urlscan.io logo urlscan.io
SecurityTrails logo

www.base-foto.com Open in urlscan Pro
95.211.228.83  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Submission: On May 29 via manual from CY
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 37 HTTP transactions. The main IP is 95.211.228.83, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is www.base-foto.com.
TLS certificate: Issued by R3 on May 17th 2021. Valid for: 3 months.
This is the only time www.base-foto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    95.211.228.83 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
www.base-foto.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
11    104.26.14.191 (United States)

ASN13335 (CLOUDFLARENET, US)
main2.vodonet.net
img.vodonet.net
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    212.7.204.100 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
gwb8a.rdtk.io
1    2606:4700:3032::ac43:8b32 (United States)

ASN13335 (CLOUDFLARENET, US)
buzz-track.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
8 mc.yandex.com 2 redirects www.base-foto.com
mc.yandex.ru
6 img.vodonet.net www.base-foto.com
5 main2.vodonet.net www.base-foto.com
3 www.google.com 1 redirects www.base-foto.com
www.googleadservices.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google.de www.base-foto.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects www.base-foto.com
2 ajax.googleapis.com www.base-foto.com
1 googleads.g.doubleclick.net 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.base-foto.com
1 buzz-track.com www.base-foto.com
1 gwb8a.rdtk.io www.base-foto.com
1 fonts.googleapis.com www.base-foto.com
1 maxcdn.bootstrapcdn.com www.base-foto.com
1 www.base-foto.com
37 18

This site contains no links.

Subject Issuer Validity Valid
www.base-foto.com
R3		 2021-05-17 -
2021-08-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.rdtk.io
GoGetSSL RSA DV CA		 2020-05-19 -
2021-08-17		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Frame ID: 4A0ECF880133BF5B382F45CF793E428F
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

97 %
HTTPS

78 %
IPv6

15
Domains

18
Subdomains

18
IPs

5
Countries

723 kB
Transfer

1084 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://gwb8a.rdtk.io/null?format=json&i=6KaRUrBkuI HTTP 301
  • https://gwb8a.rdtk.io/disabled.html
Request Chain 30
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9288.dCr_X6HEbXulFBd9byy8mxhAzltoI2mAzKc7ZASX7C1gvqh3TYezcvi0KzDMycfO.HeiTmKwnIBK5Fn2cahi3QbPyA-M%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9288.UFsHZSQIBUuMj-_3qkkYgmV0_pbYcURZoUCFFYSMtl6a9_cIL7n7rgnW90MviuezDHmtaaXlmdn3mVFt0TH-3A%2C%2C.WFFlP3dwm1ux8x4e40RjksbxUGw%2C
Request Chain 32
  • https://www.googleadservices.com/pagead/conversion/693039449/?random=1622308243796&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&bttype=purchase&async=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=k3WyYICBN63P7_UP9emM6AE&sscte=1&crd=&eitems=ChEI8MzHhQYQgqSP_de0oY64ARIdAF3Jg5B6Ep6kK8J4p5hogcvbRMd4O2sWBGxFQdo HTTP 302
  • https://www.google.com/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k3WyYICBN63P7_UP9emM6AE&eitems=ChEI8MzHhQYQgqSP_de0oY64ARIdAF3Jg5DG4tHKlm4NwvIcz_L2UG1lKMU07cOvAXk&random=2331982848&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k3WyYICBN63P7_UP9emM6AE&eitems=ChEI8MzHhQYQgqSP_de0oY64ARIdAF3Jg5DG4tHKlm4NwvIcz_L2UG1lKMU07cOvAXk&random=2331982848&resp=GooglemKTybQhCsO&ipr=y
Request Chain 34
  • https://mc.yandex.com/watch/56890888?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23!%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A804%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1046606082970%3Ahid%3A873332316%3Az%3A120%3Ai%3A202105291901043%3Aet%3A1622308244%3Ac%3A1%3Arn%3A197785517%3Au%3A1622308244651314354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622308242803%3Ads%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C363%2C115%2C%2C%2C%2C767%3Adsn%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C360%2C116%2C%2C%2C%2C766%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622308244%3At%3A HTTP 302
  • https://mc.yandex.com/watch/56890888/1?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23%21%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A804%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1046606082970%3Ahid%3A873332316%3Az%3A120%3Ai%3A202105291901043%3Aet%3A1622308244%3Ac%3A1%3Arn%3A197785517%3Au%3A1622308244651314354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622308242803%3Ads%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C363%2C115%2C%2C%2C%2C767%3Adsn%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C360%2C116%2C%2C%2C%2C766%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622308244%3At%3A

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request d
www.base-foto.com/c/ 		28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.228.83 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4a41313d46e834b2fc432dad7e9521742a5121353dbecaa3b7ddd88e0aaeb648

Request headers

Host
www.base-foto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 May 2021 17:10:42 GMT
Server
Apache/2.2.15 (CentOS)
P3P
CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"
Referrer-Policy
no-referrer
Set-cookie
id=456KaRUrBkuI; path=/; expires=Sun, 30-May-2021 17:10:43 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7572
Connection
close
Content-Type
text/html; charset=UTF-8
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/js/bootstrap.min.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 718
age
5859833
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a5ab45f0f00002bc2b2807000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1d4be5fddad4a0a9241728c5f5457839
cf-ray
657156781b182bc2-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
site.css
main2.vodonet.net/ST/ 		869 B
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main2.vodonet.net/ST/site.css
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aeb555b764bd40e3904c9fc6af91b3631f94c831ae160cc680eb1e813f32097

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2012 19:29:08 GMT
server
cloudflare
age
3941
etag
W/"8008a9-365-4b59098a96900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6ZZu8Xh0qiZBa7sYvOt5Tbw73PSCPPN5ohiHS8ffB1%2Fxz0p0dlw36cW2AfoKThZUWzQClUJEAYupFnknE34pXLHayPYDPshJQT8%2BMipOVCsGQdeAV3pwg4tv6cXW5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65715678bf640d46-ARN
cf-request-id
0a5ab45f7400000d464d80a000000001
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 09:57:51 GMT
x-content-type-options
nosniff
age
25972
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95992
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 09:57:51 GMT
script.js
main2.vodonet.net/ST/script/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main2.vodonet.net/ST/script/script.js?date=17.8.2012
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bee6d9e87dd9630fce056d6f9fff3a8006b834fa148f703fb2a5b9897720f01

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 20 Apr 2021 14:38:19 GMT
server
cloudflare
etag
W/"146955e-2392-5c06865b44cc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CDwA2EL3Tu0Prgxgz4W2d9HdQXMStuZjxjfvfX7qWjTzKMhvP27B1WsIKq5j5qf4TeaSM7SHXuBI6tkfVS8frC1CUXB45N%2FZS0YRNjv7QpImqudTq0qNNHjvvNXSRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65715678bf690d46-ARN
cf-request-id
0a5ab45f7800000d46c60c7000000001
mobpop.js
main2.vodonet.net/ST/script/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main2.vodonet.net/ST/script/mobpop.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a3e219ea51de330906090021bab55254a48287f73226256a9c24f49e0291d9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Dec 2013 10:39:49 GMT
server
cloudflare
age
3941
etag
W/"a011c5-186e-4ed179d83bb70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1wpm9jKpU93c2KUg4Tb%2FuGeYq9XaUueFHo317OcL8TDSfo8K7Yna9Ft7nVpKLVUP6YxWBiriFhV18iBbfPp00kPJezW7ae6rDV9kcQdm2XlnYeuOYWbAlI9nVCQddg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65715678bf6d0d46-ARN
cf-request-id
0a5ab45f7500000d4697958000000001
email_check.js
main2.vodonet.net/ST/script/ 		188 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main2.vodonet.net/ST/script/email_check.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32bd9b94367a02c30759ca3bf7bfeea38a06c89499e502638f938b66cac71c5d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Aug 2012 16:20:47 GMT
server
cloudflare
age
3941
etag
W/"8e1436-bc-4c69b42a235c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DyLaxyGO99iepAneqUR8W4CRtm%2FMBfnQ9dGiXGW3IJ7haii33V%2F%2FXQqpRKaTsm7nDjBrzNU3KYgL8bBx99s598g1Zuzu1LA68Kkxoj8Bf0FEhZVqY4xjssariEgU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
65715678bf6e0d46-ARN
cf-request-id
0a5ab45f7500000d4667171000000001
phone_check_new.js
main2.vodonet.net/c/ 		150 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main2.vodonet.net/c/phone_check_new.js?geo=SE
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1cbef00723915338287b92788ea7f3913d891c6791818298340701caab5da6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dK7BVtcPmrBMxf4DPTpsK%2FR%2F1X1Qc%2FGwsJdfLcqNTCYJ%2BNFyhiBIZHsuwQ%2BdCWPG0VilU955mZL26cgBxACH8PMkdxR5kFoQaMxfR%2Bh4kyXQ5W5tjaUzwGme7je0JA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
65715678bf700d46-ARN
cf-request-id
0a5ab45f7500000d46dcb64000000001
css
fonts.googleapis.com/ 		4 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=swap&subset=cyrillic
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1498880ff28e0ff18146cad873b5939c151368f6bffd83f5656b97741dbc07b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 29 May 2021 17:10:43 GMT
server
ESF
date
Sat, 29 May 2021 17:10:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 May 2021 17:10:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 11:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22158
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 May 2022 11:01:25 GMT
3wTY1AMqLeOK5wk.png
img.vodonet.net/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/3wTY1AMqLeOK5wk.png
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07aa7a6a9057e0aaacf49f4198486d08039695ef79f403c71200633ba9dd6040

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1353
content-length
12587
cf-request-id
0a5ab45ffc00000d46841dd000000001
last-modified
Wed, 06 May 2020 15:07:33 GMT
server
cloudflare
etag
"1462c99-312b-5a4fc1fa25740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A9Fgv1MWqRoFmfeSpALDZ2W4XAu1yYT95GQt3nAYDw3MRTkHskMSsa%2BQEJdwjGeXuhqfBqPcBiLaFCbV5mbdDoP5P2vsquSVGnLceBmYDu4KcCpr9%2FQkCxxFFNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567999590d46-ARN
DueiuRSGMti6QIo.gif
img.vodonet.net/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/DueiuRSGMti6QIo.gif
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3606d5b2d4ae76e6161a8185dc6b7d1d5e93e7d82573c3adf9844c143b308c79

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1353
content-length
35273
cf-request-id
0a5ab45ffc00000d4660af9000000001
last-modified
Fri, 24 Jul 2020 10:42:07 GMT
server
cloudflare
etag
"1468d30-89c9-5ab2d9fd57dc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ULCB1Dmu8n3NOpJTC2dl9KnVdFYkU8%2B8cz%2Bt1YL6%2F5SGDJi8TsmnvBIFLA9%2FTxtn%2Fyz6SP01%2FVcD7CRB0tzQjZEQbVkanBtyp3oMivF49ol3CyEZIPpxUOHA%2BVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567999570d46-ARN
track.js
gwb8a.rdtk.io/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gwb8a.rdtk.io/track.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
212.7.204.100 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a22c9309f7723c017347e35f3f2ff436d03fc1fe78c328f3fc0328f08fdef189

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 May 2021 17:10:43 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
paint.gif
buzz-track.com/ 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buzz-track.com/paint.gif?phone=35799299662
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8b32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pdCpfrynPRlk8zsiMcPqZP%2BsNvIoZ9dKGyOZpba6CfS4vhSkR8rrDb9j1mZiyq1qsU%2B92vy5m21f4I1xyU1FlXRj5c38UaAfFTurbzbSibUUGy5EQZMBi%2Fncttzzwaw922MO7hn0tpM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
65715679899c4ec8-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0a5ab45ff000004ec8db0b4000000001
tag.js
mc.yandex.ru/metrika/ 		216 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
last-modified
Fri, 28 May 2021 17:10:10 GMT
etag
"60ae3a7b-11182"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70018
expires
Sat, 29 May 2021 18:10:43 GMT
gtm.js
www.googletagmanager.com/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e143ca479f0e756272a7c548aa21291048b8498085c7ec07d7afc834b74b77e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33898
x-xss-protection
0
last-modified
Sat, 29 May 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 May 2021 17:10:43 GMT
truncated
/ 		638 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f75e0dbebc2d6d3cdf6015cc9aca648445b60f1d064045f2108bdf9de93e81fb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		592 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfec608ace24273ca13088ce388ad6dd097b1b3ca64cc7035abc01e69cefcce

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
f71WwvgGp0dheeK.jpg
img.vodonet.net/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/f71WwvgGp0dheeK.jpg
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c7fedafacfd5126fe268a3a9f4df9a951ed5149f17a4a138fdd47ac90a62cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1352
content-length
303577
cf-request-id
0a5ab45fff00000d46df3de000000001
last-modified
Thu, 23 Jul 2020 10:34:04 GMT
server
cloudflare
etag
"1468d18-4a1d9-5ab1965341f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FGouUe4WnkTKCTodTfVpIcAkSFvJ3Qv9%2BvgwUO0qSzSdTSo5yHH16EK%2Bv3Ge%2ByXGO0cyA9Js2UBMTuEJ3V1P42hcv9uE4nqbwseDgkbq97oOLs5LhfzkuJ4zPak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567999560d46-ARN
cf-bgj
h2pri
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2631
date
Sat, 29 May 2021 16:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 29 May 2021 18:26:52 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NF2NMTW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14053
x-xss-protection
0
server
cafe
etag
4209742185836358702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 29 May 2021 17:10:43 GMT
collect
www.google-analytics.com/j/ 		2 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1993173459&t=pageview&_s=1&dl=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1113000758&gjid=1263832063&cid=1065255309.1622308243&tid=UA-78186952-1&_gid=596694882.1622308243&_r=1&gtm=2wg5q1NF2NMTW&z=1634995048
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.base-foto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-78186952-1&cid=1065255309.1622308243&jid=1113000758&gjid=1263832063&_gid=596694882.1622308243&_u=YEBAAEAAAAAAAC~&z=667171933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 29 May 2021 17:10:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.base-foto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-78186952-1&cid=1065255309.1622308243&jid=1113000758&_u=YEBAAEAAAAAAAC~&z=256841160
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-78186952-1&cid=1065255309.1622308243&jid=1113000758&_u=YEBAAEAAAAAAAC~&z=256841160
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wJ4xjp1Il6CWopm.png
img.vodonet.net/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/wJ4xjp1Il6CWopm.png
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db9fd46e5cc01c42aaef4fd96addb73ab56c05046249f3c7c0c309305c35f344

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1352
content-length
12321
cf-request-id
0a5ab4608400000d46e3339000000001
last-modified
Fri, 24 Jul 2020 10:59:13 GMT
server
cloudflare
etag
"1468d2f-3021-5ab2ddcfd0240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SOgG3dQczERrNLzHCqxpRYZ9sYewPcHAkBOBMDlKdkcUcJbmHh37X%2FmkdBOwkjDg1g83Q8%2B7TgHqUzGVGqRSgfKtdkw%2BeeCXgYqcITMbOHMhQs8koybfHlo2MV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567a6b280d46-ARN
FSW6XE8C4oHBYN9.png
img.vodonet.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/FSW6XE8C4oHBYN9.png
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79ccf6e9f4819c886c841b6cf8c1a0819b5e0906e7f5326ade9653da0f7947b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1352
content-length
7108
cf-request-id
0a5ab4608300000d46c60dd000000001
last-modified
Fri, 24 Jul 2020 10:59:39 GMT
server
cloudflare
etag
"1468d33-1bc4-5ab2dde89bcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Fwcp787elmLWWqfp6G77qC3cPcb73FNRHYN89xtsQ%2FU4GYIj9llKt1I8U4ZYXQxgkUn%2Bzx5iadMdTV7Tr0bOdFiE%2FiZZx0rphdyhVsh22Ct2LZkGKU%2BY%2BV7PmPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567a6b2a0d46-ARN
4FLPA3OLw6FSlTx.png
img.vodonet.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.vodonet.net/4FLPA3OLw6FSlTx.png
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e4b41161be651b6c74dc618afdb06d7406a13a0fe2a6e8110de0a27338ae10

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1352
content-length
7148
cf-request-id
0a5ab4608400000d4697970000000001
last-modified
Fri, 24 Jul 2020 11:00:10 GMT
server
cloudflare
etag
"1468d34-1bec-5ab2de062c280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M1gUv900D2hKNwlPra9Ar5bHy5m4MKYZceACzdNgXLz8GqmOJuH1dsZd%2BfiX%2FoaAnY7GuPna%2BtlD3VdYp3Qj3VTSCoUD63hQwlb7iCj9b0TuKHCjwmWpWRPKptI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6571567a6b2c0d46-ARN
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.base-foto.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
age
544025
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
expires
Mon, 23 May 2022 10:03:38 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.base-foto.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 May 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
age
544025
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
expires
Mon, 23 May 2022 10:03:38 GMT
disabled.html
gwb8a.rdtk.io/
Redirect Chain
  • https://gwb8a.rdtk.io/null?format=json&i=6KaRUrBkuI
  • https://gwb8a.rdtk.io/disabled.html
0
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9288.dCr_X6HEbXulFBd9byy8mxhAzltoI2mAzKc7ZASX7C1gvqh3TYezcvi0KzDMycfO.HeiTmKwnIBK5Fn2cahi3QbPyA-M%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9288.UFsHZSQIBUuMj-_3qkkYgmV0_pbYcURZoUCFFYSMtl6a9_cIL7n7rgnW90MviuezDHmtaaXlmdn3mVFt0TH-3A%2C%2C.WFFlP3dwm1ux8x4e40RjksbxUGw%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9288.UFsHZSQIBUuMj-_3qkkYgmV0_pbYcURZoUCFFYSMtl6a9_cIL7n7rgnW90MviuezDHmtaaXlmdn3mVFt0TH-3A%2C%2C.WFFlP3dwm1ux8x4e40RjksbxUGw%2C
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9288.UFsHZSQIBUuMj-_3qkkYgmV0_pbYcURZoUCFFYSMtl6a9_cIL7n7rgnW90MviuezDHmtaaXlmdn3mVFt0TH-3A%2C%2C.WFFlP3dwm1ux8x4e40RjksbxUGw%2C
date
Sat, 29 May 2021 17:10:43 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
/
www.google.com/pagead/privacysandbox/conversion/693039449/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/privacysandbox/conversion/693039449/?random=1622308243796&cv=9&fst=1622308243796&num=1&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.google.de/pagead/1p-conversion/693039449/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/693039449/?random=1622308243796&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=...
  • https://www.google.com/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u...
  • https://www.google.de/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k3WyYICBN63P7_UP9emM6AE&eitems=ChEI8MzHhQYQgqSP_de0oY64ARIdAF3Jg5DG4tHKlm4NwvIcz_L2UG1lKMU07cOvAXk&random=2331982848&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:43 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/693039449/?random=728312116&cv=9&fst=1622308243796&num=1&fmt=3&value=0&label=JnwqCMKnjMABENniu8oC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5q1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI&capi=0&hn=www.googleadservices.com&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k3WyYICBN63P7_UP9emM6AE&eitems=ChEI8MzHhQYQgqSP_de0oY64ARIdAF3Jg5DG4tHKlm4NwvIcz_L2UG1lKMU07cOvAXk&random=2331982848&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.base-foto.com
URL: https://www.base-foto.com/c/d?i=6KaRUrBkuI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 May 2021 17:10:43 GMT
last-modified
Fri, 28 May 2021 17:10:10 GMT
etag
"60ae3a7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 29 May 2021 18:10:43 GMT
1
mc.yandex.com/watch/56890888/
Redirect Chain
  • https://mc.yandex.com/watch/56890888?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23!%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3...
  • https://mc.yandex.com/watch/56890888/1?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23%21%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3A...
238 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/56890888/1?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23%21%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A804%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1046606082970%3Ahid%3A873332316%3Az%3A120%3Ai%3A202105291901043%3Aet%3A1622308244%3Ac%3A1%3Arn%3A197785517%3Au%3A1622308244651314354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622308242803%3Ads%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C363%2C115%2C%2C%2C%2C767%3Adsn%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C360%2C116%2C%2C%2C%2C766%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622308244%3At%3A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
98b840579af16b3da3a2bc0030e8fd9bc996ee2660f1573887ea6b34cff57777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:44 GMT
x-content-type-options
nosniff
last-modified
Sat, 29-May-2021 17:10:44 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.base-foto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
238
x-xss-protection
1; mode=block
expires
Sat, 29-May-2021 17:10:44 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:44 GMT
last-modified
Sat, 29-May-2021 17:10:44 GMT
location
/watch/56890888/1?wmode=7&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23%21%2Fsth&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A804%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A530%3Acn%3A1%3Adp%3A0%3Als%3A1046606082970%3Ahid%3A873332316%3Az%3A120%3Ai%3A202105291901043%3Aet%3A1622308244%3Ac%3A1%3Arn%3A197785517%3Au%3A1622308244651314354%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1622308242803%3Ads%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C363%2C115%2C%2C%2C%2C767%3Adsn%3A12%2C161%2C227%2C5%2C0%2C0%2C%2C360%2C116%2C%2C%2C%2C766%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1622308244%3At%3A
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.base-foto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 29-May-2021 17:10:44 GMT
56890888
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56890888?wmode=0&wv-part=1&wv-hit=873332316&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23!%2Fsth&rn=745501870&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1622308246%3Aw%3A1600x1200%3Av%3A530%3Az%3A120%3Ai%3A202105291901046%3Au%3A1622308244651314354%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622308246
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:46 GMT
last-modified
Sat, 29-May-2021 17:10:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.base-foto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 29-May-2021 17:10:46 GMT
56890888
mc.yandex.com/webvisor/ 		43 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56890888?wmode=0&wv-part=1&wv-hit=873332316&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23!%2Fsth&rn=669114486&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1622308246%3Aw%3A1600x1200%3Av%3A530%3Az%3A120%3Ai%3A202105291901046%3Au%3A1622308244651314354%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622308246
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:46 GMT
last-modified
Sat, 29-May-2021 17:10:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.base-foto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 29-May-2021 17:10:46 GMT
56890888
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/56890888?wmode=0&wv-part=2&wv-hit=873332316&page-url=https%3A%2F%2Fwww.base-foto.com%2Fc%2Fd%3Fi%3D6KaRUrBkuI%23!%2Fsth&rn=483051695&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1622308248%3Aw%3A1600x1200%3Av%3A530%3Az%3A120%3Ai%3A202105291901048%3Au%3A1622308244651314354%3Avf%3A5gv0p5rfujionf9a%3Awe%3A1%3Ati%3A2%3Ast%3A1622308248
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 May 2021 17:10:48 GMT
last-modified
Sat, 29-May-2021 17:10:48 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.base-foto.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 29-May-2021 17:10:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gwb8a.rdtk.io
URL
https://gwb8a.rdtk.io/disabled.html

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| orgexit boolean| exit boolean| opened number| sec number| min string| domain string| lang function| titleblink function| exitwindow function| showWin function| showWin2 function| countDown function| confirmSubmit function| checkPhone function| checkZip function| checkBirth function| checkEmail function| checkEmail2 function| makeCheck function| checkName function| add_invalid_warning string| gCookie number| PopWidth number| PopHeight object| _Top boolean| isPopDone function| GetWindowHeight function| GetWindowWidth function| GetWindowTop function| GetWindowLeft function| setCookie function| getCookie function| popup function| addListener function| removeListener function| load_chrome_popunder function| load_ff_ie function| initPu function| checkEmailAddress function| checkPhoneNumber function| ym object| dataLayer string| link string| cc number| current_page object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| campaignID number| cachebuster undefined| rtkClickID function| removeParam object| urlParams string| pixelParams string| initialSrc function| stripTrailingSlash undefined| rawData object| xhr object| Ya object| yaCounter56890888 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

7 Cookies

Domain/Path Name / Value
.base-foto.com/ Name: _ym_uid
Value: 1622308244651314354
.base-foto.com/ Name: _ym_isad
Value: 2
.base-foto.com/ Name: _gid
Value: GA1.2.596694882.1622308243
.base-foto.com/ Name: _ym_d
Value: 1622308244
.base-foto.com/ Name: _ga
Value: GA1.2.1065255309.1622308243
.base-foto.com/ Name: _gat_UA-78186952-1
Value: 1
www.base-foto.com/ Name: id
Value: 456KaRUrBkuI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
buzz-track.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gwb8a.rdtk.io
img.vodonet.net
main2.vodonet.net
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
www.base-foto.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
gwb8a.rdtk.io
104.26.14.191
142.250.185.194
212.7.204.100
2606:4700:3032::ac43:8b32
2606:4700::6812:acf
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
95.211.228.83
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
07aa7a6a9057e0aaacf49f4198486d08039695ef79f403c71200633ba9dd6040
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0dfec608ace24273ca13088ce388ad6dd097b1b3ca64cc7035abc01e69cefcce
1498880ff28e0ff18146cad873b5939c151368f6bffd83f5656b97741dbc07b9
14f5b9c2901a58cb9e77ccd997a844b32824e54b2e6626990e0e0ae5b962ae2b
2c1cbef00723915338287b92788ea7f3913d891c6791818298340701caab5da6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
32bd9b94367a02c30759ca3bf7bfeea38a06c89499e502638f938b66cac71c5d
3606d5b2d4ae76e6161a8185dc6b7d1d5e93e7d82573c3adf9844c143b308c79
3aeb555b764bd40e3904c9fc6af91b3631f94c831ae160cc680eb1e813f32097
4a41313d46e834b2fc432dad7e9521742a5121353dbecaa3b7ddd88e0aaeb648
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
79ccf6e9f4819c886c841b6cf8c1a0819b5e0906e7f5326ade9653da0f7947b2
7bee6d9e87dd9630fce056d6f9fff3a8006b834fa148f703fb2a5b9897720f01
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c7fedafacfd5126fe268a3a9f4df9a951ed5149f17a4a138fdd47ac90a62cb
98b840579af16b3da3a2bc0030e8fd9bc996ee2660f1573887ea6b34cff57777
a22c9309f7723c017347e35f3f2ff436d03fc1fe78c328f3fc0328f08fdef189
a2a3e219ea51de330906090021bab55254a48287f73226256a9c24f49e0291d9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bb88444ba47283a55e6299fb840a0fbdd9bc36289015e414bfe51d517b113ac9
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
db9fd46e5cc01c42aaef4fd96addb73ab56c05046249f3c7c0c309305c35f344
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e143ca479f0e756272a7c548aa21291048b8498085c7ec07d7afc834b74b77e8
e2e4b41161be651b6c74dc618afdb06d7406a13a0fe2a6e8110de0a27338ae10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e0dbebc2d6d3cdf6015cc9aca648445b60f1d064045f2108bdf9de93e81fb