urlscan.io logo urlscan.io
SecurityTrails logo

intermediate.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://intermediate.pages.dev/
Effective URL: https://intermediate.pages.dev/
Submission: On June 21 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is intermediate.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on June 9th 2023. Valid for: 3 months.
This is the only time intermediate.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 198.211.98.91 14061 (DIGITALOC...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 8 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2 80.239.201.108 1299 (TWELVE99 ...)
12 8
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
intermediate.pages.dev
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    198.211.98.91 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
amos-mamaya.fun
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newa1.top
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
2    80.239.201.108 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
mc.webvisor.org
Apex Domain
Subdomains		 Transfer
8 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3239
4 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 22652
862 B
2 pages.dev
intermediate.pages.dev
40 KB
1 newa1.top
newa1.top
1 KB
1 amos-mamaya.fun
amos-mamaya.fun
344 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
88 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
27 KB
12 7
Domain Requested by
8 mc.yandex.ru 3 redirects intermediate.pages.dev
cdn.jsdelivr.net
2 mc.webvisor.org 1 redirects
2 intermediate.pages.dev intermediate.pages.dev
1 newa1.top cdnjs.cloudflare.com
1 amos-mamaya.fun cdnjs.cloudflare.com
1 cdn.jsdelivr.net intermediate.pages.dev
1 cdnjs.cloudflare.com intermediate.pages.dev
12 7

This site contains no links.

Subject Issuer Validity Valid
intermediate.pages.dev
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
amos-mamaya.fun
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
newa1.top
E1		 2023-05-02 -
2023-07-31		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://intermediate.pages.dev/
Frame ID: 1E4FA44FCBD4FBF61535071D67F6A098
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Robot protection

Page URL History Show full URLs

  1. http://intermediate.pages.dev/ HTTP 307
    https://intermediate.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

75 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

8
IPs

3
Countries

159 kB
Transfer

406 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://intermediate.pages.dev/ HTTP 307
    https://intermediate.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A406487215098%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A475116762%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Ast%3A1687384882&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A406487215098%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A475116762%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Ast%3A1687384882&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 16
  • https://mc.yandex.ru/watch/93468906?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A349281414656%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A351592119%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Arqnl%3A1%3Ast%3A1687384882%3At%3ARobot%20protection&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/93468906/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A349281414656%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A351592119%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Arqnl%3A1%3Ast%3A1687384882%3At%3ARobot%20protection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 17
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10041.CWtwkUK0gSw7lUDdc0UPIBx36-gs8hlmb5ImTyMeBCsoSaoynJw18XK_DTA3m0Fm.pBXvIiBWRjtj3EETAdjAGE54aVQ%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10041.a6T7mdYDW4YpS6bPYf8cY40kkLnqGjD-SssvpMtkGkA1t65xQ8SEleAaq2HTSR11AhJi3g5ULf5huIn9jNeWAXoDZfy_fhlDD9XdY_CR0lvONzx3PHm9NhpIknFQmcTwlU4AkLPF4L9SshlU4_KrXE0w7CTXv0fpiRZT_syjuK-eejKh2e9jCiiI0b3ONAmvdkqDA1eClQJ6yG_m0GcamGy7IQSOe6CfKRK75DPqv7k%2C.Dxrg4zyGaS-_XV4cLo-uRt38gWo%2C

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
intermediate.pages.dev/
Redirect Chain
  • http://intermediate.pages.dev/
  • https://intermediate.pages.dev/
35 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intermediate.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e52e623ca3171c5f560a44f181bef92df6c44ef1703763a9cb652d4f1073a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
7daf87926cc606c4-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 21 Jun 2023 22:01:21 GMT
etag
W/"8260dfa54cd61c8943ba7af3f13969c7"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1amWAUrJS9Oz54voWjo14YhC19J1XrdJKMznx74SGC21idPeG%2Bat1%2By3c5w%2BXoyr3FOfGuLRZ3yJ8WsJkceDAtEBDkkI0iVKSGL9aI5gMCBt0kZtYxmUuoBt6a9aPGTHsdK03L37Vk89xO0tG3ciRRiQ2xFh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
nosnippet, noindex

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://intermediate.pages.dev/
Non-Authoritative-Reason
HSTS
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: intermediate.pages.dev
URL: https://intermediate.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://intermediate.pages.dev
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 22:01:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3508319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27437
last-modified
Fri, 12 May 2023 02:05:12 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"645d9ed8-6b2d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27ziaySlnDa6RDrncbjefGCLo10dDJ5qEM%2FfQBEBbPxS5P1crGwAEyAmZKJjeA%2FhvinB4V8v76DOT%2BNLL1Ttvq8FOTYGGzoRUBdj41FHF4imd2DtJ4JwsZw%2B9IcsWFCtTChN912QIPDIwO%2BooYN6GNxU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7daf87932ac40b79-AMS
expires
Mon, 10 Jun 2024 22:01:21 GMT
style-composer.js
intermediate.pages.dev/ 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intermediate.pages.dev/style-composer.js
Requested by
Host: intermediate.pages.dev
URL: https://intermediate.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f616b967a86135338fa74b259be8b1b1a6db46cc051d8f14758c46fe7bb8e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 22:01:21 GMT
content-encoding
br
referrer-policy
no-referrer
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f9afade58bc77d8a8707e27f1d21e7b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Du%2B5uTsfIx0uDSj05AW%2FFbetSvf4XCWvl43px%2BIGuTMCbmotG5VqgimmWtJL0Gvsl3%2B3VpNs79cslN%2B3yfsfUOcYPstgIrWXg1KtfN1Iy%2BVc8NYDvaBV5saFBNfuR%2Fmfcidybh9yaXYTzE7oeTfrBxge3ki"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
x-robots-tag
nosnippet, noindex
cf-ray
7daf8792cd4b06c4-AMS
alt-svc
h3=":443"; ma=86400
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		215 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: intermediate.pages.dev
URL: https://intermediate.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d78a09c5f61737e58b65ed756c94349d0deb84b9635147f5edd62b70a65d9e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 21 Jun 2023 22:01:21 GMT
x-content-type-options
nosniff
content-encoding
br
age
32290
x-jsd-version
1.278.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89767
x-served-by
cache-fra-eddf8230100-FRA, cache-bom4720-BOM
x-jsd-version-type
version
etag
W/"35a18-ZLyS5CiS2G+iEy+P1qkoyPZbHDA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
geo
amos-mamaya.fun/ 		66 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amos-mamaya.fun/geo
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
198.211.98.91 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
29be697a4bccd015ac7cdf03f9e19256cfb7d386200c1325d0bd74921c57b62f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 21 Jun 2023 22:01:21 GMT
Server
Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Methods
GET, POST
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
66
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b478091a554d40e4669eff7e36b54e8da8d184a3e9c7b3f88a092bf06f2c9c5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d90e95af91952f89175f37c3d0ec9a322e5b1ec5e9708ca1964e685395c14320

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df1a53fff0b91d12ecc9a98f0f5f44b06190e4b80fa1487cceac6f10f77ff8f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59714766d99071aa99cd39bd9034d8825d4bb7a943af6992b40b72866df5cdc0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46eb363ceccd4182dc9ce6ede0cc9276f7335a16e4ccebbf0bc5a4c32e48480a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93bfeb532ef33900f4971b73520ab53f779c490e4f7b66803d12a40b81bc7d3f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9dcb5e6976c7c35d7f98a4cb8f51653cb67d33a79f619ecb27d2bfb7ac16378f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c41d7eecc6bf3a155ed82db8216587d7c7ad605c3bb9f963d20b70d01de5fa05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b18e98412f4c035c519af86c0ce6ba0b6c86a6812d17d6b8586f34a944c00be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/webp
/
newa1.top/wopobuster/geto/ 		82 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newa1.top/wopobuster/geto/?g=NL
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ee32543739a0bd2d04a65bf6980d7ceb59a82ccdd464a31b2f901a9834bb06
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 22:01:21 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"52-vkCMzDNtQZyWoK18a1Ou1BZ3dvA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAI4ZGyWvT7EJScG3VZCqt174XIWLMcDxxKMoxYqna9GCxt5rOtuR5QrdvO6fSLmj10BM7dSbhYRq0k7VpAB7CmyyVSlkK7UPEzLX264Dv%2BYGgAxhUN7jWjAJk%2FTN2HhmRvd8At1jVk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7daf87961e19b7dc-AMS
access-control-allow-headers
*
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Al...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3A...
264 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A406487215098%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A475116762%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Ast%3A1687384882&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
400142a3293cac2fe88b52faafb54f15103a8fad6dd40ec770cf41c7dd6c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 21-Jun-2023 22:01:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21-Jun-2023 22:01:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A406487215098%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A475116762%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Ast%3A1687384882&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:22 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: intermediate.pages.dev
URL: https://intermediate.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21 Jun 2023 08:10:47 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64928657-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 21 Jun 2023 23:01:22 GMT
1
mc.yandex.ru/watch/93468906/
Redirect Chain
  • https://mc.yandex.ru/watch/93468906?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen...
  • https://mc.yandex.ru/watch/93468906/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3A...
428 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/93468906/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A349281414656%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A351592119%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Arqnl%3A1%3Ast%3A1687384882%3At%3ARobot%20protection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: intermediate.pages.dev
URL: https://intermediate.pages.dev/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ed8a6b9dad3ef45e9bc2e7a8a9d296d22c0b24b1fd1f637f75c794d9477c6fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 21-Jun-2023 22:01:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21-Jun-2023 22:01:22 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/93468906/1?wmode=7&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Afp%3A264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A349281414656%3Ahid%3A39094086%3Az%3A0%3Ai%3A20230621220121%3Aet%3A1687384882%3Ac%3A1%3Arn%3A351592119%3Arqn%3A1%3Au%3A168738488231793881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C58%2C56%2C6%2C1%2C0%2C%2C134%2C1%2C%2C%2C%2C256%3Aco%3A0%3Acpf%3A1%3Ans%3A1687384880948%3Arqnl%3A1%3Ast%3A1687384882%3At%3ARobot%20protection&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:22 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10041.CWtwkUK0gSw7lUDdc0UPIBx36-gs8hlmb5ImTyMeBCsoSaoynJw18XK_DTA3m0Fm.pBXvIiBWRjtj3EETAdjAGE54aVQ%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=10041.a6T7mdYDW4YpS6bPYf8cY40kkLnqGjD-SssvpMtkGkA1t65xQ8SEleAaq2HTSR11AhJi3g5ULf5huIn9jNeWAXoDZfy_fhlDD9XdY_CR0lvONzx3PHm9NhpIknFQmcTwlU4AkLPF...
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=10041.a6T7mdYDW4YpS6bPYf8cY40kkLnqGjD-SssvpMtkGkA1t65xQ8SEleAaq2HTSR11AhJi3g5ULf5huIn9jNeWAXoDZfy_fhlDD9XdY_CR0lvONzx3PHm9NhpIknFQmcTwlU4AkLPF4L9SshlU4_KrXE0w7CTXv0fpiRZT_syjuK-eejKh2e9jCiiI0b3ONAmvdkqDA1eClQJ6yG_m0GcamGy7IQSOe6CfKRK75DPqv7k%2C.Dxrg4zyGaS-_XV4cLo-uRt38gWo%2C
Protocol
H2
Server
80.239.201.108 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=10041.a6T7mdYDW4YpS6bPYf8cY40kkLnqGjD-SssvpMtkGkA1t65xQ8SEleAaq2HTSR11AhJi3g5ULf5huIn9jNeWAXoDZfy_fhlDD9XdY_CR0lvONzx3PHm9NhpIknFQmcTwlU4AkLPF4L9SshlU4_KrXE0w7CTXv0fpiRZT_syjuK-eejKh2e9jCiiI0b3ONAmvdkqDA1eClQJ6yG_m0GcamGy7IQSOe6CfKRK75DPqv7k%2C.Dxrg4zyGaS-_XV4cLo-uRt38gWo%2C
date
Wed, 21 Jun 2023 22:01:22 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
93468906
mc.yandex.ru/webvisor/ 		43 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/93468906?wmode=0&wv-part=1&wv-hit=39094086&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&rn=141907939&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1687384885%3Aw%3A1600x1200%3Av%3A1060%3Az%3A0%3Ai%3A20230621220124%3Au%3A168738488231793881%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Ast%3A1687384885&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21-Jun-2023 22:01:24 GMT
content-type
image/gif
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:24 GMT
93468906
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/93468906?wmode=0&wv-part=1&wv-hit=39094086&page-url=https%3A%2F%2Fintermediate.pages.dev%2F&rn=1007556063&wv-type=3&browser-info=we%3A1%3Aet%3A1687384885%3Aw%3A1600x1200%3Av%3A1060%3Az%3A0%3Ai%3A20230621220124%3Au%3A168738488231793881%3Avf%3A7g4yzra6nxw2gqr9brqirj3%3Ast%3A1687384885&t=gdpr(14)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Jun 2023 22:01:24 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 21-Jun-2023 22:01:24 GMT
content-type
image/gif
access-control-allow-origin
https://intermediate.pages.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 21-Jun-2023 22:01:24 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| randCID function| T function| f function| run function| ym undefined| exports function| _calcium object| __crpb function| SecureRandom function| EllipticCurve function| BigInteger function| Classic function| Montgomery function| NullExp function| Barrett object| _rbtn object| Ya object| yaCounter93468906

16 Cookies

Domain/Path Name / Value
.intermediate.pages.dev/ Name: _ym_uid
Value: 168738488231793881
.intermediate.pages.dev/ Name: _ym_d
Value: 1687384882
.yandex.ru/ Name: ymex
Value: 1718920882.yc.1687384882#1718920882.yrts.1687384882#1718920882.yrtsi.1687384882
.yandex.ru/ Name: bh
Value: KgI/MA==
.intermediate.pages.dev/ Name: _ym_isad
Value: 2
mc.yandex.ru/ Name: yabs-sid
Value: 1795093351687384882
.yandex.ru/ Name: i
Value: qxzH4t2z9hZEzKWKSL3nOmWWC3PYDYCTPKH7FwSyeB+XYyqo+g48jjvk56Q8HblMKk5ckdXprEVhry9hg0bVRdjBn3E=
.yandex.ru/ Name: yandexuid
Value: 9226646821687384882
.yandex.ru/ Name: yuidss
Value: 9226646821687384882
.intermediate.pages.dev/ Name: _ym_visorc
Value: w
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 1831275664fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3463734199fake
.webvisor.org/ Name: yandexuid
Value: 9226646821687384882
.webvisor.org/ Name: yuidss
Value: 9226646821687384882
.webvisor.org/ Name: i
Value: qxzH4t2z9hZEzKWKSL3nOmWWC3PYDYCTPKH7FwSyeB+XYyqo+g48jjvk56Q8HblMKk5ckdXprEVhry9hg0bVRdjBn3E=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amos-mamaya.fun
cdn.jsdelivr.net
cdnjs.cloudflare.com
intermediate.pages.dev
mc.webvisor.org
mc.yandex.ru
newa1.top
198.211.98.91
2606:4700::6811:190e
2a02:6b8::1:119
2a04:4e42:600::485
2a06:98c1:3120::3
2a06:98c1:3121::3
80.239.201.108
29be697a4bccd015ac7cdf03f9e19256cfb7d386200c1325d0bd74921c57b62f
400142a3293cac2fe88b52faafb54f15103a8fad6dd40ec770cf41c7dd6c9c2c
46eb363ceccd4182dc9ce6ede0cc9276f7335a16e4ccebbf0bc5a4c32e48480a
53f616b967a86135338fa74b259be8b1b1a6db46cc051d8f14758c46fe7bb8e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e52e623ca3171c5f560a44f181bef92df6c44ef1703763a9cb652d4f1073a7
59714766d99071aa99cd39bd9034d8825d4bb7a943af6992b40b72866df5cdc0
7b18e98412f4c035c519af86c0ce6ba0b6c86a6812d17d6b8586f34a944c00be
84ee32543739a0bd2d04a65bf6980d7ceb59a82ccdd464a31b2f901a9834bb06
93bfeb532ef33900f4971b73520ab53f779c490e4f7b66803d12a40b81bc7d3f
9dcb5e6976c7c35d7f98a4cb8f51653cb67d33a79f619ecb27d2bfb7ac16378f
b478091a554d40e4669eff7e36b54e8da8d184a3e9c7b3f88a092bf06f2c9c5b
c41d7eecc6bf3a155ed82db8216587d7c7ad605c3bb9f963d20b70d01de5fa05
d78a09c5f61737e58b65ed756c94349d0deb84b9635147f5edd62b70a65d9e9c
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d90e95af91952f89175f37c3d0ec9a322e5b1ec5e9708ca1964e685395c14320
df1a53fff0b91d12ecc9a98f0f5f44b06190e4b80fa1487cceac6f10f77ff8f5
ed8a6b9dad3ef45e9bc2e7a8a9d296d22c0b24b1fd1f637f75c794d9477c6fd9