uid=c1e763a0-4a0a-449b-b4fb-53036eb7e260&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fc1e763a0-4a0a-449b-b4fb-53036eb7e260
  • https://an.yandex.ru/mapuid/mtsdspis/c1e763a0-4a0a-449b-b4fb-53036eb7e260
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mtsdspis/c1e763a0-4a0a-449b-b4fb-53036eb7e260
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:31 GMT

Redirect headers

Date
Thu, 16 Mar 2023 06:08:30 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/c1e763a0-4a0a-449b-b4fb-53036eb7e260
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame E0A5
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=c86e8b19deca49d797f6c74eb2c255ce
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=c86e8b19deca49d797f6c74eb2c255ce
0
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=c86e8b19deca49d797f6c74eb2c255ce
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
mode
no-cors
server
nginx/1.20.1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=c86e8b19deca49d797f6c74eb2c255ce
Date
Thu, 16 Mar 2023 06:08:31 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Connection
keep-alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame E0A5 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 06:08:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame E0A5 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 16 Mar 2023 06:08:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
pixel.gif
sync.1dmp.io/ Frame E0A5 		12 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:30 GMT
last-modified
Mon, 30 Jan 2023 18:57:34 GMT
server
elb
accept-ranges
bytes
etag
"63d8131e-c"
content-length
12
content-type
text/html
/
sync.bumlam.com/ Frame E0A5 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=yandex
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 16 Mar 2023 06:08:30 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
yandexortb
sync.dmp.otm-r.com/match/ Frame E0A5 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Mar 2023 06:08:30 GMT
server
nginx/1.17.6
NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame E0A5
Redirect Chain
  • https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
  • https://sync.gonet-ads.com/match/yandex?id=%5BbuyerUid%5D&chk=1
  • https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
0
0
225e05f5-9cf5-4a40-a2ca-16dd01064be4
an.yandex.ru/mapuid/upravelis/ Frame E0A5
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/225e05f5-9cf5-4a40-a2ca-16dd01064be4
0
0
8Ungx4RPPTpvYBemQ4t51g
an.yandex.ru/mapuid/dmpaidatame/ Frame E0A5
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/8Ungx4RPPTpvYBemQ4t51g?sign=1190988194
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/8Ungx4RPPTpvYBemQ4t51g?sign=1190988194
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:31 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
last-modified
Thu, 16 Mar 2023 06:08:30 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/8Ungx4RPPTpvYBemQ4t51g?sign=1190988194
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 16 Mar 2023 06:08:30 GMT
Q9_8Bz2sxl2W
an.yandex.ru/mapuid/dmpsegmento/ Frame E0A5
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/Q9_8Bz2sxl2W?sign=1196239771
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/Q9_8Bz2sxl2W?sign=1196239771
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:31 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/Q9_8Bz2sxl2W?sign=1196239771
Date
Thu, 16 Mar 2023 06:08:31 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pg4ShOfz36mo
an.yandex.ru/mapuid/rutargetis/ Frame E0A5
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/pg4ShOfz36mo
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/pg4ShOfz36mo
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 16 Mar 2023 06:08:31 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/pg4ShOfz36mo
Date
Thu, 16 Mar 2023 06:08:31 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame E0A5 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: 1275.ru
URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:26 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
dbe3350357ff916b
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:04:09 GMT
1KKKL4Yx0Ha200000000U9nJ3ErZtRqZrTNAaF_G0eqhLd62bc6RX58OWC0J9X9wooj8ErRBHveXbH4edib_w88WIBmKnAlj11AjZ22o4yG70YQ6cOpRMfd0x8MC4b3HbOpf40R3NiRvktaPZeBvPnb1qbV1v5r61Xa6Xh-Ciu1QvpA1HCuo_GU2Lqm2DVwCIVo76...
yandex.ru/an/rtbcount/ 		43 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1KKKL4Yx0Ha200000000U9nJ3ErZtRqZrTNAaF_G0eqhLd62bc6RX58OWC0J9X9wooj8ErRBHveXbH4edib_w88WIBmKnAlj11AjZ22o4yG70YQ6cOpRMfd0x8MC4b3HbOpf40R3NiRvktaPZeBvPnb1qbV1v5r61Xa6Xh-Ciu1QvpA1HCuo_GU2Lqm2DVwCIVo761Xc9Etp_FUDbU4l4ml8McPM8DdBh0WafpA3DCnb1bcx4aWgW6nYsSWyHL5-JtZPtewJp32VNWMhl0icVp8xEF537CgYfl44p5h1igsRQmFBVnXWt874Fe34li1o_FFnrRzMRbacVfC5uhKFzWzP8kPEaBEVTDt-BGl8WmjOEK-ojhxW0ajVO6reQ6AvoHgwQltK7yyOEB-oWWpgO6jWcS1sTSwq6ztRRowoci5svN3m0hPVBHTFRDv_uwF6IZQOYGVOF4wmCJzYu_NmiRJAp38hoyZBJZT_oGQp-oUSDP5zxH6JP-VAtjhFOcSpDpOtiZHRmCwuWfrn0tjJGmFF3dQU4-pY3zXNNlizv-EotkD6FzXv5d00lRs2OmRJ1exq7HoC04-wjqa0?confirmTime=2101000&confirmRatio=1000000&test-tag=8796093022210&format-type=118&actual-format=14&rnd=7787369886407&pcode-active-testids=733958%2C0%2C87&banner-sizes=eyI3MjA1NzYwNzU0Mzk1NjQyMSI6IjMwMHg0NTUifQ%3D%3D&width=300&height=455
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946907354883-6911919612164455136-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:27 GMT
watch.js
mc.yandex.ru/metrika/ Frame E0A5 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c9ec4e491e17ada22ac48df6f31f0baab1bd3352382b2c0b967072cc6a359b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 10:05:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6406e24d-e32d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58157
expires
Thu, 16 Mar 2023 07:08:27 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame E0A5 		403 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2F1275.ru%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
23b32cb7df1d64055c9842408be2a40f8249c944e47a083ca2eb842fe8285073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1678946907648656-3534861933101016535-sas2-0307-sas-l7-balancer-8080-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
WP0ejI_zO0W1DGm0n1GhKahQlywbN0K0208GW8200J5MiX9a000003ZKiDe1Y081kG8MTakyLyLa4V02_V7Es802y0K1e0QI0ia6LOu5kxXbHJgf1m_2q17KEbuH-0S1q0Y2W8200dnF0M8FmW00c6A-IVxsy0i6u0s2W821W820Y0IO3jMSbjYBjzcYEgWFZuI3n...
yandex.ru/an/count/ 		43 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/count/WP0ejI_zO0W1DGm0n1GhKahQlywbN0K0208GW8200J5MiX9a000003ZKiDe1Y081kG8MTakyLyLa4V02_V7Es802y0K1e0QI0ia6LOu5kxXbHJgf1m_2q17KEbuH-0S1q0Y2W8200dnF0M8FmW00c6A-IVxsy0i6u0s2W821W820Y0IO3jMSbjYBjzcYEgWFZuI3nSBQZgyHa121t9-IzuZAp1RHlD92u1G1y1N1YlRieu-y_6EO5f3kXg06e1QGdQ6W1iaMy3_O5e4Ng1S9q1WX-1Y2oxRypvZkn6I06OaPXUYm6RWP____0S0PrTI-hOdVkO09qXaIUM5YSrzpPN9sPN8lSZSvE2qnw1ci0l0PWC83c1hKmrEm6qYu6mE270r8J3awQMesTcXkQsStwHo07Vz_y1y1-1y1W222W80CY20Cq27___y1rIB__t__WIC00000003mFn40TqROC3V5yKXK80D7hM377IGJIi0X3V1ADfeOtBtcIEgZ2716AfUmTWxb9AevAf8qYXFJa61G~1=WQmejI_zOCy05Gq0X1Shpt29pm6UYvFbiQR_gTG1W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG7e0LQW0exwXG6m0xq6Y0Nre0AG1PgMo0Ym1OlObWAu1OlObWB01V3fXWJ81U_pWm7G1OVIPgW6aWAf1m_2q17KEbuHk0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDwUGlmR2GWW6O4TYbBA6vg1F7yyUh-gcqfXU05820WWJG5EJal7le58m2c1QGxeQW1g0Ma9sXe0R95l0_q1QyeDw-0PWNbxMqBBWN0S0NjTO1e1cI0hWP____0O4Q___l44LJ0fce7W6m7m787wlNjLUf88il6J6I0lq_k23OfIoG8jUbB90YsAKia2B2g2oG8eFbB90YXEKia2A9vIpL8l__V_-18uaZcfcPcPcPsJ-G8v-K-wheu_21KPWZd-_4pfJufiiN2m3F7YGcleQRDJ5AnN3OZhcmtBnixdL9mZTdjrMbj8l8ztsu60mMHG00~1?stat-id=1&test-tag=3386495813605905&banner-sizes=eyI3MjA1NzYwNzU0Mzk1NjQyMSI6IjMwMHg0NTUifQ%3D%3D&format-type=118&actual-format=14&pcodever=737296&banner-test-tags=eyI3MjA1NzYwNzU0Mzk1NjQyMSI6IjU4MTY4MSJ9&order-banners-options=eyI3MjA1NzYwNzU0Mzk1NjQyMSI6MjA0OH0&constructor-rendered-assets=eyI3MjA1NzYwNzU0Mzk1NjQyMSI6MzU5N30&pcode-active-testids=733958%2C0%2C87&width=300&height=455&confirmTime=2101000&confirmRatio=1000000&wmode=0
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Mar 2023 06:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946907649079-8406907175488564354-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:27 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:27 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame E0A5 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
98df1cc09a1f20f675a8fcb7dd4ffdc00c2d8fc6fa19a51b4e27a26f91dc8d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15853
x-xss-protection
0
server
cafe
etag
8516293023861176791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:30 GMT
/
www.google.co.jp/pagead/1p-user-list/1014923426/ Frame E0A5
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=X7ISZJEnhIfzA9KbtYgL&r...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594
  • https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594&ipr=y
Protocol
H2
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1614421062&crd=&is_vtc=1&random=3727246594&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/1014923426/ Frame E0A5
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=X7ISZPwsh772BbGXivAG&r...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860
  • https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860&ipr=y
Protocol
H2
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1527367247&crd=&is_vtc=1&random=2055885860&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.ru/watch/ Frame E0A5 		256 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2F1275.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A391833024650%3Ahid%3A728087171%3Az%3A0%3Ai%3A20230316060828%3Aet%3A1678946908%3Ac%3A1%3Arn%3A170342747%3Arqn%3A1%3Au%3A1678946908291149918%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C848%2C547%2C18%2C0%2C0%2C%2C4%2C0%2C1419%2C1419%2C0%2C1418%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946904858%3Ast%3A1678946908&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
93bf71f3914280bb53b535232e855cd63f867829ef1a98589414ff316ab90949
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 16-Mar-2023 06:08:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
256
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:28 GMT
advert.gif
mc.yandex.ru/metrika/ Frame E0A5 		43 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:28 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Mar 2023 10:05:49 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6406e24d-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 16 Mar 2023 07:08:28 GMT
37412095
mc.yandex.ru/watch/ Frame E0A5 		439 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2F1275.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9mq8p6pryfnbab%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A2%3Adp%3A1%3Als%3A103117413269%3Ahid%3A728087171%3Aphid%3A33409291%3Az%3A0%3Ai%3A20230316060828%3Aet%3A1678946908%3Ac%3A1%3Arn%3A609976309%3Arqn%3A1%3Au%3A1678946908291149918%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C848%2C547%2C18%2C0%2C0%2C%2C4%2C0%2C1419%2C1419%2C0%2C1418%3Aco%3A0%3Acpf%3A1%3Ans%3A1678946904858%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678946909%3At%3A&t=gdpr(8-0)clc(0-0-0)rqnt(1)lt(6100)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
2d502a1bfe58d27ad4aa2be0575d5dcfd48f224dbe9fdd380957b3ce631b49d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 16-Mar-2023 06:08:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
439
x-xss-protection
1; mode=block
expires
Thu, 16-Mar-2023 06:08:28 GMT
WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05Y...
yandex.ru/an/tracking/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05YzYM0hW5YzYM0i05yEc61CW5x_E30U05CA06aWAe1f82oGPLZWMxk6L5Ega73yBG4TGwNX6u1u05Y821me201kW9791VOFwI041yJm5Y3y8009XYlad-zWK0y0i6u0s2W821W820Y0JLd9ROYxVPeZgW3i24FQWFZuI3nSBQZgyHW12hbTudmR2GWW6O4TYbBA6vFy4HAjprfpw8BPI05820WWIe5BcflmV05838phGDo1G4q1JavBnxs1JivBoV1k0K0TWMWToValU8oimMWHVmFvWNbxMqBD0Nq8O3s1UMdpxG627u6C6AzkoZZxpyOu0Pk1e3WXmDI4mvEcbgDdPeRcjdD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VgvNU9x0V0SWVgzUrLz8V1ZSpDp8vDk0W1j0X____0TKY__z__u4ZYIEQcPcPcPdPFmy0LI39LqU166cJGAvS2XcaOjW0Pautz6Jp249chmkN-GHnR0cC8U-7UNbIvnAWIPQnCm00~1?action-id=11&adsdk-bundle-version=732449&adsdk-bundle-name=AdLoader&ad-session-id=9853161678946902420&vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&client-ts=1678946909188&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=732449%2C0%2C95%3B733958%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A304%2C%22height%22%3A171%2C%22w%22%3A304%2C%22h%22%3A171%2C%22left%22%3A1048%2C%22top%22%3A148%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946909342089-6794010189210692414-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:29 GMT
WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05Y...
yandex.ru/an/tracking/ 		0
109 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05YzYM0hW5YzYM0i05yEc61CW5x_E30U05CA06aWAe1f82oGPLZWMxk6L5Ega73yBG4TGwNX6u1u05Y821me201kW9791VOFwI041yJm5Y3y8009XYlad-zWK0y0i6u0s2W821W820Y0JLd9ROYxVPeZgW3i24FQWFZuI3nSBQZgyHW12hbTudmR2GWW6O4TYbBA6vFy4HAjprfpw8BPI05820WWIe5BcflmV05838phGDo1G4q1JavBnxs1JivBoV1k0K0TWMWToValU8oimMWHVmFvWNbxMqBD0Nq8O3s1UMdpxG627u6C6AzkoZZxpyOu0Pk1e3WXmDI4mvEcbgDdPeRcjdD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VgvNU9x0V0SWVgzUrLz8V1ZSpDp8vDk0W1j0X____0TKY__z__u4ZYIEQcPcPcPdPFmy0LI39LqU166cJGAvS2XcaOjW0Pautz6Jp249chmkN-GHnR0cC8U-7UNbIvnAWIPQnCm00~1?action-id=0&adsdk-bundle-version=732449&adsdk-bundle-name=AdLoader&ad-session-id=9853161678946902420&vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&client-ts=1678946909191&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=732449%2C0%2C95%3B733958%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1120306530%3B0%3Bf7612b38aaafbdcf%3B1251502429344678415%3B0%3B1788970%3B1%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A304%2C%22height%22%3A171%2C%22w%22%3A304%2C%22h%22%3A171%2C%22left%22%3A1048%2C%22top%22%3A148%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946909636223-14627834789447988048-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:29 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:29 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E0A5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678946910977&cv=9&fst=1678946910977&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
0251d37e6e2c23335eb9c1c47f36653651991eaad442c16baeadcb40e9be1e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E0A5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678946910984&cv=9&fst=1678946910984&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
1e03abdc9b6f91a7b28a47732902e2a5780c15f774b10436852d6558d3f129bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1382
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame E0A5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1678946910989&cv=9&fst=1678946910989&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4d603a10e8a765c741e0edb1b3241c85529afffd66ee27d2e089999fa6831c11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame E0A5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1678946910991&cv=9&fst=1678946910991&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
72f47ad7fecfcf7f0e12d5683cb1592c9d7ff8ed7e571d81c9b887bbb99df828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1390
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05Y...
yandex.ru/an/tracking/ 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05YzYM0hW5YzYM0i05yEc61CW5x_E30U05CA06aWAe1f82oGPLZWMxk6L5Ega73yBG4TGwNX6u1u05Y821me201kW9791VOFwI041yJm5Y3y8009XYlad-zWK0y0i6u0s2W821W820Y0JLd9ROYxVPeZgW3i24FQWFZuI3nSBQZgyHW12hbTudmR2GWW6O4TYbBA6vFy4HAjprfpw8BPI05820WWIe5BcflmV05838phGDo1G4q1JavBnxs1JivBoV1k0K0TWMWToValU8oimMWHVmFvWNbxMqBD0Nq8O3s1UMdpxG627u6C6AzkoZZxpyOu0Pk1e3WXmDI4mvEcbgDdPeRcjdD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VgvNU9x0V0SWVgzUrLz8V1ZSpDp8vDk0W1j0X____0TKY__z__u4ZYIEQcPcPcPdPFmy0LI39LqU166cJGAvS2XcaOjW0Pautz6Jp249chmkN-GHnR0cC8U-7UNbIvnAWIPQnCm00~1?action-id=14&adsdk-bundle-version=732449&adsdk-bundle-name=AdLoader&ad-session-id=9853161678946902420&vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&client-ts=1678946911196&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=732449%2C0%2C95%3B733958%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A304%2C%22height%22%3A171%2C%22w%22%3A304%2C%22h%22%3A171%2C%22left%22%3A1048%2C%22top%22%3A148%2C%22visible%22%3A1%2C%22req_no%22%3A2%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946911346671-5395613017358649130-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:31 GMT
log
log.strm.yandex.ru/ 		0
69 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.strm.yandex.ru/log?VAS=732449&event=VastTracking_impression
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.251.15 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
log.strm.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1275.ru/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1275.ru
access-control-expose-headers
Date
date
Thu, 16 Mar 2023 06:08:31 GMT
access-control-allow-credentials
true
timing-allow-origin
https://1275.ru
content-length
0
x-request-id
1678946911360775-6638356433309254131
WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05Y...
yandex.ru/an/tracking/ 		0
107 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/tracking/WX8ejI_zO4i1HH00D1q000001nKaw0K0Im8nLh8IP000000urB3Q0M2y26W4W06QrhtivjQqc-01Y07qyzw-eG6G0OgFhT3aW8200fW1Ye-jq6Iu0U3he9ycs07Mhkkk0U01bfMlcG6W0exwXG600kW4lGRu19gMo0Y81VMW0f05cfR82A05mBRE0gW5YzYM0h05YzYM0hW5YzYM0i05yEc61CW5x_E30U05CA06aWAe1f82oGPLZWMxk6L5Ega73yBG4TGwNX6u1u05Y821me201kW9791VOFwI041yJm5Y3y8009XYlad-zWK0y0i6u0s2W821W820Y0JLd9ROYxVPeZgW3i24FQWFZuI3nSBQZgyHW12hbTudmR2GWW6O4TYbBA6vFy4HAjprfpw8BPI05820WWIe5BcflmV05838phGDo1G4q1JavBnxs1JivBoV1k0K0TWMWToValU8oimMWHVmFvWNbxMqBD0Nq8O3s1UMdpxG627u6C6AzkoZZxpyOu0Pk1e3WXmDI4mvEcbgDdPeRcjdD-aSW1r_q1wWujhrgVYNW5_O7lhQ7g0VgvNU9x0V0SWVgzUrLz8V1ZSpDp8vDk0W1j0X____0TKY__z__u4ZYIEQcPcPcPdPFmy0LI39LqU166cJGAvS2XcaOjW0Pautz6Jp249chmkN-GHnR0cC8U-7UNbIvnAWIPQnCm00~1?action-id=13&adsdk-bundle-version=732449&adsdk-bundle-name=AdLoader&ad-session-id=9853161678946902420&vsid=1be6bba017902b44dd295d1602d9726d3269b66e9c7axVASx7296x1678946902&top-ancestor=https%3A%2F%2F1275.ru&top-ancestor-undetermined=0&client-ts=1678946911198&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=732449%2C0%2C95%3B733958%2C0%2C87&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1120306530%3B0%3Bf7612b38aaafbdcf%3B1251502429344678415%3B0%3B1788970%3B1%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22width%22%3A304%2C%22height%22%3A171%2C%22w%22%3A304%2C%22h%22%3A171%2C%22left%22%3A1048%2C%22top%22%3A148%2C%22visible%22%3A1%2C%22req_no%22%3A3%7D
Requested by
Host: yastatic.net
URL: https://yastatic.net/vas-bundles/732449/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.55.60 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://1275.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 06:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1678946911645628-394783763652391622-sas2-0307-sas-l7-balancer-8080-BAL
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 16 Mar 2023 06:08:31 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
access-control-allow-origin
https://1275.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 16 Mar 2023 06:08:31 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1678946910977&cv=9&fst=1678946400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=1385750798&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.36 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/947884341/ Frame E0A5 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/947884341/?random=1678946910977&cv=9&fst=1678946400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=1385750798&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame E0A5 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1678946910984&cv=9&fst=1678946400000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=2679602220&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.36 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/693627671/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/693627671/?random=1678946910984&cv=9&fst=1678946400000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=2679602220&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1678946910991&cv=9&fst=1678946400000&num=1&guid=ON&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=2183457013&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.36 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/693627671/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/693627671/?random=1678946910991&cv=9&fst=1678946400000&num=1&guid=ON&eid=376635470%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=2183457013&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1678946910989&cv=9&fst=1678946400000&num=1&guid=ON&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=1217796700&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.36 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.jp/pagead/1p-user-list/947884341/ Frame E0A5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/947884341/?random=1678946910989&cv=9&fst=1678946400000&num=1&guid=ON&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2F1275.ru%2F&async=1&fmt=3&is_vtc=1&random=1217796700&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Mar 2023 06:08:31 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sm.rtb.mts.ru
URL
https://sm.rtb.mts.ru/em?next=59&em=0
Domain
mitdmp.whiteboxdigital.ru
URL
https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
Domain
an.yandex.ru
URL
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
Domain
an.yandex.ru
URL
https://an.yandex.ru/mapuid/upravelis/225e05f5-9cf5-4a40-a2ca-16dd01064be4

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| __cfQR function| apbct_attach_event_handler__backend function| _nslDOMReady function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _toPropertyKey function| _toPrimitive function| ApbctCore function| apbct function| ApbctXhr function| ApbctAjax function| ApbctRest function| ctSetCookie function| ctDetectForcedAltCookiesForms function| ctSetAlternativeCookie function| ctGetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST function| apbctGenerateUniqueID object| apbctLocalStorage object| apbctSessionStorage object| ct_date number| ctTimeMs boolean| ctMouseEventTimerFlag object| ctMouseData number| ctMouseDataCounter object| ctCheckedEmails function| apbct_attach_event_handler function| apbct_remove_event_handler number| ctMouseReadInterval number| ctMouseWriteDataInterval function| ctFunctionFirstKey function| ctFunctionMouseMove function| ctMouseStopData function| ctKeyStopStopListening function| checkEmail function| ctSetPixelImg function| ctGetPixelUrl function| ctSetHasScrolled function| ctSetMouseMoved function| ctStartFieldsListening function| ctStopFieldsListening function| ctFunctionHasInputFocused function| ctFunctionHasKeyUp function| ctSetHasInputFocused function| ctSetHasKeyUp function| ctPreloadLocalStorage function| apbct_ready function| ctFillDecodedEmailHandler function| apbctAjaxEmailDecodeBulk function| apbctEmailEncoderCallbackBulk function| resetEncodedNodes function| getJavascriptClientData function| removeDoubleJsonEncoding function| ctProcessDecodedDataResult function| ctFillDecodedEmail function| ctShowDecodeComment function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo function| ctParseBlockMessage function| ctSetPixelUrlLocalstorage function| ctNoCookieConstructHiddenField function| ctGetPageForms function| ctNoCookieFormIsExcludedFromNcField function| ctNoCookieAttachHiddenFieldsToForms function| defaultFetch function| checkFormsExistForCatching function| isFormThatNeedCatch object| cleantalkModal object| buttons_to_handle function| apbct_gdpr_handle_buttons function| ct_protect_external function| formIsExclusion function| apbctProcessIframes function| apbctProcessExternalForm function| apbct_replace_inputs_values_from_other_form function| isIntegratedForm function| sendAjaxCheckingFormData function| catchDinamicRenderedForm function| catchDinamicRenderedFormHandler function| sendAjaxCheckingDinamicFormData function| ct_check_internal function| ct_check_internal__is_exclude_form undefined| $ function| jQuery object| yaContextCb object| pseudo_links function| ym object| ajax_tptn_tracker object| wpcf7 object| settings_array object| wps_ajax object| a3_lazyload_params object| a3_lazyload_extend_params object| Ya object| yaCounter89548966 object| _self object| Prism object| swv boolean| isMobile boolean| isSearchBot object| VK object| ODKL object| _goodshare object| addComment function| ClipboardJS function| NSLPopup boolean| __cfRLUnblockHandlers function| nslRedirect string| top_menu_mobile_position function| cnc object| webpackChunkyandex_pcode object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| yaads object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter1788970

54 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
kimberlite.io/rtb/sync Name: f
Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FZBKyXJxH12Y
kimberlite.io/rtb/sync Name: n
Value: 2
.1275.ru/ Name: _ym_uid
Value: 1678946901110684103
.1275.ru/ Name: _ym_d
Value: 1678946901
.1275.ru/ Name: __cf_bm
Value: tKbWTPvqiHw8REruyVaLMhgzyvov_sP_ihbeHhiTNI0-1678946901-0-AZO9aFtX3lJOXT3YrDUhjMqlofW5rTWTzKcKN9RALg/PRuQR4jUnnbyNqsnuCY6gypUWWqM2kW3THYPb7g55jCg4ukzcWxGqf7Jfzkk/wkwZaCRUSnxzOs3tfJ0zAsukgw==
mc.yandex.ru/ Name: yabs-sid
Value: 2351544681678946901
.yandex.ru/ Name: i
Value: 5/3eeg/hApr39hrP5/SDNeRqMLt0yNdS+lL2UbfxUYX68aRq6/hZTKVDJfILYiqQZGYPrTI16gOlgpdGIDPFyA4+IJQ=
.yandex.ru/ Name: yandexuid
Value: 4198874071678946901
.yandex.ru/ Name: yuidss
Value: 4198874071678946901
.1275.ru/ Name: _ym_isad
Value: 2
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 1414940049fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 379614684fake
.webvisor.org/ Name: yandexuid
Value: 4198874071678946901
.webvisor.org/ Name: yuidss
Value: 4198874071678946901
.webvisor.org/ Name: i
Value: 5/3eeg/hApr39hrP5/SDNeRqMLt0yNdS+lL2UbfxUYX68aRq6/hZTKVDJfILYiqQZGYPrTI16gOlgpdGIDPFyA4+IJQ=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: ymex
Value: 1994306901.yrts.1678946901#1994306901.yrtsi.1678946901
.betweendigital.com/ Name: dc
Value: sin1
.betweendigital.com/ Name: ss
Value: 1
.demdex.net/ Name: demdex
Value: 52198446774557252061685824753427074318
.dpm.demdex.net/ Name: dpm
Value: 52198446774557252061685824753427074318
.betweendigital.com/ Name: tuuid
Value: 241e5a21-409e-544b-8644-7bfde256c9a7
.betweendigital.com/ Name: ut
Value: ZBKyWgALu-jMeFEee-A6m6881qR9-UJyREVkcg==
.hybrid.ai/ Name: vid
Value: e6800117184a74d54143
.dmg.digitaltarget.ru/ Name: viuserid
Value: xbE-FFMNb3cJnGW7C3pP
px.arcspire.io/ Name: arcid
Value: f21b03b046541740ac215b
.360yield.com/ Name: tuuid
Value: 5ef430e3-b45b-4e8b-b9eb-7d3eeb9d5a67
.360yield.com/ Name: tuuid_lu
Value: 1678946907
.tns-counter.ru/ Name: guid
Value: 527977046412B25BX1678946907
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: sAkJCmQSslu5wQRHb29cAtUYjW95CdDEt27lwTlgg58z1FA1
.adx.opera.com/ Name: UID
Value: OPUbb203068083443418f84b9c80df9ad09
.yandex.ru/ Name: is_gdpr
Value: 0
.yandex.ru/ Name: is_gdpr_b
Value: CJ6rGBCZrAE=
.acint.net/ Name: cSyncDp14v3
Value: 1678946908
.weborama.fr/ Name: AFFICHE_W
Value: Z0mjJKdAxNtn51
.yastatic.net/ Name: gdpr
Value: 0
.yastatic.net/ Name: _ym_uid
Value: 1678946908291149918
.yastatic.net/ Name: _ym_d
Value: 1678946909
kimberlite.io/ Name: u
Value: ZBKyXJxH12Y~HO4c6CbutC9VbRCTI14YU7pmTQk
.adhigh.net/ Name: gi_u
Value: 5CDWWxEQY1X.AikABlGG6Qi6Jw
.uuidksinc.net/ Name: jcsuuid
Value: RTcrQFCHPLQBAs1OHbWe
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDHWQSsl1B3ADtVHvQApS/KvQpXgtvVfdzcyZuVmlP9+sZ
.adhigh.net/ Name: yandexssp_sync
Value: LKvc
.mts.ru/ Name: dspid
Value: c10091fb-3069-4832-9ca5-e82198c2fd79
.sonar.semantiqo.com/ Name: semantiqo_a
Value: c86e8b19deca49d797f6c74eb2c255ce
.sonar.semantiqo.com/ Name: check
Value: 90b1c22eb24043f5a41a7cb9b63868c6
.aidata.io/ Name: __upin
Value: 8Ungx4RPPTpvYBemQ4t51g
.aidata.io/ Name: __upints
Value: 1678946910
.mts.ru/ Name: mts_id
Value: cfbcdc2c-1d35-494e-80e7-dac5cc7d6422
.mts.ru/ Name: mts_id_last_sync
Value: 1678946910

1 Console Messages

Source Level URL
Text
javascript warning URL: https://1275.ru/ioc/1513/alc-ransomware-iocs/
Message:
The resource https://1275.ru/wp-content/uploads/sites/3/2022/07/ransomware.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1275.ru
acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
ext-strm-itt06.strm.yandex.net
googleads.g.doubleclick.net
im.bluevoox.com
log.strm.yandex.ru
match.360yield.com
match.new-programmatic.com
mc.webvisor.org
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moderate5.cleantalk.org
nr.bidderstack.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
strm.yandex.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
t.adx.opera.com
tech.rtb.mts.ru
www.google.co.jp
www.google.com
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
an.yandex.ru
mitdmp.whiteboxdigital.ru
sm.rtb.mts.ru
104.16.87.20
104.26.15.69
108.129.32.233
13.230.123.188
142.250.196.98
142.251.222.3
142.251.42.130
142.251.42.162
148.251.4.142
149.5.244.255
157.90.179.28
167.235.7.148
172.217.175.36
172.67.140.84
178.154.131.215
185.15.175.144
185.70.202.8
185.98.54.153
193.232.148.140
193.3.184.200
194.226.130.228
203.195.121.142
213.180.193.90
213.87.44.187
217.65.2.150
217.66.147.42
23.88.12.14
31.172.81.158
35.177.4.157
35.190.24.218
37.18.16.23
45.9.26.83
52.45.175.185
52.74.90.199
77.88.55.60
81.222.128.213
82.145.213.8
87.242.89.90
87.242.93.185
87.250.247.183
87.250.250.114
87.250.250.119
87.250.251.15
87.250.254.45
88.212.201.204
89.108.119.43
91.192.149.30
95.216.200.119
95.217.109.66
0251d37e6e2c23335eb9c1c47f36653651991eaad442c16baeadcb40e9be1e6a
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfee99c9907980f5452422b14b955d6c9052805005fa0ef0a7350982dd0318a
1300ca40188062ec4c78286fd3fe14d9a75a1f34b44f66dd6f930fd773271a8a
17df1f2891553baf6c74c4eef8cd0dd9fb73a5669f9f89d67183a8bfe41acfd2
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1e03abdc9b6f91a7b28a47732902e2a5780c15f774b10436852d6558d3f129bf
1fc332145c284c7c77c023a14d5a3691bac3ce0d45de0f52d1a07ae79364e301
21e7c1a04f6747b3bc0f52d0da9ee68ba86e33bf0fb0302a074bebd1b253d8d7
23b32cb7df1d64055c9842408be2a40f8249c944e47a083ca2eb842fe8285073
255df06063ef8b4f994c1ae9d232d7c4f27c95b853a68fd9c03e31f4dd6b0031
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d502a1bfe58d27ad4aa2be0575d5dcfd48f224dbe9fdd380957b3ce631b49d5
2efe0d8072659b087901323e1fdb18a0f57e6011cb9cb7edff6e1723fc2e8d70
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34c6d86d4e8d6665b338ef0937ff960bdf0de9cfd2c65b9a7b9b371b5ec47c22
395ac78b9fce196f0c2c861789b3d87f9944651d5a80028fa3b1f9e6a1847f0d
3d1d92d95ddb4b80a11e7d55d8d7b0dae149ac256fbcf038aaf9426d945c24ab
3d530880db815b522c05c64d30b5fcff5eb4c35068004e72b1f7501b42cf7f6b
401503518894f575673732c689a7885c78bb615900c0c3f726765eb4ce6aa799
407ad6143bba09eefd9269f63d5ec210bdefa9678f163eed1b73bab8a9db3c17
4192547933c47032776c86cc04805a86655e4580d0c82b46787a120fcd96c146
41bd37403dbff833850e72ec0f4ec5dc4575757db434b52d7337b4f8ec7f0f52
44884191665db88dc9f0e9c56d49c0af4830027724180796e6bb243ed3b0c0c0
4d603a10e8a765c741e0edb1b3241c85529afffd66ee27d2e089999fa6831c11
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5fda8631625f6640514798fcc2d5238f0b754c44652c177cc673ed4ba5353f05
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b5acb20b58ca9f25a996cd5f44fcbde42154bb94cd95666197a59d4b539f07d
6e250df6e1336107dd488a7e911ef6dc65508fd820a410983c6a2476ad4b5b8a
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
6e9cca040634f071c068f7f483dfeef82d8589b4082c8cbdc5301951647ba71b
72f47ad7fecfcf7f0e12d5683cb1592c9d7ff8ed7e571d81c9b887bbb99df828
7306e80208119a30a8641fdf0a74d1e6fe154f0bc0988101fe7798db79e9623a
732ed50433ac0b64ff46aac809ec7c4c42214ab43bbfa27bde87ae2bfaa48678
7581c9c63bfd5b4980fc4fced9e945841109ce23bc560cfb83badc1d0f258857
7cf322218cc72de9537adffa91fdfbc39b162614469c6edbcfd4cc0a185b9422
81cae2daad6c8bf6978dd693b980865bd9e155935f1b1c908cb75ccb0927fa89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a5c4d85c8779b54a1c0bc1e00e0578dcff1b8a64143923403b346c62b76322d
8eff75d3815e1eaccd3f2cf9bebddb26f57d0e69926e7aff2407dcd3cebaf969
93bf71f3914280bb53b535232e855cd63f867829ef1a98589414ff316ab90949
9551054109ecc749a675313a297c7c00216708739166116c501a5b01ccb1a268
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
98df1cc09a1f20f675a8fcb7dd4ffdc00c2d8fc6fa19a51b4e27a26f91dc8d6b
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9fc93a3613160a45be4b14ec89c18d15c268277489b3d3ed2f14ee3e05d0ace2
a28d910858ab19342edf3e236c75b746fa1f77a6321447a922bd6634509c3ad8
a2e6d321fb250c0a4d10159010b3df6118cf118ce5fdebbc242c7533c3b313d7
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a3362b0c90f250df4eba366c79cbcacc2cff590748d35fb81ca75ec9b26495a3
a680a9a11eab21ba500e4a3a47db62838b7106ea7f58ac173703ca594218f32b
a9501cc809fac65ba3bc7fdc1686f8cc6651018b290308eddd1e46454063bf5f
a9ad9acd9b4374cc4a4411ff72653f7940965f416237d1ea765019541d9d44c7
ab38ad079162768129820f022b3bcac5580bf97b0b869f387d96f45c74a340fb
ac2d33cb8b99a8aadfab5ca4f107c918053d27f9fea47420ae33e370cc3b9ede
b3f3db2e6ac9e2b19172879a80a8605f4db7a179745be21a0828e3c1e49510ee
b9d233788b43e3cb1a9886365f4fa1bfdbb8b721496aeda6c13b435559d5a522
c01c3388a0a493482e97192d0d56ee253460e3bff2d25c288712157e8e4781ed
c1c1ece351112e69bba7ce8687c834c37ebd1c8d3e2eeab58f91c061c225f1b0
c1c3e42954b742091b2a210db16724a55be6760e74bd8ce569c5baa601f61cf7
c9ec4e491e17ada22ac48df6f31f0baab1bd3352382b2c0b967072cc6a359b95
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22d63c0b4dc2edb156457f512672b4a9e7f79a51b158804632c64304d40f808
d55357d84b02f4a871bd5385b1708817d37af6cbbdc24488f7138f291e4669c3
d5aab9ecebd2bc2f003980fdde59b97aad0fd105312d99fa50fcab580099aaf3
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ff1d10f1dbd06ad96669e4e256c87c1c9e851bfaddb699c521f2dbd65fba0
f4e984185c3bc3bc2b7141fafc4d94a473b4e8bd09bcdfcf8637eb49f00b081b