winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Submission Tags: falconsandbox
Submission: On January 18 via api (January 18th 2022, 10:10:03 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 44 domains to perform 113 HTTP transactions. The main IP is 188.40.254.211, located in Germany and belongs to HETZNER-AS, DE. The main domain is winintro.ru.

This is the only time winintro.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	188.40.254.211 188.40.254.211	24940 (HETZNER-AS) (HETZNER-AS)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5 22	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3 4	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1 1	157.90.6.176 157.90.6.176	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.150.61 193.232.150.61	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	81.222.128.16 81.222.128.16	20597 (ELTEL-AS) (ELTEL-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c097	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.93 194.190.117.93	204600 (REPUBLER-AS) (REPUBLER-AS)
4 6	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.108.196 195.201.108.196	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.78.49 148.251.78.49	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	88.99.214.77 88.99.214.77	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	5.200.44.35 5.200.44.35	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
6 6	217.66.147.161 217.66.147.161	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.104.161 65.108.104.161	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 2	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2606:4700:10:... 2606:4700:10::6816:457	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.42.29.80 188.42.29.80	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2 4	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
113	35

25 188.40.254.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cpanel10.coopertino.ru

winintro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 195.201.243.72 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 96.46.186.57 (United States) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.6.176 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1359715.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.61 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp21.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.16 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad10.adriver.ru

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c097 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.93 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb1.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.159 (Muehlheim am Main, Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.108.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.108.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.78.49 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.214.77 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-214-77.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.44.35 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.66.147.161 (St Petersburg, Russian Federation) 6 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-161-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.193.58.13 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.156.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.104.161 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.161.104.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.80 (Luxembourg)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.133 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	336 KB
25	winintro.ru winintro.ru	61 KB
22	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 35385 acint.net — Cisco Umbrella Rank: 28552	17 KB
8	mts.ru 8 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34403 tech.rtb.mts.ru — Cisco Umbrella Rank: 35053	5 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	73 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 121910 dmg.digitaltarget.ru — Cisco Umbrella Rank: 24900	22 KB
4	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 2736	2 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 24531 ssp.adriver.ru — Cisco Umbrella Rank: 13446	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1818	3 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 80 mts0.google.com — Cisco Umbrella Rank: 3919 www.google.com — Cisco Umbrella Rank: 13	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	55 KB
3	advarkads.com s3.advarkads.com — Cisco Umbrella Rank: 107349 api.advarkads.com — Cisco Umbrella Rank: 30415	8 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13701	1 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33494 7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	yandex.ru 1 redirects an.yandex.ru — Cisco Umbrella Rank: 3286	664 B
2	konnektu.ru 2 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 94580	354 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10065	500 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 45473	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 12235	818 B
2	adsniper.ru 2 redirects sync3.adsniper.ru — Cisco Umbrella Rank: 12418	1 KB
2	republer.com 2 redirects sync.republer.com — Cisco Umbrella Rank: 49095	950 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 10726	826 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 76831	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 48668	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 45116	454 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11367	208 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 25947	176 B
1	beeline.ru 1 redirects 0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 56157	162 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 215066	416 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 114006	304 B
1	relap.io relap.io — Cisco Umbrella Rank: 29912
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 167542	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 235817	108 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 21128	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 31804	239 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 48913	823 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 7967	764 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 37547	566 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	644 B
113	44

	Domain	Requested by
25	winintro.ru	winintro.ru
18	www.acint.net	5 redirects winintro.ru www.acint.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net winintro.ru tpc.googlesyndication.com pagead2.googlesyndication.com
13	pagead2.googlesyndication.com	winintro.ru pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	sm.rtb.mts.ru	6 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	sync.bumlam.com	2 redirects www.acint.net
4	acint.net	www.acint.net
4	ads.betweendigital.com	3 redirects www.acint.net
3	x01.aidata.io	2 redirects www.acint.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	an.yandex.ru	1 redirects www.acint.net
2	pixel.konnektu.ru	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	cm.g.doubleclick.net	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync3.adsniper.ru	2 redirects
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	winintro.ru
1	mts0.google.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	api.advarkads.com	s3.advarkads.com
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
113	56

This site contains no links.

Subject Issuer	Validity	Valid
*.acint.net R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
relap.io GeoTrust RSA CA 2018	`2021-08-26` - `2022-09-26`	a year	crt.sh
new-programmatic.com R3	`2021-10-24` - `2022-01-22`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2022-01-02` - `2023-02-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Frame ID: 241F43016AF4FBB66F822EFA641F7D4A
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html
Frame ID: CDE6F0D775BAD749AE535B982287E570
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: BF114284F1FD0E94C94BD079FBD59FC6
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1642543799&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&ea=0&flash=0&pra=5&wgl=1&dt=1642543798839&bpp=3&bdt=251&idt=206&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5900175807924&frm=20&pv=2&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=217
Frame ID: 6029D4265F944E403CD26583FA9B4405
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543799&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543798842&bpp=1&bdt=254&idt=220&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5900175807924&frm=20&pv=1&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w4wmtWTPHr&p=http%3A//winintro.ru&dtd=224
Frame ID: 3F3FE43BFC4A3E58B0BD51B454E6BCCE
Requests: 17 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
Frame ID: 912F60F621FF525297BCC80E8F778BD4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6DF3B562A7A60F958AB7C56EC85D863F
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C965309D64B223C94A6790391F867C0A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js
Frame ID: 108A3DB4A2C679837D992CB3413C5D16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61F5A1B17F70F2CE2990220A43D153A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A7C209F8B60D805C68CF3FBD40034C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Installing a Server Certificate for TLS Encryption

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

113
Requests

55 %
HTTPS

28 %
IPv6

44
Domains

56
Subdomains

35
IPs

6
Countries

665 kB
Transfer

1730 kB
Size

71
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 29

http://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-18T22%3A09%3A58.939&fu=635df956-ed56-4343-9bb8-6cb26d6239e0 HTTP 302
https://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-18T22%3A09%3A58.939&fu=635df956-ed56-4343-9bb8-6cb26d6239e0

Request Chain 34

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213&crf=1

Request Chain 35

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007FB73AE761CE003EAE02E0E61E

Request Chain 36

https://px.adhigh.net/p/cm/sape?u=0100007FB73AE761B400D71A027D8213 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FB73AE761B400D71A027D8213&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=uPjpwapvtiRA.AikABlF-bz1b7A

Request Chain 38

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5696737079 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Ag4PKITmZ6j7LiLZ0b50HGg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FB73AE761B400D71A027D8213

Request Chain 40

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=e5e9c128-e0c8-407f-a9a6-339df1ebcb97 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi39ZyPBlIEioaQK2IkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi39ZyPBlIEioaQK2IkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**

Request Chain 44

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=7cceb886-51ef-4465-84ba-6e3cc06ccb41

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7c652G0ANcaAn2CEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7c652G0ANcaAn2CEw&google_tc= HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 46

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213

Request Chain 49

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=XNURYTTJ

Request Chain 50

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213&cs=1

Request Chain 51

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Z6_JhAp-8kJ8

Request Chain 52

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=fc02a955-4026-5313-a3ab-2735c24c1d82

Request Chain 53

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=21ebedac52b142c2bb23ffeacb6da0b7

Request Chain 54

https://0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru/p?ssp=sp&id=0100007FB73AE761B400D71A027D8213 HTTP 301
https://www.acint.net/match?dp=111&euid=c9881190-824c-4cee-a7f6-eb725069381b

Request Chain 55

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FB73AE761B400D71A027D8213 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3747525425 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=vhJIoYH11uPFKNNu.fNjK.&noredirect

Request Chain 56

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FB73AE761B400D71A027D8213 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FB73AE761B400D71A027D8213 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id= HTTP 301
https://www.acint.net/match?dp=125&euid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231

Request Chain 57

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=950b09ee-0bad-40d5-6524-0d5b652d0e53

Request Chain 58

https://s.uuidksinc.net/match/396/?remote_uid=0100007FB73AE761B400D71A027D8213 HTTP 302
https://www.acint.net/match?dp=127&euid=FNnQmZsXXIgDTlSuqIAe

Request Chain 59

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=r28y0iou43

Request Chain 62

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FB73AE761B400D71A027D8213 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FB73AE761B400D71A027D8213&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=s1S%2BVuxKXMNA0oq6HJZ7OQ HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=s1S%2BVuxKXMNA0oq6HJZ7OQ HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D1%2526ssp%253Dkonnektu%2526exu%253Ds1S%25252BVuxKXMNA0oq6HJZ7OQ%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3Ds1S%252BVuxKXMNA0oq6HJZ7OQ%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=s1S%2BVuxKXMNA0oq6HJZ7OQ&id= HTTP 301
https://x01.aidata.io/0.gif?pid=9503528&uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&exu=s1S%!B(string=%20%20)VuxKXMNA0oq6HJZ7OQ

Request Chain 64

https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213?redir-setuniq=1

Request Chain 95

https://dmg.digitaltarget.ru/1/1093/i/i?i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 96

https://dmg.digitaltarget.ru/1/1093/i/i?i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Request Chain 115

http://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942 HTTP 302
https://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942

113 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm Show response
winintro.ru/mail.en/html/ 23 KB
6 KB 106ms
59ms Document
text/html 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

HTTP/1.1

Server

188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

cpanel10.coopertino.ru

Software

nginx /

Resource Hash

96adb6aed4d55606a21f9e51fc509deca81c4c039735411b6b89eac505eb7152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 115ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f598480a1d2f5c004a1de9a01e4d845ad5752de94f85cd84f9647fce320c89b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12865166488383611009
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51949
X-XSS-Protection: 0
Expires: Tue, 18 Jan 2022 22:09:58 GMT

GET
H/1.1 200
OK classic.css
winintro.ru/mail.en/local/ 20 KB
5 KB 50ms
49ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/classic.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 36a58af6acd580caed252ea70ef765cbf3aad5614493d92e3e6497e9f2714bf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK script.js Show response
winintro.ru/mail.en/local/ 540 B
661 B 106ms
58ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 8f6eb5eabb0fa96e48ff327248293e07045d9a997d7ea94591ea27fdb5f8ca64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK helpindex.css
winintro.ru/files/ 344 B
475 B 128ms
81ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/helpindex.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK supply.js Show response
winintro.ru/files/ 1 KB
946 B 104ms
56ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/supply.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:54 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK ext-all.css
winintro.ru/files/ 128 KB
21 KB 106ms
59ms Stylesheet
text/css 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/files/ext-all.css
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK drpdown.gif
winintro.ru/mail.en/local/ 221 B
518 B 44ms
44ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/drpdown.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 107f0e3adef7081c3bed0dbd9d7e1c6452c9ff41e2dc99cf54c6b1a881b5eadc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK drpdown_orange.gif
winintro.ru/mail.en/local/ 366 B
663 B 44ms
43ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/drpdown_orange.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: beeb534d6c70067397c12083829c0035f2d487e5f1e915548610d8554713c527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK collapse.gif
winintro.ru/mail.en/local/ 64 B
360 B 45ms
44ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/collapse.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: bdfca3b83c07515b186ac33c4be77f4d365e0774ce320f97fa2c0908280f47bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK exp.gif
winintro.ru/mail.en/local/ 67 B
363 B 45ms
44ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/exp.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 3ce490a72bc04c46e0cd83344b2686577f7c7c8e639a84eb63dbb4c2edc2b10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK collall.gif
winintro.ru/mail.en/local/ 75 B
371 B 45ms
44ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/collall.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: ced1fc5ecb99005fdea3fbc0e4c1fb94b042ed70bb66a3377e706fd98415cf10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:54 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK expall.gif
winintro.ru/mail.en/local/ 78 B
374 B 141ms
46ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/expall.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: ab0eeca7d621e00b7252a85cbc727e7ec0d5a477aaae70dda8fd0fe4b8dcbcd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:56 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK copycode.gif
winintro.ru/mail.en/local/ 578 B
875 B 69ms
49ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/copycode.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 18b9f3122939296670d9a8e54c3c761a2f044ef1911decfd7622c07b00511bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 578
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK copycodehighlight.gif
winintro.ru/mail.en/local/ 578 B
875 B 46ms
46ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/copycodehighlight.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 28608624095ea76fa24ce781fc3f495cc461af6e7154f9f5bc78b35c87fe74ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 578
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK note.gif
winintro.ru/mail.en/local/ 123 B
420 B 114ms
46ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/mail.en/local/note.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 9f761e54e38437a6a2572d15e14f6353ad3b3e91b6a055a5fc365b8ff8c29fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 10 Dec 2018 16:48:59 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 123
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK script_loc.js Show response
winintro.ru/mail.en/local/ 2 KB
1 KB 57ms
57ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script_loc.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/local/script.js
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 72b2a74df4ad58f0758dbdbe5d74a3d45c33682f82736ef3c4a79c2b2b266a27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H/1.1 200
OK script_main.js Show response
winintro.ru/mail.en/local/ 39 KB
9 KB 57ms
57ms Script
application/javascript 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://winintro.ru/mail.en/local/script_main.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/local/script.js
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: df04acf60876cf11c1ad96c8c00cff00373b68ab6d9e7ba22cb5a3ec2339de56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Dec 2018 16:49:02 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 17 Feb 2022 22:09:58 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 148ms
44ms Script
application/x-javascript 195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:58 GMT
content-encoding: gzip
last-modified: Mon, 29 Nov 2021 13:21:18 GMT
server: openresty
etag: "61a4d3ce-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Wed, 19 Jan 2022 10:09:58 GMT

GET
H/1.1 200
OK bg.gif
winintro.ru/files/images/default/toolbar/ 904 B
1 KB 69ms
50ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/toolbar/bg.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:37:13 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 904
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK btn.gif
winintro.ru/files/images/default/button/ 4 KB
4 KB 72ms
52ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/button/btn.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:57 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4298
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK home.png
winintro.ru/files/images/ 1 KB
1 KB 42ms
41ms Image
image/png 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/home.png
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:54 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1110
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK grid-blue-split.gif
winintro.ru/files/images/default/grid/ 817 B
1 KB 72ms
52ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/default/grid/grid-blue-split.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:37:01 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 817
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK toc-panel.gif
winintro.ru/files/images/ 954 B
1 KB 43ms
42ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/toc-panel.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 954
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK print.gif
winintro.ru/files/images/ 1 KB
1 KB 42ms
42ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/images/print.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/ext-all.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/ext-all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:55 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1032
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK back.gif
winintro.ru/files/ 316 B
613 B 68ms
51ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/back.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H/1.1 200
OK next.gif
winintro.ru/files/ 314 B
611 B 73ms
52ms Image
image/gif 188.40.254.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://winintro.ru/files/next.gif
Requested by: Host: winintro.ru
URL: http://winintro.ru/files/helpindex.css
Protocol: HTTP/1.1
Server: 188.40.254.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cpanel10.coopertino.ru
Software: nginx /
Resource Hash: 05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/files/helpindex.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 Jan 2022 22:09:58 GMT
Last-Modified: Mon, 11 Jul 2016 10:36:53 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 314
Expires: Sat, 19 Mar 2022 22:09:58 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ 284 KB
103 KB 151ms
55ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a8a61c0ae283ffa3409ca9ab2319283568f49e2f58be536699b087741639f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104506
x-xss-protection: 0
server: cafe
etag: 479520575480754272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 22:09:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/ Frame CDE6 11 KB
5 KB 120ms
35ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Tue, 18 Jan 2022 02:05:13 GMT
expires: Tue, 01 Feb 2022 02:05:13 GMT
cache-control: public, max-age=1209600
age: 72285
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/ Show response
www.acint.net/mc/ Frame BF11
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

17ms
17ms

Document
text/html

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: fbe17aa318e32aec2e92d9cbddf33864276ee340c63e2a117b99684515135c11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

server: openresty
date: Tue, 18 Jan 2022 22:09:59 GMT
content-type: text/html
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Tue, 18 Jan 2022 22:09:59 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&...
https://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=...

43 B
340 B

13ms
13ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-18T22%3A09%3A58.939&fu=635df956-ed56-4343-9bb8-6cb26d6239e0
Requested by: Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=07310175&u=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&r=&rs=1600x1200&t=Installing%20a%20Server%20Certificate%20for%20TLS%20Encryption&oE=1&oP=1&dT=2022-01-18T22%3A09%3A58.939&fu=635df956-ed56-4343-9bb8-6cb26d6239e0
Date: Tue, 18 Jan 2022 22:09:58 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 58ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=winintro.ru&callback=_gfp_s_&client=ca-pub-2339592383170032

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2339592383170032&plah=winintro.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7dd3aebe26c938f3de592aea9de0e9b1508d3cbb32815106b6d5d86ebfdbdfc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6029 75 KB
28 KB 568ms
567ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&adk=1812271804&adf=3025194257&lmt=1642543799&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&ea=0&flash=0&pra=5&wgl=1&dt=1642543798839&bpp=3&bdt=251&idt=206&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5900175807924&frm=20&pv=2&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&ifi=1&uci=a!1&fsb=1&dtd=217

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d767860c1f86ea9141d8d02bc4be9327011106b944eb4f6ef46fd423a6a0d8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 22:09:59 GMT
server: cafe
content-length: 28073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 22:09:59 GMT
cache-control: private

GET
H2

200

match
ads.betweendigital.com/ Frame BF11
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213&crf=1

68 B
607 B

116ms
116ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007FB73AE761B400D71A027D8213&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame BF11
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007FB73AE761CE003EAE02E0E61E

43 B
269 B

31ms
21ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007FB73AE761CE003EAE02E0E61E
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007FB73AE761CE003EAE02E0E61E
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame BF11
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FB73AE761B400D71A027D8213
https://px.adhigh.net/p/cm/sape?u=0100007FB73AE761B400D71A027D8213&bounced=1
https://acint.net/match?dp=17&euid=uPjpwapvtiRA.AikABlF-bz1b7A

43 B
269 B

10ms
10ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=uPjpwapvtiRA.AikABlF-bz1b7A
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f21-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=uPjpwapvtiRA.AikABlF-bz1b7A
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame BF11 43 B
764 B 274ms
75ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Last-Modified: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 19 Jan 2022 04:09:59 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame BF11
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5696737079
https://www.acint.net/rmatch?dp=45&euid=Ag4PKITmZ6j7LiLZ0b50HGg&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FB73AE761B400D71A027D8213

42 B
201 B

284ms
81ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 18 Jan 2022 22:09:59 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FB73AE761B400D71A027D8213
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame BF11 0
823 B 389ms
81ms Image
text/plain 2606:4700:3039::6815:c097
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c097 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuWHjiwywNPh%2FIZN583%2FfO9L8wSkzBc8937lQ%2B9JMWgPTNoWgbEFfLyrl6xbqmbHJq3ZdFaqtWOVOhpNZdSKgdaW%2FAWi3d6Y4C%2BTYFaop6H7DYWdrlbk7cP1VIRpsG00LkUaj1Cg%2FsS5XA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 6cfb269a29aef92f-MXP
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame BF11
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=e5e9c128-e0c8-407f-a9a6-339df1ebcb97
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi39ZyPBlIEioaQK2IkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi39ZyPBlIEioaQK2IkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**

43 B
552 B

12ms
12ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx
ETag: 606a10a4-78ab-11ec-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARi39ZyPBmIkZTVlOWMxMjgtZTBjOC00MDdmLWE5YTYtMzM5ZGYxZWJjYjk3ogEQYGoQpHirEeym6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm-eu.hybrid.ai/ Frame BF11 0
239 B 59ms
22ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FB73AE761B400D71A027D8213

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 513
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame BF11 3 KB
3 KB 214ms
74ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:08 GMT
Server: nginx
ETag: "61937e58-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame BF11 0
69 B 54ms
22ms Image
text/plain 195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.108.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx/1.15.9

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=7cceb886-51ef-4465-84ba-6e3cc06ccb41

43 B
269 B

15ms
14ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=7cceb886-51ef-4465-84ba-6e3cc06ccb41
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=7cceb886-51ef-4465-84ba-6e3cc06ccb41
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7c652G0ANcaAn2CEw
https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf7c652G0ANcaAn2CEw&google_tc=
https://www.acint.net/match?dp=77&euid=

43 B
269 B

36ms
36ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame BF11
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213

43 B
115 B

50ms
16ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Tue, 18 Jan 2022 22:09:59 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FB73AE761B400D71A027D8213
date: Tue, 18 Jan 2022 22:03:05 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame BF11 42 B
201 B 340ms
76ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 404 sprcs
relap.io/partners/ Frame BF11 0
0 242ms
66ms Image
text/html 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://relap.io/partners/sprcs?uid=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: relap.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=XNURYTTJ

43 B
269 B

20ms
20ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=XNURYTTJ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=XNURYTTJ
Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame BF11
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213&cs=1

35 B
378 B

16ms
15ms

Image
image/gif

88.99.214.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 88.99.214.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-214-77.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FB73AE761B400D71A027D8213&cs=1
date: Tue, 18 Jan 2022 22:09:59 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Z6_JhAp-8kJ8

43 B
269 B

32ms
32ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Z6_JhAp-8kJ8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=Z6_JhAp-8kJ8
Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame BF11
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=fc02a955-4026-5313-a3ab-2735c24c1d82

43 B
269 B

17ms
16ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=fc02a955-4026-5313-a3ab-2735c24c1d82
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=fc02a955-4026-5313-a3ab-2735c24c1d82
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame BF11
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=21ebedac52b142c2bb23ffeacb6da0b7

43 B
269 B

12ms
12ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=21ebedac52b142c2bb23ffeacb6da0b7
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=21ebedac52b142c2bb23ffeacb6da0b7
date: Tue, 18 Jan 2022 22:09:58 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru/p?ssp=sp&id=0100007FB73AE761B400D71A027D8213
https://www.acint.net/match?dp=111&euid=c9881190-824c-4cee-a7f6-eb725069381b

43 B
269 B

33ms
33ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=c9881190-824c-4cee-a7f6-eb725069381b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 18 Jan 2022 22:09:59 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=c9881190-824c-4cee-a7f6-eb725069381b
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.36
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame BF11
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FB73AE761B400D71A027D8213
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=3747525425
https://ut.rktch.com/matchspm?pi=1000006&pui=vhJIoYH11uPFKNNu.fNjK.&noredirect

88 B
88 B

81ms
81ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=vhJIoYH11uPFKNNu.fNjK.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx/1.18.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
via: 1.1 google
last-modified: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx/1.12.0
location: https://ut.rktch.com/matchspm?pi=1000006&pui=vhJIoYH11uPFKNNu.fNjK.&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FB73AE761B400D71A027D8213
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FB73AE761B400D71A027D8213
https://tech.rtb.mts.ru/?dsp_uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=30&em=1&ssp=konnektu&id=
https://www.acint.net/match?dp=125&euid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231

43 B
269 B

49ms
49ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:00 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://www.acint.net/match?dp=125&euid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=950b09ee-0bad-40d5-6524-0d5b652d0e53

43 B
269 B

13ms
13ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=950b09ee-0bad-40d5-6524-0d5b652d0e53
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=950b09ee-0bad-40d5-6524-0d5b652d0e53
date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FB73AE761B400D71A027D8213
https://www.acint.net/match?dp=127&euid=FNnQmZsXXIgDTlSuqIAe

43 B
269 B

15ms
15ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=FNnQmZsXXIgDTlSuqIAe
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=FNnQmZsXXIgDTlSuqIAe
date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame BF11
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=r28y0iou43

43 B
269 B

41ms
41ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=r28y0iou43
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx/1.18.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=r28y0iou43
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: d39c15de-34d8-44e1-ad47-244530ae2f46
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame BF11 0
215 B 184ms
72ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Jan 2022 22:09:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007FB73AE761B400D71A027D8213
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame BF11 0
189 B 245ms
91ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame BF11
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FB73AE761B400D71A027D8213
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FB73AE761B400D71A027D8213&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=s1S%2BVuxKXMNA0oq6HJZ7OQ
https://sm.rtb.mts.ru/match/second?ssp=51&exu=s1S%2BVuxKXMNA0oq6HJZ7OQ
https://tech.rtb.mts.ru/?dsp_uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D1%26ssp%3Dkonnektu%26exu%3Ds1S%252BVuxKXMNA0oq6HJZ7OQ%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=51&em=1&ssp=konnektu&exu=s1S%2BVuxKXMNA0oq6HJZ7OQ&id=
https://x01.aidata.io/0.gif?pid=9503528&uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&exu=s1S%!B(string=%20%20)VuxKXMNA0oq6HJZ7OQ

0
433 B

87ms
86ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&exu=s1S%!B(string=%20%20)VuxKXMNA0oq6HJZ7OQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:10:00 GMT
last-modified: Tue, 18 Jan 2022 22:09:59 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 18 Jan 2022 22:09:59 GMT

Redirect headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Server: nginx
Access-Control-Allow-Origin: *
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Location: https://x01.aidata.io/0.gif?pid=9503528&uid=ab85b7e6-b2d7-43af-aa81-86cbf3e81231&exu=s1S%!B(string= )VuxKXMNA0oq6HJZ7OQ
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame BF11 0
523 B 14ms
14ms Image
text/html 31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&uid=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

0100007FB73AE761B400D71A027D8213
an.yandex.ru/mapuid/sapeis/ Frame BF11
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213
https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213?redir-setuniq=1

43 B
108 B

112ms
112ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:09:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 22:09:59 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:09:59 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007FB73AE761B400D71A027D8213?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 Jan 2022 22:09:59 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F3F 116 KB
35 KB 707ms
706ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543799&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543798842&bpp=1&bdt=254&idt=220&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5900175807924&frm=20&pv=1&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w4wmtWTPHr&p=http%3A//winintro.ru&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c42b22e81943be2d0f93f5b295303920548419fb48574dc75a899c79f5e34f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 Jan 2022 22:09:59 GMT
server: cafe
content-length: 35630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 Jan 2022 22:09:59 GMT
cache-control: private

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 912F 187 B
405 B 269ms
205ms Document
text/html 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Wed, 13 Oct 2021 12:55:49 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cfb2698bd363761-MXP
content-encoding: gzip

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame BF11 15 KB
15 KB 178ms
177ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=996606020506477
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:09:59 GMT
Last-Modified: Tue, 16 Nov 2021 09:48:09 GMT
Server: nginx
ETag: "61937e59-3cda"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15578

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 912F 22 KB
7 KB 35ms
35ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 07:30:44 GMT
server: cloudflare
age: 4
etag: "0aa781bcf0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6cfb269a08343761-MXP
content-length: 7430

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 912F 43 B
389 B 177ms
69ms Image
image/gif 188.42.29.80
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FB73AE761B400D71A027D8213
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.42.29.80 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jan 2022 22:09:59 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/ 149 KB
53 KB 81ms
48ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201110101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d93dcbfa68020b4988db45230a47d97b4ece90bb404733829f66224851ca6b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54129
x-xss-protection: 0
server: cafe
etag: 14273201631983859536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 22:09:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 94ms
79ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=1442&su=winintro.ru&d=5000&eid=44750774%2C44753740

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:09:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 109ms
53ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 106ms
52ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=winintro.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 22:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/ Frame 6DF3 11 KB
5 KB 47ms
47ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4885
x-xss-protection: 0
date: Tue, 18 Jan 2022 02:57:35 GMT
expires: Tue, 01 Feb 2022 02:57:35 GMT
cache-control: public, max-age=1209600
age: 69144
etag: 13671712056976469594
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 3F3F 3 KB
1 KB 157ms
60ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543799&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543798842&bpp=1&bdt=254&idt=220&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5900175807924&frm=20&pv=1&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w4wmtWTPHr&p=http%3A//winintro.ru&dtd=224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 22:03:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 18 Jan 2022 22:09:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jan 2022 22:09:59 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 3F3F 225 B
355 B 247ms
139ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 11:09:14 GMT
x-content-type-options: nosniff
server: cafe
age: 39645
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14085932017949564970
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Wed, 19 Jan 2022 11:09:14 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3F3F 1 KB
954 B 236ms
138ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:07:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 3F3F 19 KB
8 KB 220ms
122ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:51:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3F3F 2 KB
1 KB 236ms
138ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:06:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F3F 121 KB
37 KB 279ms
177ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 22:10:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 3F3F 15 KB
6 KB 227ms
130ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:03:15 GMT

GET
H2 200 b08052bb948632636d2eb594b39baf17.js Show response
www.gstatic.com/mysidia/ Frame 3F3F 27 KB
12 KB 150ms
52ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b08052bb948632636d2eb594b39baf17.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 16:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11476
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 08:34:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 16:24:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F3F 0
0 92ms
92ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct0uUtzrnYYz4BZvIx_AP64iJwASfjZTuY6PUu7CgDsCNtwEQASCDjIpHYJXikIKgB6ABrv3PlwPIAQmpAsB99VSlA7M-qAMByAPLBKoEjwJP0GZ1rbsYU4gUN9ejhctzU07nusYsmq0Wb9HPEb_OsWYUS81e6dlZH-u-FlmoLLyoKmb-OWqUPzjfJY0-8ZGvUaqQJhssSWoshbQABYlzT9ugkVxq0NpK9j1liFF9q6gL6netUGnjXcS8VUeaI7EhChHZHYNiELllouOV_0FU9Lar9fir5D8s4ckNCB2j971ts5ZQt9xy0vTt45aISt4VRGfrjKeQpb2Jg_T_6zkmqfy-_2jBgXyrK0EUO1-kV9uu8pXB1ckT2QERglWQQEeZJqFG94VD1sp7l_SAsTlbrIWZXWlNJgoRA3gO8MxxCIhzb4K9yRM9C9I8-3NNHYK38MsvCUZRsksftUXjhon6wAS8_d_swQOSBQQIBBgBkgUECAUYBKAGLoAHuoKwaKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPCsFdIICQiA4YAQEAEYH4AKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItMjMzOTU5MjM4MzE3MDAzMhgA&sigh=mldsausQyqY&uach_m=[UACH]&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543799&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543798842&bpp=1&bdt=254&idt=220&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5900175807924&frm=20&pv=1&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w4wmtWTPHr&p=http%3A//winintro.ru&dtd=224
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 18 Jan 2022 22:09:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 400 data=lzMZp43N_dBpX1fLFBUDRarXT5Xg4Qx-2f7th2XKPMqJEvTDmoVrzeHnvgzfxt5aICGFylayhU0vMZtIw7UqJkJnZK7VLLzqe-66s3bBkBOe-tohdPnvOvEK
mts0.google.com/vt/ Frame 3F3F 0
0 159ms
63ms Image
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=lzMZp43N_dBpX1fLFBUDRarXT5Xg4Qx-2f7th2XKPMqJEvTDmoVrzeHnvgzfxt5aICGFylayhU0vMZtIw7UqJkJnZK7VLLzqe-66s3bBkBOe-tohdPnvOvEK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2339592383170032&output=html&h=280&slotname=9703837508&adk=1206723596&adf=3466743686&pi=t.ma~as.9703837508&w=1200&fwrn=4&fwrnh=100&lmt=1642543799&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fwinintro.ru%2Fmail.en%2Fhtml%2F7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1642543798842&bpp=1&bdt=254&idt=220&shv=r20220112&mjsv=m202201110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5900175807924&frm=20&pv=1&ga_vid=95303204.1642543799&ga_sid=1642543799&ga_hid=457870980&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=10&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753740&oid=2&pvsid=308575813833565&pem=259&tmod=896&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=w4wmtWTPHr&p=http%3A//winintro.ru&dtd=224
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3F3F 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F3F 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6DF3 0
0 233ms
117ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzmXv3YsDAW0sQqYHONwVzR5jPhSZ5HX2L7vD91Xm3e9Lpk1MqthTUZiw2lgvTg6y72sgQv9VTc9foWNtynxBtpTiCtem3qBFeuWMp-piGRMpEMokJTzVYkiJ9KBKEOAkTEeBkO9LxmK2IBGS5FdFXQqTKVeyQs-9-bEYlEBjymufI3JDEBVUOBv985KZqbzk9ufJrfO0Omy4diNZOvow3wuuIdermURoCLNqiDALs_Uui3VvolCsB14-dwGNexkOvFiljvSSH5rWh2yCsK9OfyyKjJqTCRo49bnHQCOsCatH62zJsG4p6IY5udDCqGMOtL5slyF_wXjimC1zpTzEwS5iiUr_7dMg2HOqH-e8ouuuSgRNAMJQx-QXHnO8_jXR4cpgMf58OZPW6OnwmQdzv9W9f3CuYTsZ659LMIvddXImu6XVAfL1aV_J0WppdSNRoqfTC0iFXyTe3iQbkaWzr690suq6I47K1Sm0dRo95j3nuZIJ549z6qw6eMWcwugZkkq8vxOsWmDuKxRXNXuL62B5ZLTwxAwKEjStj4AnOZNXYpTp0gpFwxbAlpZQLH0O9rEf8Q6PnIcq2JijgRRKENmT4laRr4z4uB3xC1kUHgDGmHGCMY_la8AnOo2OHoPyROd3maduKJekDW24-VQj17CzyuS9VM4wvMXyaMQwHqyQMwH2hOMkHk_shvX7dRnPQpdPVKyuUXicmPukC23l4ouwa-qmsyTogvYQukrxywBgJoLELYDMWKitKff2F_ZRH28OnB0KYdA6l5oBNySCa9rJmOiExzplJHKGRyjMu-FIDKuA_l2Kl5MVTG_xJ0nimTfs9lxuUiv_WOcKTZFhqWjX60OHS-GnFeCK6z5zajI7jvVGQnw0VEpUrXuMxJBWRF_an3zPsdlE9QjEL8QU8X1EiAeSJv26agtAaM6bs0VZ3E9zV7O2ReBIvABrYEI8_oKfjHKGyr3zZjkqwGqzdMldDh2EULyhB8HJLF0q0iib7W1e77dbYY7T99jAJNEjXMMRt0_2Y4a_jq8Bth24&sai=AMfl-YSQqmXZLJBYlemgrNal_et-ws7jlKdakPeCwOAuvdVXt5yjzBnizMsBgA&sig=Cg0ArKJSzAX6JS726XEQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 18 Jan 2022 22:10:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DF3 41 KB
15 KB 201ms
140ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 15:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jan 2023 15:19:13 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 6DF3 32 KB
13 KB 112ms
51ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13123
x-xss-protection: 0
server: cafe
etag: 1047769457888903897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:05:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 6DF3 2 KB
1 KB 215ms
154ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:06:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DF3 121 KB
38 KB 232ms
167ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 22:10:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame 6DF3 15 KB
6 KB 126ms
65ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:03:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6473
x-xss-protection: 0
server: cafe
etag: 5124071950003790117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 22:03:15 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 6DF3 19 KB
8 KB 131ms
71ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 21:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Feb 2022 21:51:33 GMT

GET
H2 200 18156852081126330790
s0.2mdn.net/simgad/ Frame 6DF3 13 KB
14 KB 179ms
69ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18156852081126330790

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220112/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 08:23:10 GMT
x-content-type-options: nosniff
age: 568009
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13415
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:56:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Jan 2023 08:23:10 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame BF11
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE7...

49 B
602 B

417ms
417ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.974715366585532&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame BF11
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:u...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE7...

49 B
602 B

128ms
128ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 2
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Tue, 18 Jan 2022 22:10:00 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=204773741924410.319329869775048&a=77&e=0100007FB73AE761B400D71A027D8213&pref=http%3A%2F%2Fwinintro.ru%2F&c=ss:77.up:0100007FB73AE761B400D71A027D8213.sync:up.xdua:duOlZrpPnCipw0t8_7HDQxk7.xps:xpsnPe398lVB0YDs7BGq9e7EQ.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C965 22 KB
8 KB 353ms
52ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 14 Jan 2022 15:19:21 GMT
expires: Sat, 14 Jan 2023 15:19:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 370239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6DF3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8214a5a8c2f5bedcfa1519dcdd4316a9163b28d2a2000abe3bd7e97bf568419c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F3F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8a3bc75edc8a44328719afff139c4b960483b99e29451189cc174c97022cac3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 3F3F 21 KB
22 KB 160ms
47ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 20:07:29 GMT
x-content-type-options: nosniff
age: 7351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 20:07:29 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 3F3F 21 KB
21 KB 210ms
98ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 10:56:24 GMT
x-content-type-options: nosniff
age: 40416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 18 Jan 2023 10:56:24 GMT

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame C965 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C965 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1SfitzrnYc_GBJTF-gbQxpiACAAAAAA4AeAEAg&bg=!zM-lz4vNAAaocxMpqHM7ACkAdvg8WndpD1hJE5oVJPXokXcWE_4SXvWirgrHRTM229im-l2haNAHpwIAAABPUgAAAAJoAQcKAGjCv3SPq_sIKirCBi1EObAzWfU5UczwI6VntvXnwtvpXlhHhsiavKVXgxN4bRzpURa_J1rR-Zb58Jd6nX2ZeblMeq4og5CHRjtpLxz1tio0X-A7QtWGa2-YQ4fWpeX3Rk3Mq6_HYfEyBpkC9XqI09W-hOwgPIpZTIz6fbe2ncYsq-JpI41l1E6fY-evTTYP6YWNhFUh2kmwLsa6KXpeTcgVfyweN3RxXJeyvIokvM8rLWfj62ajVIXecobER_63jro8xHzKYKBIHkc1AKgls2dHeURHzfXW9552fji5nQrdgTSa5_eHsPxZGLFLsNyXFoSrSolV6eLud5RmTQd4nIsl2mxNeJNHA9ph0Sdv2IdRmkGw0LhBTb2HM6hiwnbIcSpeWiw85pSVSZ4e0KpPcxOGluSHv9GcUYXJd0a7XqpChuidmKPeqvRXHIobEWg8QE3qMu5YQQFCFWfCuVg8NmeIk0ZaHxS0_6Nz5GWMloqo4gCoOziHtkuDNcm_cmBhko1EhmkV4BtA8UjsRQ74hdgZfLvuZ04tYjoxWHqrpqnbf4i4WPT8udM-GYT6VQn6kblSVqYFYrRZNNLg2dnKKo74pSErpMfGmJIaoFkRpRrchYidpXyQaSPZhcX0bCNqJTe2HrgaaywyxK389iANV1scbiBUR-dKNrZVQAMHjZIllLuyiKB0e497uO5KYL368FVN_omrxsnRGGl9FfDWusohkPGulsrPbyqQy1QO50SA-3sgqMquTwnpS9k_0EHt7N1iDkd5ejR_jJMZoN8bacWX3jIQbu51QRiNV9JlMWk75D8SVXX8huUm6vkBVpSBCXEmHeMxVR0vPD0zyZMX8AFlzZoCVG5D-gT9EpO_RLPSVn3pVi03GRCtJ80oky5j0EWOXJG6DVuShXeSly-yyBHBML8BWMGphq0ce0-WSBC45gqPmJeEK6ymwGiE6hyXjRXvI3xvgwPu1gdMMOFAD-rgbKBd24oAcuAoFuBtF5Eddhl9293WeLYpUTJlNiisQDOo6g25uHpPQtasDUM65VkH_bv3nQbQYuOHfNb61yxzqKpgBEzP2YQtfzBGggnG7rXuBPh7WUkogL6-6TXHIzRJnkYIsqXjU88JgskUtQhERIKtdXuW_0m50F2sfZWJy-g

Requested by

Host: winintro.ru
URL: http://winintro.ru/mail.en/html/7d31d716-2f99-4b23-a18c-0eaa08a28dde.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame 108A 35 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 104ms
51ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220112&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20aac9e9b39fafcd5002a0a123ee540a82fadb123840cf180690e6d42d40aaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 Jan 2022 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8504
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jan 2022 22:10:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61F5 13 KB
5 KB 48ms
48ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Jan 2022 21:43:56 GMT
expires: Wed, 18 Jan 2023 21:43:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A7C 783 B
1 KB 93ms
18ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4f2b78f3fa7992bf24b8a521f8e276db1277d4a924f5c424804a077cbfc472a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VDvpeP93K5af2iSsYVjy3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 18 Jan 2022 22:10:01 GMT
date: Tue, 18 Jan 2022 22:10:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VDvpeP93K5af2iSsYVjy3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame 61F5 35 KB
13 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 00:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 00:52:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A7C 0
0 49ms
48ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220112&jk=308575813833565&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 61F5 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N8kG2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220112&jk=308575813833565&bg=!sLOls_fNAAaocxMpqHM7ACkAdvg8Wr2T7yOC1XVrVWCLi7GB_-I-AQMTuHgcNpOw4L6707FmSLvNwwIAAABTUgAAAAJoAQcKACpKvMHPh-DUGDp6EO-ToarX2l3MwTrCfQBRt_yzYCl1up6tJT6PaedX3DmZAq6g9b1IiOJ8sROcfUm1Cs7xcrYJuvuHNyABdpojnGKSHKkW2ALUUhdwosNQzXsmPKnKNKh2aFQvNtaVIbENQdLRhUEbFlBV48K8Zbmw4IW6EQh2CG-TiswBq5ZZBGy9qLwCWpdV0nldLEzHl9GML5PeyFp_Ntg7hm1E2R4ururMumYajXy_izW33xhMNtJZ1aD1gthKz4aVn09I8Vd3ARRYrLjJRiz9WbexLsia4RcG8Y0nobdKvd70UJJr4v18UhDoNFqpLXI-TO0L_nK-o8rYB_-ruazjukcH_wfiSadrNevlZ9Ew2vFssghyrj-Nb-FIzJp2KRKb_oxxzFUP_t2Skhc2YnfGcLTV2LEBqbuFQM0vHcgqsn-CquBQhMeeB3TNtvUBQbdQSMn0U2gSalQ4o5gdL6MdJHXCy07kMOZatjnubyF8Qh_sOh8xWzeR83MyzRKFKJhXLDKQX30hfsIfePtLus2Phjgnw10WOmL62ZzFuYrQgaSA3Mc_cqInMegDKkPMHlxTu7yMRZdov32pVIhZXUrZaBkUAOsW2D_Fycj7EfnUWGRh_CGrhRAiXOxKm1aZx98KaHYYRgyCW5m9Z_fLntWBo3vFS7JPiYxt0eELESkTR_fWh0b5AOMotWZmfxlt6MrgQnk1RnmkyzcyiDxQ14S0QlhdyIfaUWQRAgOPQak160Rk6KtB45dW0Hmn8ON5_LEdPmXWcGHxMPU4RdEswFDEurbOIP5PVexX6lNaljesvi3pCmqiU9baK-nzeter8kUNBZFMeuxNTJ2kpklJ_qyjj9JuTcwurmTUkEENASDmVV94ewGAi231hUhd2y2qcJPHZ_1rmR3EoLUSNdm8HCjEREI98kFvTK11mSowt43uQlr7Ok664d3ouYw0-mdmIyqHSWj6EtDI_w

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6DF3 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-ePn-oHZNf4URlELVCkNRMWML6ToFTTNw4KO_KstqV0DhshUyoWtG7a9OXZvIuZYjW1pSSXD_gfw4lfsFveALtTnpEhcPHjzCioNZYVxNQPpWHiOYzaOoQDQZrR0LMfZgTQl2HTiAWNXsLSXp51skWUkf3OcDoruVJ7ycGJIyCw&sai=AMfl-YQu_-zl4wswGWWasohsHKAzvXng0ZMjKaG7QDySEBuDXLtPVIZUTlyFptsX1jJ2_tGgOYY5GzMdr95V&sig=Cg0ArKJSzE1q8HWIVK18EAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,991,1000,1000,1000&tos=0,991,9,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1642543799786&rpt=627&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F3F 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstblCcjE85E7j9NqAOgAdTrrl95yhJeUlcLtKV5CyBIlhPfnrc0Cg99xAjZcrs4vaE5pFtI503HARCpeMQvyNoIjQ72inXb1vDdOfLV7e_NESYDEEKM6A&sai=AMfl-YTEzETj-KK2tP51gMFhFqK_GimbmGjiNOCLOC2kPBO0uiyQM-H9mO3xH_i_DV80Azsqr4xHRCfWH3Dw&sig=Cg0ArKJSzJeIh08XUp4rEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1206723596&rs=2&la=1&cr=0&vs=4&r=v&rst=1642543799067&rpt=1617&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jan 2022 22:10:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942
https://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942

43 B
224 B

48ms
48ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942
Protocol: H2
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://winintro.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 18 Jan 2022 22:10:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.4.0&uid=5d1240a8-e9a7-48d3-9761-178288be31b5&dp=10&tz=%2B00%3A00&nc=98568206&dT=2022-01-18T22%3A10%3A01.942
Date: Tue, 18 Jan 2022 22:10:01 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

71 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winintro.ru/	1978-01-11 21:31:40	Name: fid Value: 635df956-ed56-4343-9bb8-6cb26d6239e0
.acint.net/	1970-01-20 00:15:44	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWHnOrca1wC0E4J9Atj/O0Vq4e4JOy0YZJldzkavHOsC
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp7v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp14v3 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp17 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp32 Value: 1642543799
.acint.net/	1970-01-20 00:17:10	Name: cSyncDp45v3 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp53 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp54v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp62 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp67v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp68 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp71 Value: 1642543799
.acint.net/	1970-01-20 00:35:53	Name: cSyncDp77 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp84 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp85 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp88 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp95v3 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp101 Value: 1642543799
.acint.net/	1970-01-20 00:35:53	Name: cSyncDp104v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp107 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp110 Value: 1642543799
.acint.net/	1970-01-20 00:35:53	Name: cSyncDp111v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp112v2 Value: 1642543799
.acint.net/	1970-01-20 00:37:19	Name: cSyncDp125v2 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp126 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp127 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp129 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp136 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp138 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp144 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp146 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp149 Value: 1642543799
.acint.net/	1970-01-20 00:58:55	Name: cSyncDp151 Value: 1642543799
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWHnOreuPgDOHubgAvr1fS2dg3A60IRSqJRzmoRYWwuc
.winintro.ru/	1970-01-20 09:37:19	Name: __gads Value: ID=90b257821bb90cc1-226707c021cd0087:T=1642543799:RT=1642543799:S=ALNI_MaFvx_5eRxjHqGknU3kw3aNgrN7ig
.republer.com/	1970-01-20 09:01:19	Name: ruid Value: e5e9c128-e0c8-407f-a9a6-339df1ebcb97
.upravel.com/	1970-01-20 00:15:43	Name: session_tptc Value: 1642543799273
.doubleclick.net/	1970-01-20 09:37:19	Name: IDE Value: AHWqTUkdMuTGb-2R5dtHtYyOMv1xXiswH0VufDW83eqk3gr8Sf35RfWgNW-TuPwlpWc
.adhigh.net/	1970-01-20 09:01:19	Name: gi_u Value: uPjpwapvtiRA.AikABlF-bz1b7A
.upravel.com/	1970-01-23 15:51:43	Name: user_id Value: 7cceb886-51ef-4465-84ba-6e3cc06ccb41
.mail.ru/	1970-01-20 09:02:46	Name: VID Value: 0HwFe505q5I700000a18H4Y7:::0-0-0-7019377:CAASEK2DTvQ2pOT49LUsVg0GHmYaYFq0U7sD_a1vuSOl9KEu75dWKe9w1QQWKdx444baWqP5MGy7M-9XWmpQ2KQOBgWcKRpUgSKOoz2CBd7ujqCtj9WENnbmuVl7ar61wa9ByfT7u3B8YCvvbt0uvY5txIWexA
.adhigh.net/	1970-01-20 09:01:19	Name: sape_sync Value: j8V
.adsniper.ru/	1970-01-27 07:27:43	Name: uuid3 Value: IiQ2MDZhMTBhNC03OGFiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adriver.ru/	1970-01-20 17:46:55	Name: cid Value: Ag4PKITmZ6j7LiLZ0b50HGg
.1dmp.io/	1970-01-20 09:01:19	Name: uid Value: 606ab770-78ab-11ec-9752-901b0e8d9836
.bumlam.com/	1970-01-27 07:27:43	Name: suuid3 Value: IiQ2MDZhMTBhNC03OGFiLTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.betweendigital.com/	1970-01-20 09:01:19	Name: dc Value: was1
.betweendigital.com/	1970-01-20 09:01:19	Name: ss Value: 1
.utraff.com/	1970-01-20 00:59:06	Name: preutid Value: 1
.advarkads.com/	1970-01-20 17:46:55	Name: u Value: EAI2Rk4I-k-sU8rEl90oVQ
.mts.ru/	1970-01-20 08:48:22	Name: dspid Value: ab85b7e6-b2d7-43af-aa81-86cbf3e81231
.rktch.com/	1970-01-20 00:58:55	Name: b_uid Value: 2d20a4f958f4f7afccedafc2c714b3449471
.uuidksinc.net/	1970-01-20 09:01:19	Name: jcsuuid Value: FNnQmZsXXIgDTlSuqIAe
.betweendigital.com/	1970-01-20 09:01:19	Name: tuuid Value: fc02a955-4026-5313-a3ab-2735c24c1d82
.betweendigital.com/	1970-01-20 09:01:19	Name: ut Value: Yec6twAId_jhUMwCFpiegtyNoQ5BuLTVKtjAyQ==
.doubleclick.net/	1970-01-20 00:15:44	Name: test_cookie Value: CheckForPermission
.weborama.fr/	1970-01-20 09:47:24	Name: AFFICHE_W Value: c4g-sGdw1U1z14
.rutarget.ru/	1970-01-20 04:34:55	Name: userId Value: Z6_JhAp-8kJ8
.ops.beeline.ru/	1970-01-20 08:48:22	Name: BeeAID Value: c9881190-824c-4cee-a7f6-eb725069381b
ssp.bidvol.com/	1970-02-13 20:47:07	Name: bvuid Value: r28y0iou43
.aidata.io/	1970-01-20 17:46:55	Name: __upin Value: s1S+VuxKXMNA0oq6HJZ7OQ
.aidata.io/	1970-01-20 17:46:55	Name: __upints Value: 1642543799
.mts.ru/	1970-01-23 14:39:43	Name: mts_id Value: 198c2cc4-5502-42ec-be2d-6f3a89a52bbc
.mts.ru/	1970-01-23 14:39:43	Name: mts_id_last_sync Value: 1642543799
.gnezdo.ru/	1970-01-25 20:05:16	Name: uid Value: XV9maWHnOreoi4duVPETAg==
.yandex.ru/	1970-01-23 15:51:43	Name: yuidss Value: 6601031681642543799
.yandex.ru/	1970-01-23 15:51:43	Name: yandexuid Value: 6601031681642543799
x01.aidata.io/	1970-01-20 00:20:02	Name: mts Value: 1
.dmg.digitaltarget.ru/	1970-01-21 02:10:55	Name: viuserid Value: 4a4ue0BPFHgtCXn7aq6y

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://relap.io/partners/sprcs?uid=0100007FB73AE761B400D71A027D8213 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mts0.google.com/vt/data=lzMZp43N_dBpX1fLFBUDRarXT5Xg4Qx-2f7th2XKPMqJEvTDmoVrzeHnvgzfxt5aICGFylayhU0vMZtIw7UqJkJnZK7VLLzqe-66s3bBkBOe-tohdPnvOvEK Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007fb73ae761b400d71a027d8213-sp.ops.beeline.ru
7cceb886-51ef-4465-84ba-6e3cc06ccb41.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
api.advarkads.com
cm.g.doubleclick.net
dm-eu.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
match.new-programmatic.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.konnektu.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s0.2mdn.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
winintro.ru
www.acint.net
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
109.248.237.36
130.193.58.13
142.250.184.194
142.250.186.130
148.251.156.238
148.251.237.106
148.251.78.49
157.90.6.176
172.217.16.130
185.147.80.35
185.15.175.133
185.15.175.159
188.40.254.211
188.42.29.80
193.232.150.61
194.190.117.93
195.201.108.196
195.201.243.72
213.87.44.187
217.65.2.150
217.66.147.161
2606:4700:10::6816:457
2606:4700:3039::6815:c097
2a00:1148:db00::17
2a00:1450:4001:801::2006
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a02:6b8::90
31.172.81.159
31.220.27.134
35.190.16.14
37.18.103.16
37.9.245.57
5.200.44.35
65.108.104.161
80.64.106.147
81.222.128.16
81.222.128.216
88.99.214.77
89.108.120.76
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
96.46.186.57
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
03333e8487b65839387c9cdecc9a112b7e41570d728a2ab48c7ed89aab72145f
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
05d61be961acfeaa4a89652e171975c47ca4495c062514cd4d872445c16c1db5
107f0e3adef7081c3bed0dbd9d7e1c6452c9ff41e2dc99cf54c6b1a881b5eadc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1760913995b66a76e5facdf0a4411def6cb9b0af39647dc3f9f868b0309600dc
18b9f3122939296670d9a8e54c3c761a2f044ef1911decfd7622c07b00511bb3
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
20aac9e9b39fafcd5002a0a123ee540a82fadb123840cf180690e6d42d40aaff
28608624095ea76fa24ce781fc3f495cc461af6e7154f9f5bc78b35c87fe74ab
2a8a61c0ae283ffa3409ca9ab2319283568f49e2f58be536699b087741639f5d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2bd24bc7b4e2dce53d91e3bc73d5f4221fe0b503a3112fa4c669e925d43bd492
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36780f98ed7f7e302c2f31fd7efeb7cc75212ac281935245950e125545350e6a
36a58af6acd580caed252ea70ef765cbf3aad5614493d92e3e6497e9f2714bf3
3ce490a72bc04c46e0cd83344b2686577f7c7c8e639a84eb63dbb4c2edc2b10b
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
4f2b78f3fa7992bf24b8a521f8e276db1277d4a924f5c424804a077cbfc472a8
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b2385df25640156748d25320c7f27e980535d744f14d2eaa596ca2ef8660a67
72b2a74df4ad58f0758dbdbe5d74a3d45c33682f82736ef3c4a79c2b2b266a27
72b66ab91dc450174e84481b9be276bd2edaa80b5ffb9628e48d503ebe43a190
7b770f7ca4e0add0192ef0e6b3af06258a99453263ec73bb08d8f57bdcd2a138
7cb23a8c81d8e04f278b4ebbcc8c169c2f602398e4fb0f336dbf71e4752470c8
7dd3aebe26c938f3de592aea9de0e9b1508d3cbb32815106b6d5d86ebfdbdfc1
8214a5a8c2f5bedcfa1519dcdd4316a9163b28d2a2000abe3bd7e97bf568419c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6eb5eabb0fa96e48ff327248293e07045d9a997d7ea94591ea27fdb5f8ca64
96adb6aed4d55606a21f9e51fc509deca81c4c039735411b6b89eac505eb7152
9aacc2855086ee500f5540bcee08d1c840388740f526c46cf001215406a4ea73
9f761e54e38437a6a2572d15e14f6353ad3b3e91b6a055a5fc365b8ff8c29fa3
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a2443661ae0052510d51ee22c86e1c3f30710321ba290e1646dec8385a30b662
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66544185c20f7430404c1d80a098c56d4ae601bc599dda2bc174b1ce63102ee
ab0eeca7d621e00b7252a85cbc727e7ec0d5a477aaae70dda8fd0fe4b8dcbcd8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b06c998a944f9ceb56a2365ac540689e452426705b64713079e025e239dd2c
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bdfca3b83c07515b186ac33c4be77f4d365e0774ce320f97fa2c0908280f47bc
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
beeb534d6c70067397c12083829c0035f2d487e5f1e915548610d8554713c527
c355ffcc9212b68d0ed1c0f9b0bd71f04e3c0e63380f7d8d4a2a1b25c187e33d
c42b22e81943be2d0f93f5b295303920548419fb48574dc75a899c79f5e34f70
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ced1fc5ecb99005fdea3fbc0e4c1fb94b042ed70bb66a3377e706fd98415cf10
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d767860c1f86ea9141d8d02bc4be9327011106b944eb4f6ef46fd423a6a0d8c1
d8a3bc75edc8a44328719afff139c4b960483b99e29451189cc174c97022cac3
d93dcbfa68020b4988db45230a47d97b4ece90bb404733829f66224851ca6b9f
df04acf60876cf11c1ad96c8c00cff00373b68ab6d9e7ba22cb5a3ec2339de56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e731c18f5159e2612625f471352650417c4557851c7518a28a76a5bc6896f1b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f598480a1d2f5c004a1de9a01e4d845ad5752de94f85cd84f9647fce320c89b8
fbe17aa318e32aec2e92d9cbddf33864276ee340c63e2a117b99684515135c11
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

winintro.ru Open in urlscan Pro 188.40.254.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

55 %HTTPS

28 %IPv6

44 Domains

56 Subdomains

35 IPs

6 Countries

665 kBTransfer

1730 kBSize

71 Cookies

0 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winintro.ru Open in urlscan Pro
188.40.254.211 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

55 %
HTTPS

28 %
IPv6

44
Domains

56
Subdomains

35
IPs

6
Countries

665 kB
Transfer

1730 kB
Size

71
Cookies

113 HTTP transactions
4 data transactions