proffy.info Open in urlscan Pro
88.85.67.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://proffy.info/win7/ie.htm
Submission: On February 20 via api (February 20th 2021, 2:08:03 am UTC) from RU

Summary HTTP 97 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 42 domains to perform 97 HTTP transactions. The main IP is 88.85.67.170, located in Amsterdam, Netherlands and belongs to WEBZILLA, NL. The main domain is proffy.info.

This is the only time proffy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	88.85.67.170 88.85.67.170	35415 (WEBZILLA) (WEBZILLA)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	193.232.121.29 193.232.121.29	50214 (QWARTA) (QWARTA)
1	2606:4700:20:... 2606:4700:20::681a:7b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6 17	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
2 3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1 2	116.202.128.114 116.202.128.114	24940 (HETZNER-AS) (HETZNER-AS)
3	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.145 193.232.148.145	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.35 195.209.108.35	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 3	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.132 185.15.175.132	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
3 6	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
3 3	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
3 5	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
5 7	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
6 6	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
3 3	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
2 5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 3	138.201.34.238 138.201.34.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2606:4700:10:... 2606:4700:10::ac43:dab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.29.80 188.42.29.80	7979 (SERVERS-COM) (SERVERS-COM)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2 4	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	95.213.133.114 95.213.133.114	49505 (SELECTEL) (SELECTEL)
1	80.239.201.20 80.239.201.20	1299 (TELIANET ...) (TELIANET Telia Carrier)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	194.176.118.216 194.176.118.216	49352 (LOGOL-AS) (LOGOL-AS)
1	82.202.224.34 82.202.224.34	50340 (SELECTEL-MSK) (SELECTEL-MSK)
97	39

18 88.85.67.170 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: norka.tv

proffy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.232.121.29 (Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:7b3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.linksmanagement.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 46.4.114.109 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.128.114 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.145 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.35 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.148.229 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.16.14 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.119.43 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.108.97.2 (Russian Federation) 5 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.166 (St Petersburg, Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.87.44.207 (Moscow, Russian Federation) 3 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.34.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Podolsk, Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:dab (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.80 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

p1.dircont3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.147 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.213.133.114 (Russian Federation)

ASN49505 (SELECTEL, RU)

ps.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.239.201.20 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 80-239-201-20.teliacarrier-cust.com

ymetrica1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.176.118.216 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40666.acod.regrucolo.ru

ps5.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.224.34 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

rtb.beroll.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	acint.net 6 redirects www.acint.net acint.net	16 KB
18	proffy.info proffy.info	206 KB
11	yandex.ru 4 redirects an.yandex.ru mc.yandex.ru	48 KB
9	mts.ru 9 redirects sm.rtb.mts.ru tech.rtb.mts.ru	6 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	9 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	210 KB
7	rktch.com 5 redirects ut.rktch.com	3 KB
6	1dmp.io 3 redirects sync.1dmp.io	3 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	aidata.io 3 redirects x01.aidata.io	3 KB
5	google.com cse.google.com www.google.com adservice.google.com	105 KB
4	advarkads.com 2 redirects s3.advarkads.com api.advarkads.com	8 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
3	buzzoola.com 2 redirects exchange.buzzoola.com	726 B
3	weborama.fr 3 redirects redirect.frontend.weborama.fr	816 B
3	com.ru 3 redirects adx.com.ru	2 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
3	sape.ru 1 redirects cdn-rtb.sape.ru ssp-rtb.sape.ru	54 KB
2	ntvk1.ru ps.ntvk1.ru ps5.ntvk1.ru	5 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	republer.com 2 redirects sync.republer.com	950 B
2	adhigh.net 2 redirects px.adhigh.net	920 B
1	beroll.ru rtb.beroll.ru	86 B
1	ymetrica1.com ymetrica1.com	368 B
1	dircont3.com p1.dircont3.com	10 KB
1	yadro.ru 1 redirects counter.yadro.ru	287 B
1	gnezdo.ru fcgi4.gnezdo.ru	172 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	327 B
1	beeline.ru 0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru	627 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	relap.io relap.io	1 KB
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm.hybrid.ai	238 B
1	mail.ru ad.mail.ru	635 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	640 B
1	linksmanagement.com www.linksmanagement.com	55 KB
97	42

	Domain	Requested by
18	proffy.info	proffy.info
17	www.acint.net	6 redirects proffy.info www.acint.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	ut.rktch.com	5 redirects
6	mc.yandex.ru	2 redirects proffy.info
6	sm.rtb.mts.ru	6 redirects
6	sync.1dmp.io	3 redirects www.acint.net s3.advarkads.com
6	pagead2.googlesyndication.com	proffy.info pagead2.googlesyndication.com tpc.googlesyndication.com
5	an.yandex.ru	2 redirects www.acint.net
5	x01.aidata.io	3 redirects www.acint.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
3	exchange.buzzoola.com	2 redirects
3	tech.rtb.mts.ru	3 redirects
3	redirect.frontend.weborama.fr	3 redirects
3	adx.com.ru	3 redirects
3	sync.bumlam.com	2 redirects www.acint.net
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	www.google.com	cse.google.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api.advarkads.com	2 redirects
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	ssp-rtb.sape.ru	1 redirects cdn-rtb.sape.ru
1	rtb.beroll.ru
1	ps5.ntvk1.ru	proffy.info
1	ymetrica1.com	mc.yandex.ru
1	ps.ntvk1.ru	p1.dircont3.com
1	p1.dircont3.com	cdn-rtb.sape.ru
1	counter.yadro.ru	1 redirects
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru	www.acint.net
1	sape-sync.rutarget.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	ad.mail.ru	www.acint.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cse.google.com	proffy.info
1	www.linksmanagement.com	proffy.info
1	cdn-rtb.sape.ru	proffy.info
97	54

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
share.yandex.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.acint.net Let's Encrypt Authority X3	`2020-11-29` - `2021-02-27`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.bumlam.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-07` - `2021-08-07`	a year	crt.sh
adlmerge.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.ops.beeline.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-23` - `2022-06-24`	2 years	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
new-programmatic.com Let's Encrypt Authority X3	`2020-11-26` - `2021-02-24`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.sape.ru R3	`2021-02-16` - `2021-05-17`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2020-05-11` - `2021-08-09`	a year	crt.sh
ymetrica.com Yandex CA	`2020-09-29` - `2021-03-23`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ut.rktch.com R3	`2021-01-05` - `2021-04-05`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.beroll.ru AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://proffy.info/win7/ie.htm
Frame ID: 7A052C663E7BB4FE9CB7D277A277BED4
Requests: 55 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 5127C2DAAB3FD6D06FA61E9EE6962D88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&adk=1812271804&adf=3025194257&lmt=1613786863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613786862835&bpp=19&bdt=109&idt=134&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3193425011358&frm=20&pv=2&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: 413711C439BB9561E8529BB3EB8CFC23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=90&slotname=6832752182&adk=1421202109&adf=2552221730&pi=t.ma~as.6832752182&w=728&lmt=1613786863&psa=0&format=728x90&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&wgl=1&dt=1613786862854&bpp=72&bdt=129&idt=218&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=33&ady=25&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jeggNfPL8F&p=http%3A//proffy.info&dtd=225
Frame ID: 23154A236F768E8291BEBB19227059AA
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&tc=1
Frame ID: 49A55C0B4F07F6E9CC86A6D00FE35CF3
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1706824535&pi=t.aa~a.2313465991~i.57~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=2&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90&nras=2&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8Uwu4d00Xj&p=http%3A//proffy.info&dtd=25
Frame ID: E45B4043364A9FD9AD293B9E39FA415C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2827832974&pi=t.aa~a.2313465991~i.59~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280&nras=3&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1bG1RRalFH&p=http%3A//proffy.info&dtd=31
Frame ID: 24C300058A2199ED3C0CE03B1A20F1EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2556572655&pi=t.aa~a.2313465991~i.106~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280&nras=4&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=SImPkwoXmK&p=http%3A//proffy.info&dtd=36
Frame ID: 1A02312DF3FCB51A261A4FEDED8A0A95
Requests: 1 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
Frame ID: 95CADEFD859D3EDAA68EC3A4AB8B7752
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1196090153&pi=t.aa~a.2313465991~i.256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863246&bpp=2&bdt=520&idt=2&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y7k8Nc2Oxj&p=http%3A//proffy.info&dtd=207
Frame ID: CD3F4CB385EF811DAA6BBBF057677CFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=485867489&pi=t.aa~a.2313465991~i.258~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863250&bpp=1&bdt=524&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=5M23x8kI1i&p=http%3A//proffy.info&dtd=287
Frame ID: 3D06954A7B0C7EEB0D844764FB67EDA2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 415CB69576624793AD9EC0CB99EE1590
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

97
Requests

78 %
HTTPS

25 %
IPv6

42
Domains

54
Subdomains

39
IPs

6
Countries

775 kB
Transfer

1647 kB
Size

36
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.livejournal.com/update.bml?event=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&subject=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Search URL Search Domain Scan URL

URL: http://share.yandex.ru/go.xml?service=moikrug&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&title=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 33

http://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14&tc=1

Request Chain 34

http://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5&oE=1&oP=1&dT=2021-02-20T03%3A07%3A43.297&fu=1ced091b-3e9e-46fb-a20e-f31f4e327afb HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5&oE=1&oP=1&dT=2021-02-20T03%3A07%3A43.297&fu=1ced091b-3e9e-46fb-a20e-f31f4e327afb

Request Chain 38

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B&crf=1

Request Chain 39

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007FEF6E306073004F8B029BD81D

Request Chain 40

https://px.adhigh.net/p/cm/sape?u=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FEF6E3060DA0166A502D2308B&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=eam343XAfZs.AikABlF3vTEapg

Request Chain 42

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5792429666 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=A2nwQZFCMrvF995EU3z192Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEF6E3060DA0166A502D2308B

Request Chain 43

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=3c5a640c-d3fe-41b9-b28a-89504df6d3cd HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjv3cGBBlIEioaQK2IkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2Nk HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjv3cGBBlIEioaQK2IkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-9uMGDaAWalAtIwiw HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 48

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B

Request Chain 51

https://adx.com.ru/sape-sync?uid=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60306eefd41e06bf83713ffb&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D60306eefd41e06bf83713ffb%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60306eefd41e06bf83713ffb&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253DYABBI%252526id%25253D60306eefd41e06bf83713ffb%252526dest%25253D%2526webouid%253D%7BWEBO_CID%7D&cs=1 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D60306eefd41e06bf83713ffb%2526dest%253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D60306eefd41e06bf83713ffb%2526dest%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=3232786891 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D60306eefd41e06bf83713ffb%26dest%3D&webouid=NKXRQkToAHFn/q65oy4EEe HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest= HTTP 302
https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest=&bounce=1

Request Chain 52

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B&cs=1

Request Chain 53

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=W3eLXXQihRmh

Request Chain 54

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=4a949e9e-a31b-5233-8f4c-49dfef7c2730

Request Chain 56

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=natimatica&exu=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253Db50336ed-3737-46ed-b705-e440c43180e7%26sign%3D2448808864 HTTP 302
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864 HTTP 302
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864

Request Chain 57

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEF6E3060DA0166A502D2308B HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=sape&exu=0100007FEF6E3060DA0166A502D2308B HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253Db50336ed-3737-46ed-b705-e440c43180e7%26sign%3D1928708899 HTTP 302
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899 HTTP 302
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899

Request Chain 58

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=d696ea85-31ae-4fe4-4b36-f7dbdbbfe3e0

Request Chain 59

https://s.uuidksinc.net/match/396/0100007FEF6E3060DA0166A502D2308B HTTP 302
https://www.acint.net/match?dp=127&euid=HfhY6UqTJz3H88u4WnZy

Request Chain 62

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEF6E3060DA0166A502D2308B&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 67

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c

Request Chain 74

https://dmg.digitaltarget.ru/1/1093/i/i?i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 75

https://dmg.digitaltarget.ru/1/1093/i/i?i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 78

https://mc.yandex.ru/watch/39500550?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A340455900700%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1010596351%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5 HTTP 302
https://mc.yandex.ru/watch/39500550/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A340455900700%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1010596351%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Request Chain 79

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1605159104012%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1040991719%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5 HTTP 302
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1605159104012%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1040991719%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Request Chain 89

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID} HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=NKXRQkToAHFn/q65oy4EEe

Request Chain 91

https://ut.rktch.com/matchbt?bi=29 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=natimatica&exu=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253Db50336ed-3737-46ed-b705-e440c43180e7%26sign%3D3938689121 HTTP 302
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=3938689121

Request Chain 92

https://ut.rktch.com/matchbt?bi=27 HTTP 302
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=a39d14978e656f4ae9e6de540bcc71f655ef

Request Chain 93

https://ut.rktch.com/matchbt?bi=50 HTTP 302
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=a39d14978e656f4ae9e6de540bcc71f655ef HTTP 302
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c

Request Chain 94

https://ut.rktch.com/matchbt?bi=39 HTTP 302
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

Request Chain 95

http://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300

97 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ie.htm Show response
proffy.info/win7/ 65 KB
65 KB 53ms
25ms Document
text/html 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 4799a2566b7cf3188acb777d883fee48e523920c7a15e51644fb0ad5855e659d

Request headers

Host: proffy.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Content-Length: 66646
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK style.css
proffy.info/css/ 21 KB
21 KB 38ms
25ms Stylesheet
text/css 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/css/style.css
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: b619edc7bcfe069da06d2c969903e1987ab50bcccecc47b60984c1071ad41a94

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "31bf36298161d53a91557d8da0328359"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: text/css; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 58ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: proffy.info
URL: http://proffy.info/win7/ie.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609c63905a53fb868987279daf5a76db62719062bc497e07db3b6866ec531e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 20 Feb 2021 02:07:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14722425902091878225
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48581
X-XSS-Protection: 0
Expires: Sat, 20 Feb 2021 02:07:42 GMT

GET
H/1.1 200
OK 586.js Show response
cdn-rtb.sape.ru/rtb-b/js/586/2/ 169 KB
53 KB 248ms
231ms Script
application/javascript 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn-rtb.sape.ru/rtb-b/js/586/2/586.js

Requested by

Host: proffy.info
URL: http://proffy.info/win7/ie.htm

Protocol

HTTP/1.1

Server

193.232.121.29 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

Software

nginx /

Resource Hash

00bcd6d30e9ec93a2270589fa152e6e3fb43be5fe7da5831cf9618a0ecb66a20

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Feb 2021 08:03:43 GMT
Server: nginx
X-Amz-Request-Id: 1665529A027DC4FB
ETag: W/"6e5211b81f6fd13a441f77e8a501e629"
X-Cache-Status: MISS
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Content-Security-Policy: block-all-mixed-content
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Expires: Sat, 20 Feb 2021 03:07:43 GMT

GET
H/1.1 200
OK blue24.jpg
proffy.info/images/ 832 B
1 KB 1027ms
1023ms Image
image/jpeg 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/images/blue24.jpg
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: d2c84b3fcd5c28df842c2e8be80502f907e4ec1bfea6b300d425f45b11f03409

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "fbbd0d593efd21857f2269e60f3e01d6"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK google.js Show response
proffy.info/js/ 349 B
734 B 24ms
24ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/google.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: ab53fd67bc7bddd751a8a796690c2244bb33adb1c256e8deed8e1d4926606451

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "727e978a5c838df4a1522a27e7ea0c00"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK share42.js Show response
proffy.info/42/ 5 KB
5 KB 28ms
25ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/42/share42.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: c4d1e6c2a01121362ebda7a0362c223af57b5ed1bcdfd14151b50071e7ef2831

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "a42e993b1ae3c72ef8cbd001ac6e303d"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK adress.gif
proffy.info/win7/images/ 81 B
442 B 23ms
23ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/win7/images/adress.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "5fa23ea9f65e3a772b747fa0e6234308"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK mycat.gif
proffy.info/ 81 B
442 B 23ms
23ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/mycat.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "5fa23ea9f65e3a772b747fa0e6234308"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK iebutton.gif
proffy.info/win7/images/ 81 B
442 B 22ms
22ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/win7/images/iebutton.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "5fa23ea9f65e3a772b747fa0e6234308"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK expandmenu.gif
proffy.info/win7/images/ 81 B
442 B 22ms
22ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/win7/images/expandmenu.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "5fa23ea9f65e3a772b747fa0e6234308"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H2 200 728x90-DA50_80_buy_organic_links-1.gif
www.linksmanagement.com/wp-content/uploads/2016/12/ 54 KB
55 KB 46ms
17ms Image
image/gif 2606:4700:20::681a:7b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linksmanagement.com/wp-content/uploads/2016/12/728x90-DA50_80_buy_organic_links-1.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5170e406c620439d8b2371dc2762a8e01412787ec38a4a3b6f7a90ba53ad22ec

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 149629
cf-polished: origSize=56158
content-length: 55536
cf-request-id: 085eca6ce300004a61803ec000000001
pragma: public
last-modified: Mon, 26 Dec 2016 13:23:02 GMT
server: cloudflare
etag: "586119b6-db5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O%2BVXhcQaWRwIq%2Bt%2BHbSg5pac1xf6w45alAyAVEW6y7JQ1B2Ei3rgXK7cWSmA9I043XLr%2BY45yO%2FSxSxFzB3LkRl7GfSvgnvVjQPwVoysQrHtuCoEzSmf%2FGHZILk%2BOmNnnNXFdg%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6244acf49db14a61-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK juli.gif
proffy.info/images/ 1 KB
2 KB 25ms
25ms Image
image/gif 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/images/juli.gif
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 197def9a9977aeeae18d8c9e16007b8f5bfffa388c656736c09248a77f58084f

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "731b458fc15732f8385f6c522abd22d1"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK favicon.jpg
proffy.info/images/ 703 B
1 KB 21ms
20ms Image
image/jpeg 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/images/favicon.jpg
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: a173960e4fbc8534e459d15f996c9601434806284138040a159294a3bc112509

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "6975832208f7f08bcfb0c50b3e34fe67"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
proffy.info/js/ 93 KB
93 KB 147ms
131ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/jquery-1.7.2.min.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "b8d64d0bc142b3f670cc0611b0aebcae"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK easing.js Show response
proffy.info/js/ 5 KB
5 KB 1150ms
1134ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/easing.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 6c26533254dc21fba188b69b81300ecd94c1bef2dda72b9dbb750111973ed31b

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Etag: "6ee8b009ab1e71a1380c69e81339f4c5"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery.ui.totop.js Show response
proffy.info/js/ 2 KB
2 KB 42ms
26ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/jquery.ui.totop.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 884e724e7230bab8c1f1ff2354f343f1d85957462fe579a7721ad99e3282bbdd

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "2f615bc3d8ae4c2c35bcd27b30ae8dda"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK totoplugin.js Show response
proffy.info/js/ 296 B
682 B 44ms
29ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/totoplugin.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 9727dc7ae81a847700f392d3eac67e5db8237147e966566523097c236a682e1c

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "13f716e2232f8483878041d210eb3c88"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK yandex_metrika.js Show response
proffy.info/js/ 589 B
974 B 25ms
24ms Script
application/javascript 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://proffy.info/js/yandex_metrika.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 6975c1dddd0afbecc1fe005d15bf8d274a63faefe46386fbc6019ed9d6394e2f

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "062fef8edaa79228c0634a5e130bebef"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2743978302807619:4574781787

Requested by

Host: proffy.info
URL: http://proffy.info/js/google.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

62f9c05a52df5e460dbeea9ccefad86c52da619b0a0d85287dba7fc212e1181a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:42 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
expires: Sat, 20 Feb 2021 02:07:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
86 KB 54ms
35ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2743978302807619&plah=proffy.info&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 20 Feb 2021 02:07:42 GMT

GET
H/1.1 200
OK Sztn3.png
proffy.info/win7/ 303 B
665 B 18ms
18ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/win7/Sztn3.png
Requested by: Host: proffy.info
URL: http://proffy.info/css/style.css
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: c78c7277fccb4ec3dffa1246d1b4ff9a49edb17dfce1e7dc7c4a38d23f0e65c2

Request headers

Referer: http://proffy.info/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:42 GMT
Etag: "9dc4f6dd0ddb93aa26764c7f659fef1c"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 5127 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Feb 2021 06:34:06 GMT
expires: Fri, 05 Mar 2021 06:34:06 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 70416
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 278 KB
91 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2743978302807619:4574781787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c346dc719d9cc186e3ff6e1c91a10191755100e0d65387984b43fdf56fa00de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 136100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92832
x-xss-protection: 0
expires: Fri, 18 Feb 2022 12:19:22 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2743978302807619:4574781787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 19:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 109576
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Fri, 18 Feb 2022 19:41:26 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2743978302807619:4574781787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 01:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 615
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Sat, 20 Feb 2021 02:47:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 106ms
54ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=proffy.info&callback=_gfp_s_&client=ca-pub-2743978302807619

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2743978302807619&plah=proffy.info&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

fe9cd384c73bc107b6da5315ab8841505c1283e116788faca5178fc4576ecc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 37ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=proffy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
247 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=proffy.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4137 8 KB
1 KB 107ms
94ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&adk=1812271804&adf=3025194257&lmt=1613786863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613786862835&bpp=19&bdt=109&idt=134&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3193425011358&frm=20&pv=2&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=227

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf8f3793567ace14b4d2109f661f94b824b0ef68192957f1cefbd6becca38e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&adk=1812271804&adf=3025194257&lmt=1613786863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&ea=0&flash=0&pra=5&wgl=1&dt=1613786862835&bpp=19&bdt=109&idt=134&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3193425011358&frm=20&pv=2&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=227
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 629
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Feb-2021 02:22:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Sat, 20 Feb 2021 02:07:43 GMT

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2315 405 B
326 B 96ms
95ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=90&slotname=6832752182&adk=1421202109&adf=2552221730&pi=t.ma~as.6832752182&w=728&lmt=1613786863&psa=0&format=728x90&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&wgl=1&dt=1613786862854&bpp=72&bdt=129&idt=218&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=33&ady=25&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jeggNfPL8F&p=http%3A//proffy.info&dtd=225

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e21cba3005d24b55e8b4f6c33fb3567a25c6d89fb5d77aee11595dee784149d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=90&slotname=6832752182&adk=1421202109&adf=2552221730&pi=t.ma~as.6832752182&w=728&lmt=1613786863&psa=0&format=728x90&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&wgl=1&dt=1613786862854&bpp=72&bdt=129&idt=218&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=33&ady=25&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=jeggNfPL8F&p=http%3A//proffy.info&dtd=225
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 20-Feb-2021 02:22:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

79ms
26ms

Script
application/x-javascript

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:15 GMT
server: openresty
etag: "5ff0bb7b-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Sat, 20 Feb 2021 14:07:43 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 141 KB
51 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/reactive_library_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

488929e22c53693c94852fb74982b8052fdd2b723b9e60bfbe36b00fcbce2976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52000
x-xss-protection: 0
server: cafe
etag: 13808675919883242785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Feb 2021 02:07:43 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 49A5
Redirect Chain

http://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14&tc=1

3 KB
4 KB

27ms
26ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 44ef37b8b30cadcc8ce7df99e894102331ec2baaed76ee10432c7cd277987139

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=14&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; aid=fwAAAWAwbu+lZgHaizDSAurt8w4AXwWLiaJDFCz8/vCsey6p
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

server: openresty
date: Sat, 20 Feb 2021 02:07:43 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1613786863; expires=Sun, 21-Feb-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1613786863; expires=Sat, 06-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1613786863; expires=Sat, 06-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1613786863; expires=Sat, 06-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Sat, 20 Feb 2021 02:07:43 GMT
content-type: text/html
content-length: 154
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Sat, 20-Feb-21 02:17:43 GMT aid=fwAAAWAwbu+lZgHaizDSAurt8w4AXwWLiaJDFCz8/vCsey6p; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location: /mc/?dp=14&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%8...
https://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%...

43 B
341 B

26ms
25ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5&oE=1&oP=1&dT=2021-02-20T03%3A07%3A43.297&fu=1ced091b-3e9e-46fb-a20e-f31f4e327afb
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=51029989&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=&rs=1600x1200&t=%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5&oE=1&oP=1&dT=2021-02-20T03%3A07%3A43.297&fu=1ced091b-3e9e-46fb-a20e-f31f4e327afb
Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E45B 405 B
446 B 75ms
75ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1706824535&pi=t.aa~a.2313465991~i.57~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=2&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90&nras=2&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8Uwu4d00Xj&p=http%3A//proffy.info&dtd=25

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a18dde6511fdb88c977c196c876402a04b8f5849f1be792453d1919b13a17a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1706824535&pi=t.aa~a.2313465991~i.57~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=2&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90&nras=2&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1663&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=8Uwu4d00Xj&p=http%3A//proffy.info&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUn1KyCY3XzI739zcsAavOGOSxQQrsE1WLJ7Qd3aF1uWOOOydjd9-6X0UJkG; expires=Thu, 17-Mar-2022 02:07:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24C3 405 B
370 B 122ms
122ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2827832974&pi=t.aa~a.2313465991~i.59~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280&nras=3&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1bG1RRalFH&p=http%3A//proffy.info&dtd=31

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c16bc795917e9d8c82c177c4ec475e3bddea2e26196d9e33ee2e87feae1b1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2827832974&pi=t.aa~a.2313465991~i.59~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=-M&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280&nras=3&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1bG1RRalFH&p=http%3A//proffy.info&dtd=31
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUlE8035jPfuAY_TQP5JIzB74j-J6GOLkZeh7-BzGxJmwKjSY07gghc_Zutv; expires=Thu, 17-Mar-2022 02:07:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A02 405 B
366 B 118ms
118ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2556572655&pi=t.aa~a.2313465991~i.106~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280&nras=4&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=SImPkwoXmK&p=http%3A//proffy.info&dtd=36

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f913f37f24a5f2366c8c6f48491f7de98abc61f625b1015e59fcee10af68fd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=2556572655&pi=t.aa~a.2313465991~i.106~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863242&bpp=1&bdt=516&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280&nras=4&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=SImPkwoXmK&p=http%3A//proffy.info&dtd=36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlEI8_l5zjfl7ARqcMCzF8m5hHVqegolmsr3W22Tj5DmYBqzisttINeEgtn; expires=Thu, 17-Mar-2022 02:07:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

match
ads.betweendigital.com/ Frame 49A5
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B&crf=1

68 B
150 B

27ms
27ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007FEF6E3060DA0166A502D2308B&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 49A5
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007FEF6E306073004F8B029BD81D

43 B
270 B

80ms
25ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007FEF6E306073004F8B029BD81D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007FEF6E306073004F8B029BD81D
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 49A5
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FEF6E3060DA0166A502D2308B
https://px.adhigh.net/p/cm/sape?u=0100007FEF6E3060DA0166A502D2308B&bounced=1
https://acint.net/match?dp=17&euid=eam343XAfZs.AikABlF3vTEapg

43 B
269 B

26ms
26ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=eam343XAfZs.AikABlF3vTEapg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:27 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f6-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=eam343XAfZs.AikABlF3vTEapg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 49A5 43 B
635 B 143ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Last-Modified: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sat, 20 Feb 2021 08:07:43 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 49A5
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5792429666
https://www.acint.net/rmatch?dp=45&euid=A2nwQZFCMrvF995EU3z192Q&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEF6E3060DA0166A502D2308B

42 B
201 B

102ms
56ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sat, 20 Feb 2021 02:07:43 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEF6E3060DA0166A502D2308B
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 49A5
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=3c5a640c-d3fe-41b9-b28a-89504df6d3cd
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjv3cGBBlIEioaQK2IkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2Nk
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjv3cGBBlIEioaQK2IkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**

43 B
552 B

22ms
22ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
ETag: 6b1a3a56-7320-11eb-8a53-0cc47a6d2fef
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARjv3cGBBmIkM2M1YTY0MGMtZDNmZS00MWI5LWIyOGEtODk1MDRkZjZkM2NkogEQaxo6VnMgEeuKUwzEem0v7w**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 49A5 0
238 B 170ms
55ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007FEF6E3060DA0166A502D2308B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:43 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 116
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 49A5 3 KB
3 KB 198ms
63ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 49A5 0
69 B 84ms
26ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 Feb 2021 02:07:43 GMT
server: nginx/1.17.0

GET
H2

200

match
www.acint.net/ Frame 49A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-9uMGDaAWalAtIwiw
https://www.acint.net/match?dp=77&euid=

43 B
269 B

26ms
26ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 49A5
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B

43 B
115 B

51ms
17ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Sat, 20 Feb 2021 02:07:43 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FEF6E3060DA0166A502D2308B
date: Sat, 20 Feb 2021 02:07:43 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 49A5 42 B
201 B 229ms
56ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sprcs
relap.io/partners/ Frame 49A5 43 B
1 KB 208ms
71ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007FEF6E3060DA0166A502D2308B

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 49A5
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007FEF6E3060DA0166A502D2308B
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FEF6E3060DA0166A502D2308B
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60306eefd41e06bf83713ffb&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=60306eefd41e06bf83713ffb&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D60306eefd41e06bf83713ffb%2526d...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253DYABBI%2526id%253D60306eefd41e06bf83713ffb%2526d...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DYABBI%26id%3D60306eefd41e06bf83713ffb%26dest%3D&webouid=NKXRQkToAHFn/q65oy4EEe
https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest=
https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest=&bounce=1

0
584 B

57ms
57ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest=&bounce=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:44 GMT
Last-Modified: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Sat, 20 Feb 2021 02:07:43 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:43 GMT
Last-Modified: Sat, 20 Feb 2021 02:07:42 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://x01.aidata.io/0.gif?pid=YABBI&id=60306eefd41e06bf83713ffb&dest=&bounce=1
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Sat, 20 Feb 2021 02:07:42 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 49A5
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B&cs=1

35 B
376 B

27ms
27ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEF6E3060DA0166A502D2308B&cs=1
date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 49A5
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=W3eLXXQihRmh

43 B
269 B

26ms
25ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=W3eLXXQihRmh
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=W3eLXXQihRmh
Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 49A5
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=4a949e9e-a31b-5233-8f4c-49dfef7c2730

43 B
269 B

26ms
25ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=4a949e9e-a31b-5233-8f4c-49dfef7c2730
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=4a949e9e-a31b-5233-8f4c-49dfef7c2730
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 p
0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru/ Frame 49A5 35 B
627 B 230ms
57ms Image
image/gif 37.9.245.57
BEE-AS Russia

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru/p?ssp=sp&id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.35
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

tQM27Tc3Ru23BeRAxDGA5w
an.yandex.ru/setud/mts_banner/ Frame 49A5
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEF6E3060DA0166A502D2308B
https://sm.rtb.mts.ru/p?ssp=natimatica&id=a39d14978e656f4ae9e6de540bcc71f655ef
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=natimatica&exu=a39d14978e656f4ae9e6de540bcc71f655ef
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864

43 B
290 B

72ms
72ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sat, 20 Feb 2021 02:07:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=2448808864
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 20 Feb 2021 02:07:44 GMT

GET
H2

404

tQM27Tc3Ru23BeRAxDGA5w
an.yandex.ru/setud/mts_banner/ Frame 49A5
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEF6E3060DA0166A502D2308B
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=sape&exu=0100007FEF6E3060DA0166A502D2308B
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899

43 B
290 B

74ms
73ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sat, 20 Feb 2021 02:07:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=1928708899
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 20 Feb 2021 02:07:44 GMT

GET
H2

200

match
www.acint.net/ Frame 49A5
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=d696ea85-31ae-4fe4-4b36-f7dbdbbfe3e0

43 B
269 B

25ms
25ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=d696ea85-31ae-4fe4-4b36-f7dbdbbfe3e0
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=d696ea85-31ae-4fe4-4b36-f7dbdbbfe3e0
date: Sat, 20 Feb 2021 02:07:43 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 49A5
Redirect Chain

https://s.uuidksinc.net/match/396/0100007FEF6E3060DA0166A502D2308B
https://www.acint.net/match?dp=127&euid=HfhY6UqTJz3H88u4WnZy

43 B
269 B

26ms
25ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=HfhY6UqTJz3H88u4WnZy
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sat, 20 Feb 2021 02:07:43 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=HfhY6UqTJz3H88u4WnZy
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 49A5 0
215 B 185ms
60ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 20 Feb 2021 02:07:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007FEF6E3060DA0166A502D2308B
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 49A5 0
172 B 189ms
64ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 Podolsk, Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 49A5
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEF6E3060DA0166A502D2308B
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEF6E3060DA0166A502D2308B&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
584 B

57ms
56ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:44 GMT
Last-Modified: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Sat, 20 Feb 2021 02:07:43 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Sat, 20 Feb 2021 02:07:44 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 95CA 187 B
547 B 115ms
92ms Document
text/html 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/mc/?dp=14&tc=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.acint.net/mc/?dp=14&tc=1

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-type: text/html
set-cookie: __cfduid=d1f1425b851893bdfb0d8ea62c11a8c9b1613786863; expires=Mon, 22-Mar-21 02:07:43 GMT; path=/; domain=.advarkads.com; HttpOnly; SameSite=Lax
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 085eca6f50000005d4a88fc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6244acf87ecc05d4-FRA
content-encoding: gzip

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD3F 405 B
230 B 60ms
59ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1196090153&pi=t.aa~a.2313465991~i.256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863246&bpp=2&bdt=520&idt=2&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y7k8Nc2Oxj&p=http%3A//proffy.info&dtd=207

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e59fb8c0819441fd9f98dcc35c2ab5b941e4c813fd985dc7fa9780e90b34b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=1196090153&pi=t.aa~a.2313465991~i.256~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863246&bpp=2&bdt=520&idt=2&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4579&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=y7k8Nc2Oxj&p=http%3A//proffy.info&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlE8035jPfuAY_TQP5JIzB74j-J6GOLkZeh7-BzGxJmwKjSY07gghc_Zutv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D06 405 B
229 B 47ms
47ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=485867489&pi=t.aa~a.2313465991~i.258~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863250&bpp=1&bdt=524&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=5M23x8kI1i&p=http%3A//proffy.info&dtd=287

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eedc8a317ba800c11286066f0c9a1a0e6f728e42c6743021252c291205b0ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2743978302807619&output=html&h=280&adk=4095622344&adf=485867489&pi=t.aa~a.2313465991~i.258~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1613786863&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7371216514&psa=0&ad_type=text_image&format=1200x280&url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&flash=0&fwr=0&pra=3&rh=200&rw=1588&rpe=1&resp_fmts=3&wgl=1&fa=27&adsid=NT&dt=1613786863250&bpp=1&bdt=524&idt=1&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D349c9dc74c6b8bca-223f82fb87ba00d7%3AT%3D1613786863%3ART%3D1613786863%3AS%3DALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA&prev_fmts=0x0%2C728x90%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=3193425011358&frm=20&pv=1&ga_vid=1909708188.1613786863&ga_sid=1613786863&ga_hid=2111887669&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4637&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C21069110%2C21068786&oid=3&pvsid=657434479174487&rx=0&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8320&bc=23&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=5M23x8kI1i&p=http%3A//proffy.info&dtd=287
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlE8035jPfuAY_TQP5JIzB74j-J6GOLkZeh7-BzGxJmwKjSY07gghc_Zutv
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 20 Feb 2021 02:07:43 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 95CA 20 KB
7 KB 9ms
9ms Script
application/javascript 2606:4700:10::ac43:dab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 43
content-length: 6561
cf-request-id: 085eca6fba000005d410896000000001
last-modified: Tue, 19 Jan 2021 09:46:36 GMT
server: cloudflare
etag: "06618fa47eed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6244acf92f5505d4-FRA

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 95CA
Redirect Chain

https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c

35 B
376 B

26ms
26ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEF6E3060DA0166A502D2308B
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 49A5 15 KB
16 KB 113ms
112ms Script
application/javascript 185.15.175.132
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=614046673282681
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75

Request headers

Referer: https://www.acint.net/mc/?dp=14&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Last-Modified: Thu, 28 Jan 2021 10:50:38 GMT
Server: nginx
ETag: "601296fe-3da0"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15776

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 122 KB
43 KB 129ms
42ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: proffy.info
URL: http://proffy.info/js/yandex_metrika.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

637812af47b986d38e3529aca6be35f26b3c513ab04f17141069ef14528e1059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:44 GMT
content-encoding: br
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-a9d7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43479
expires: Sat, 20 Feb 2021 03:07:44 GMT

GET
H/1.1 200
OK nv.js Show response
p1.dircont3.com/ 50 KB
10 KB 69ms
31ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL

http://p1.dircont3.com/nv.js

Requested by

Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/586/2/586.js

Protocol

HTTP/1.1

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

b42cd0fb65747b1e99d25146b1f0b722fb72b78b0b96d4b4f0abe1d53ff0f762

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Sat, 20 Feb 2021 02:07:43 GMT
Content-Encoding: gzip
X-77-NZT-Ray: HFtAIUArBrU=
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
X-77-NZT: AcO1rzUZvifvLgEAAA==
Last-Modified: Mon, 15 Feb 2021 20:02:27 GMT
Server: CDN77-Turbo
ETag: W/"602ad353-c64b"
Strict-Transport-Security: max-age=604800
Content-Type: application/javascript
X-Age: 302
Expires: Thu, 04 Mar 2021 02:02:41 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ 30 B
366 B 33ms
32ms Script
application/javascript 116.202.128.114
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp-rtb.sape.ru/data/?callback=sapeRTB_60306eeff_36561974&srtbid=95403&scids=93390459&sx=1600&sy=1200&ref=&allimps=0&fl=0&v=2&tz=%2B01%3A00&u=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/586/2/586.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.128.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: openresty /
Resource Hash: 9f39bf6f930696870b974a43daa5a5b6adb314da98c15d5f3742ea013d649699

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:43 GMT
Server: openresty
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 30
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
224 B 26ms
25ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A586%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A477%7D&sid=60306eef-2418-94lm-mt3x-c3jl2k4k6kab&ref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&r=1613786864
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1
www.acint.net/pxl/ 43 B
224 B 26ms
26ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/1?dp=16&id=95403.446640.93390459&sid=60306eef-2418-94lm-mt3x-c3jl2k4k6kab&r=rxu20lea4f4q
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 49A5
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0...

49 B
602 B

65ms
65ms

Image
image/gif

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.314764375346381&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 49A5
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0...

49 B
602 B

73ms
73ms

Image
image/gif

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=693276911807722.132626608698570&a=77&e=0100007FEF6E3060DA0166A502D2308B&pref=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&c=ss:77.up:0100007FEF6E3060DA0166A502D2308B.sync:up.xdua:dugKN5DKpQ6drmMFieBHA8yz.xps:xpsizTc6J1C0ek_rh5Hi4Ow3J.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 3
www.acint.net/pxl/ 43 B
224 B 26ms
26ms Image
image/gif 46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/pxl/3?dp=16&id=95403.446640.93390459&sid=60306eef-2418-94lm-mt3x-c3jl2k4k6kab&r=o4iu6kvxbu3d
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK / Show response
ps.ntvk1.ru/nv/ 4 KB
4 KB 230ms
80ms XHR
text/plain 95.213.133.114
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.ntvk1.ru/nv/?top_href=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm

Requested by

Host: p1.dircont3.com
URL: http://p1.dircont3.com/nv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.213.133.114 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.15.7 /

Resource Hash

0488879602905291bbbbc631c0f8190c033ba3bf4ce6b5fa11f4c3f4b7c79629

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Access-Control-Request-Method: POST
Server: nginx/1.15.7
Accept-Language: en-US,en;q=0.8
Strict-Transport-Security: max-age=604800
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://proffy.info
Accept: */*
Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Nativka-Host: ps3.ntvk1.ru
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key, Cookie, Referer, User-Agent, Host, Connection
Content-Length: 3776
Access-Control-Request-Headers: origin, content-type

GET
H2

200

1 Show response
mc.yandex.ru/watch/39500550/
Redirect Chain

https://mc.yandex.ru/watch/39500550?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-...
https://mc.yandex.ru/watch/39500550/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindow...

186 B
268 B

44ms
44ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/39500550/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A340455900700%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1010596351%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Requested by

Host: proffy.info
URL: http://proffy.info/win7/ie.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f9e4debc97d0c5b449a642fe7194549fbbb25b8f8c680b9342dfb0a3d95b05c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 20-Feb-2021 02:07:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://proffy.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sat, 20-Feb-2021 02:07:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20-Feb-2021 02:07:44 GMT
location: /watch/39500550/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A1%3Adp%3A0%3Als%3A340455900700%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1010596351%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5
strict-transport-security: max-age=31536000
access-control-allow-origin: http://proffy.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 20-Feb-2021 02:07:44 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/71281900/
Redirect Chain

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n...
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z...

167 B
202 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1605159104012%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1040991719%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5

Requested by

Host: proffy.info
URL: http://proffy.info/win7/ie.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0201d1064850de72374dbf90244a5bfcc7f38d8adfd82dd733255385259ab402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
x-content-type-options: nosniff
last-modified: Sat, 20-Feb-2021 02:07:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://proffy.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 20-Feb-2021 02:07:44 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20-Feb-2021 02:07:44 GMT
location: /watch/71281900/1?wmode=7&page-url=http%3A%2F%2Fproffy.info%2Fwin7%2Fie.htm&charset=utf-8&site-info=%7B%22site_id%22%3A586%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aqtcqyojs4f5z2n%3Afp%3A138%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A421%3Acn%3A2%3Adp%3A0%3Als%3A1605159104012%3Ahid%3A235730141%3Az%3A60%3Ai%3A20210220030744%3Aet%3A1613786864%3Ac%3A1%3Arn%3A1040991719%3Au%3A1613786864750478781%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1613786862671%3Ads%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1212%2C9%2C%2C%2C%2C1267%3Adsn%3A14%2C13%2C25%2C35%2C0%2C0%2C%2C1179%2C9%2C%2C%2C%2C1267%3Arqnl%3A1%3Ati%3A2%3Ast%3A1613786864%3At%3A%D0%9D%D0%B0%D1%81%D1%82%D1%80%D0%BE%D0%B9%D0%BA%D0%B8%20Internet%20Explorer%20%D0%B2%20%D1%80%D0%B5%D0%B5%D1%81%D1%82%D1%80%D0%B5
strict-transport-security: max-age=31536000
access-control-allow-origin: http://proffy.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 20-Feb-2021 02:07:44 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
244 B 43ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: proffy.info
URL: http://proffy.info/win7/ie.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Mon, 15 Feb 2021 13:31:56 GMT
etag: "602bfd68-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 20 Feb 2021 03:07:44 GMT

GET
H2 200 1 Show response
ymetrica1.com/watch/3/ 43 B
368 B 177ms
61ms XHR
image/gif 80.239.201.20
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL

https://ymetrica1.com/watch/3/1?

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

80.239.201.20 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),

Reverse DNS

80-239-201-20.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
last-modified: Sat, 20-Feb-2021 02:07:44 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://proffy.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 20-Feb-2021 02:07:44 GMT

GET
H/1.1 200
OK icons.png
proffy.info/42/ 5 KB
5 KB 20ms
20ms Image
image/png 88.85.67.170
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://proffy.info/42/icons.png
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Server: 88.85.67.170 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: norka.tv
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/7.4.15
Resource Hash: 254d702d89998366db6dbb5dcfc4d7fbc15672e53661a8312804ccb42b691858

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Etag: "72b2e74fbb9c51791521035e0bab0810"
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.15
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b3afcb43b72cb429065e713d7f778462323687af5a307681c296ce27d5aff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 20 Feb 2021 02:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6390
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sat, 20 Feb 2021 02:07:44 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 415C 12 KB
5 KB 33ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://proffy.info/win7/ie.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://proffy.info/win7/ie.htm

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 20 Feb 2021 00:55:09 GMT
expires: Sun, 20 Feb 2022 00:55:09 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4355
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 -3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js Show response
pagead2.googlesyndication.com/bg/ Frame 415C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-3PV2TBX5k4pcSnShz_dD7g-pd6mO_d82H6QQa9Z28c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 07:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 152024
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0
expires: Fri, 18 Feb 2022 07:54:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=657434479174487&bg=!xMelx4TNAAXRs2QT0TsAKQB2-DxaSxYFCwH4pv8_YnlK3wQ4BLgteOLpePOuhm3XmnMjuIFDWbR5AgAAAFtSAAAAEGgBBwoBkNXTXt7OPPA4C5oa2YsaKQPhh6AGNInxs2mFzlFm2mpyFKWEN28omRyZx2gGGB0eqot5UsWaAKJay17Cdw2he_UWRITheDq2-OaUkFMD_tQVax4gCvC9E8f0w98FTu41qBCMRWXmw-93Nl--1_ruSCYbMN5IaUgyRbA2J8WrSj0_jmKiy81-qP5vEU_LH3xlBw2D77S27ZjgEXz2WTbmXf0vjrBRqsNLr-BvnPHSQP3eKTDl-xgemsvG4QcmtaYlSBeeR5B0Tm2OUla0LpfO1Q0HvMp_Y5C3TDawHZIQffzX-5HqlxfJfomUp4TA_IaLDdkcLY_piktIrBiGroLxD-09VyiBwZ3Ita0lfPUMSESfNpINqHA5i_N8EdQ2FBRSmHifTuEMkepj7HIrjcFokqiYoInO6ohHGVtEQjIHdIW40bwX0hPs4661jiedy768JGMN3Ij0WAfe7qgqxhq--9SPa4JjVlSk9idUWaiQqGd4ijeuAIrdQCGjBZfEvaxYW7Iwm0G01R5e-o1glD77QGOZAccAe-oNQMkucCFeWl_bCBSicGmG_YJd0UK2_Q5sOh7RxZ7Ba18DRUXkumkeAJ2XAoo4hvPtOf2dRrsbpSaXoWBl8ogFRaaXtAMSgOVjduc6shPIZzUK1liFnHFw1LOgpLEj2BLdFQQm4VNxBsng5LFD8M2Jj84IGHbO4Lsv8ApPYu-xPAyuXgEOyRqjUJ6POAE4n_1gkhpi297ogyRZpa-v1MzrGJMfu3PO-NGwo0BX7b5y69ICPv00ra7Sas-a0PaEIxtkP9nYMDlRdLFM-4xkKkEmJJhSY7TDsTfC3EN7eUwYxw0IcN-ia9hbRulcQyqMLfa5lfcItd8bAZNfLZpTlXHN3IK_G-ZTtv3QFoPiB28hv-Pm4hFBmiLbIuNnTSbVmrFJp-Hf4NT7Y4ftFTVt26gcG_m-zE8gpyqcjD-JvZjEj4I59wE_dwTlwcJtbfZpHt9MDRKw8rQncI37cKWmIJbFD6d4zK-cONPItmzpNnX0fR3Y7eloyJRcxnVYmhjXvMSg7qqgP4A26NlB0VZPEnRr-Gm5xL8ka1DCs1H_4rIsTXsgb7B2OKmnPc0sZT6ffCqkuCiYLDC5KtwEMcpZHtZLvp5Ciw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ps5.ntvk1.ru/ 102 B
429 B 199ms
72ms XHR
application/json 194.176.118.216
LOGOL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ps5.ntvk1.ru/?r=oz2mgkpb19
Requested by: Host: proffy.info
URL: http://proffy.info/win7/ie.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.176.118.216 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40666.acod.regrucolo.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Server: nginx/1.10.3 (Ubuntu)
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://proffy.info
Access-Control-Expose-Headers: Content-Length,Date,Server
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

GET
H/1.1

204
No Content

matchspm
ut.rktch.com/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}
https://ut.rktch.com/matchspm?pi=1000006&pui=NKXRQkToAHFn/q65oy4EEe

0
287 B

158ms
60ms

Image
text/plain

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=NKXRQkToAHFn/q65oy4EEe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

Redirect headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:44 GMT
via: 1.1 google
last-modified: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=NKXRQkToAHFn/q65oy4EEe
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 204
No Content matchspm
ut.rktch.com/ 0
287 B 60ms
59ms Image
text/plain 89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=2&pui=73c192658967485ebe8bc81589c685f3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS

GET
H2

404

tQM27Tc3Ru23BeRAxDGA5w
an.yandex.ru/setud/mts_banner/
Redirect Chain

https://ut.rktch.com/matchbt?bi=29
https://sm.rtb.mts.ru/p?ssp=natimatica&id=a39d14978e656f4ae9e6de540bcc71f655ef
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&ssp=natimatica&exu=a39d14978e656f4ae9e6de540bcc71f655ef
https://tech.rtb.mts.ru/?dsp_uid=b50336ed-3737-46ed-b705-e440c43180e7&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FtQM27Tc3Ru23BeRAxDGA5w%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=3938689121

43 B
290 B

59ms
59ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=3938689121
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Feb 2021 02:07:45 GMT
last-modified: Sat, 20 Feb 2021 02:07:45 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sat, 20 Feb 2021 02:07:45 GMT

Redirect headers

Date: Sat, 20 Feb 2021 02:07:45 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/tQM27Tc3Ru23BeRAxDGA5w?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3Db50336ed-3737-46ed-b705-e440c43180e7&sign=3938689121
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

natimatica
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://ut.rktch.com/matchbt?bi=27
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?uid=a39d14978e656f4ae9e6de540bcc71f655ef
https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=a39d14978e656f4ae9e6de540bcc71f655ef

43 B
130 B

27ms
26ms

Image
image/gif

138.201.34.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=a39d14978e656f4ae9e6de540bcc71f655ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.201.34.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/natimatica?set_buzzoola_cookie=t&uid=a39d14978e656f4ae9e6de540bcc71f655ef
date: Sat, 20 Feb 2021 02:07:44 GMT
server: nginx
etag: W/"51f433262b7412b7662e3e30fe36d30e7e1b7d1dfbae5e64295f7185b7f06354"
content-length: 129
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://ut.rktch.com/matchbt?bi=50
https://api.advarkads.com/api/statistic/match?id=8067-1-1&uid=a39d14978e656f4ae9e6de540bcc71f655ef
https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c

35 B
376 B

26ms
26ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:45 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 20 Feb 2021 02:07:44 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.1dmp.io/pixel.gif?cid=56d5b2e0-5dbd-4dc5-ae55-187613386723&brid=4feddb1c-24c5-44e6-b719-d1f7af168769&pid=w&uid=86d71201-8e64-4599-9b93-df8eaa3c2d7c
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: -1

GET
H2

200

uuid
rtb.beroll.ru/
Redirect Chain

https://ut.rktch.com/matchbt?bi=39
https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D

0
86 B

233ms
60ms

Image
text/plain

82.202.224.34
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.224.34 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:45 GMT
server: nginx/1.14.0
content-length: 0
content-type: application/octet-stream, text/plain

Redirect headers

Date: Sat, 20 Feb 2021 02:07:44 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
location: https://rtb.beroll.ru/uuid?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D39%26bui%3D
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300
https://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300

43 B
224 B

26ms
26ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://proffy.info/win7/ie.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 20 Feb 2021 02:07:46 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=171b1ee6-9e73-4ead-a1b7-dde1d10451d4&dp=14&tz=%2B01%3A00&nc=61580933&dT=2021-02-20T03%3A07%3A46.300
Date: Sat, 20 Feb 2021 02:07:46 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.advarkads.com/	1970-01-20 09:47:38	Name: u Value: 86d71201-8e64-4599-9b93-df8eaa3c2d7c
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp146 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp144 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp136 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp138 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp127 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp126 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp125 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp107 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp88 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp84 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp101 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp68 Value: 1613786863
.acint.net/	1970-01-19 16:36:36	Name: cSyncDp111v2 Value: 1613786863
.acint.net/	1970-01-19 16:36:36	Name: cSyncDp77 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp67v2 Value: 1613786863
.proffy.info/	1970-01-19 16:17:38	Name: _ym_isad Value: 2
.proffy.info/	1970-01-20 01:02:02	Name: _ym_uid Value: 1613786864750478781
.acint.net/	1970-01-19 16:17:53	Name: cSyncDp45v3 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp32 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp14v3 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp17 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp7v2 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp62 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp112v2 Value: 1613786863
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWAwbu+lZgHaizDSAurt8w4AXwWLiaJDFCz8/vCsey6p
.acint.net/	1970-01-19 16:36:36	Name: cSyncDp104v2 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp95v2 Value: 1613786863
.acint.net/	1970-01-19 16:16:27	Name: test_cookie Value: CheckForPermission
.proffy.info/	1970-01-20 01:02:02	Name: _ym_d Value: 1613786864
proffy.info/	1978-01-11 21:31:40	Name: fid Value: 1ced091b-3e9e-46fb-a20e-f31f4e327afb
.proffy.info/	1970-01-20 01:38:02	Name: __gads Value: ID=349c9dc74c6b8bca-223f82fb87ba00d7:T=1613786863:RT=1613786863:S=ALNI_MYanK2qYmYLIyiAVh6Xg8ZESpPOaA
.doubleclick.net/	1970-01-20 01:38:02	Name: IDE Value: AHWqTUlE8035jPfuAY_TQP5JIzB74j-J6GOLkZeh7-BzGxJmwKjSY07gghc_Zutv
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp85 Value: 1613786863
.acint.net/	1970-01-19 16:59:38	Name: cSyncDp54v2 Value: 1613786863
.proffy.info/win7	1969-12-31 23:59:59	Name: gadsTest Value: test

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007fef6e3060da0166a502d2308b-sp.ops.beeline.ru
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
counter.yadro.ru
cse.google.com
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
match.new-programmatic.com
mc.yandex.ru
p1.dircont3.com
pagead2.googlesyndication.com
partner.googleadservices.com
proffy.info
ps.ntvk1.ru
ps5.ntvk1.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
rtb.beroll.ru
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google.com
www.googletagservices.com
www.linksmanagement.com
x01.aidata.io
ymetrica1.com
109.248.237.37
116.202.128.114
136.243.148.229
138.201.34.238
142.250.185.66
142.250.186.98
185.15.175.132
185.15.175.147
188.34.131.134
188.42.191.196
188.42.29.80
193.232.121.29
193.232.148.145
194.176.118.216
194.190.117.94
195.201.243.72
195.201.57.28
195.209.108.35
213.87.44.207
217.65.2.150
217.66.147.166
2606:4700:10::ac43:dab
2606:4700:20::681a:7b3
2a00:1148:db00::17
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:6b8::1:119
2a02:6b8::90
2a02:6ea0:c700::4
31.172.81.160
31.172.81.172
31.220.27.134
35.190.16.14
37.18.16.23
37.9.245.57
46.4.114.109
80.239.201.20
80.64.106.149
81.222.128.216
82.202.224.34
88.212.201.204
88.85.67.170
89.108.119.43
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
95.213.133.114
00bcd6d30e9ec93a2270589fa152e6e3fb43be5fe7da5831cf9618a0ecb66a20
0201d1064850de72374dbf90244a5bfcc7f38d8adfd82dd733255385259ab402
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0488879602905291bbbbc631c0f8190c033ba3bf4ce6b5fa11f4c3f4b7c79629
0a18dde6511fdb88c977c196c876402a04b8f5849f1be792453d1919b13a17a8
0e59fb8c0819441fd9f98dcc35c2ab5b941e4c813fd985dc7fa9780e90b34b4b
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
197def9a9977aeeae18d8c9e16007b8f5bfffa388c656736c09248a77f58084f
254d702d89998366db6dbb5dcfc4d7fbc15672e53661a8312804ccb42b691858
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2d06e396ae3e665587c28f5ab65944261d284a6d4597f89f741c12ed8354bd5d
2e0e878a41cbf1c2aa09176ad0afe985d53fa958f7b191e8bba15089f6c29c7b
3828fc33d5a992f1ddb339e5e8bf69124e79afc57435cef2b57723b29d219ad0
44ef37b8b30cadcc8ce7df99e894102331ec2baaed76ee10432c7cd277987139
4799a2566b7cf3188acb777d883fee48e523920c7a15e51644fb0ad5855e659d
488929e22c53693c94852fb74982b8052fdd2b723b9e60bfbe36b00fcbce2976
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
5170e406c620439d8b2371dc2762a8e01412787ec38a4a3b6f7a90ba53ad22ec
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a49726bf861ad2dbeed14284fc73e953d2e0c8760d79741829116fada42ff75
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
609c63905a53fb868987279daf5a76db62719062bc497e07db3b6866ec531e56
62f9c05a52df5e460dbeea9ccefad86c52da619b0a0d85287dba7fc212e1181a
637812af47b986d38e3529aca6be35f26b3c513ab04f17141069ef14528e1059
6975c1dddd0afbecc1fe005d15bf8d274a63faefe46386fbc6019ed9d6394e2f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c26533254dc21fba188b69b81300ecd94c1bef2dda72b9dbb750111973ed31b
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
884e724e7230bab8c1f1ff2354f343f1d85957462fe579a7721ad99e3282bbdd
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9727dc7ae81a847700f392d3eac67e5db8237147e966566523097c236a682e1c
9c16bc795917e9d8c82c177c4ec475e3bddea2e26196d9e33ee2e87feae1b1af
9eedc8a317ba800c11286066f0c9a1a0e6f728e42c6743021252c291205b0ed6
9f39bf6f930696870b974a43daa5a5b6adb314da98c15d5f3742ea013d649699
a173960e4fbc8534e459d15f996c9601434806284138040a159294a3bc112509
a5b3afcb43b72cb429065e713d7f778462323687af5a307681c296ce27d5aff9
ab53fd67bc7bddd751a8a796690c2244bb33adb1c256e8deed8e1d4926606451
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2417070d2bf6f9b3fcfa9c4b2c602d4b76067f53134dfcfd1d2a14af0655f81
b42cd0fb65747b1e99d25146b1f0b722fb72b78b0b96d4b4f0abe1d53ff0f762
b619edc7bcfe069da06d2c969903e1987ab50bcccecc47b60984c1071ad41a94
bf8f3793567ace14b4d2109f661f94b824b0ef68192957f1cefbd6becca38e6c
c346dc719d9cc186e3ff6e1c91a10191755100e0d65387984b43fdf56fa00de0
c4d1e6c2a01121362ebda7a0362c223af57b5ed1bcdfd14151b50071e7ef2831
c78c7277fccb4ec3dffa1246d1b4ff9a49edb17dfce1e7dc7c4a38d23f0e65c2
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2c84b3fcd5c28df842c2e8be80502f907e4ec1bfea6b300d425f45b11f03409
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e21cba3005d24b55e8b4f6c33fb3567a25c6d89fb5d77aee11595dee784149d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f913f37f24a5f2366c8c6f48491f7de98abc61f625b1015e59fcee10af68fd25
f9e4debc97d0c5b449a642fe7194549fbbb25b8f8c680b9342dfb0a3d95b05c8
fb73d5d93057e64e297129d2873fdd0fb83ea5dea63bf77cd87e9041af59dbc7
fe9cd384c73bc107b6da5315ab8841505c1283e116788faca5178fc4576ecc96

proffy.info Open in urlscan Pro 88.85.67.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

97 Requests

78 %HTTPS

25 %IPv6

42 Domains

54 Subdomains

39 IPs

6 Countries

775 kBTransfer

1647 kBSize

36 Cookies

2 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

proffy.info Open in urlscan Pro
88.85.67.170 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

78 %
HTTPS

25 %
IPv6

42
Domains

54
Subdomains

39
IPs

6
Countries

775 kB
Transfer

1647 kB
Size

36
Cookies

97 HTTP transactions
0 data transactions