urlscan.io logo urlscan.io
SecurityTrails logo

joxi.net Open in urlscan Pro
176.9.162.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://joxi.ru/V2VwLYJTGWMpKA
Effective URL: http://joxi.net/V2VwLYJTGWMpKA
Submission: On February 08 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 5 countries across 27 domains to perform 87 HTTP transactions. The main IP is 176.9.162.205, located in Germany and belongs to HETZNER-AS, DE. The main domain is joxi.net. The Cisco Umbrella rank of the primary domain is 518403.
This is the only time joxi.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 78.47.21.152 24940 (HETZNER-AS)
1 176.9.162.205 24940 (HETZNER-AS)
14 176.9.162.204 24940 (HETZNER-AS)
3 2a02:6b8:a::a 208722 (GLOBAL_DC)
2 88.99.234.26 24940 (HETZNER-AS)
1 176.9.162.201 24940 (HETZNER-AS)
9 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
6 46.4.104.244 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 37.48.117.210 60781 (LEASEWEB-...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:6b8::16b 208722 (GLOBAL_DC)
9 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 96.46.183.20 7979 (SERVERS-COM)
1 194.55.244.183 34959 (PROCLOUD ...)
1 2 193.232.150.43 48061 (UMA-TECH-AS)
1 2a00:1148:db0... 47764 (VK-AS)
1 193.3.184.201 50214 (QWARTA)
1 2 167.235.33.114 24940 (HETZNER-AS)
1 37.18.16.6 205675 (HYBRID-AS)
1 31.220.27.134 39572 (ADVANCEDH...)
1 2 80.239.201.54 1299 (TWELVE99 ...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2a02:6b8::1be 208722 (GLOBAL_DC)
87 30
1    78.47.21.152 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs09.joxi.ru
joxi.ru
1    176.9.162.205 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs13.joxi.ru
joxi.net
14    176.9.162.204 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs12.joxi.ru
cdn.joxi.ru
3    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
2    88.99.234.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: digitalcaramel.com
ads.digitalcaramel.com
1    176.9.162.201 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: vs01.joxi.ru
dl4.joxi.net
9    2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2607:f8b0:4006:824::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
6    46.4.104.244 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
rotarb.bid
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    37.48.117.210 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cdn.ftd.agency
z.cdn.ftd.agency
2    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
partner.googleadservices.com
3    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
matchid.adfox.yandex.ru
9    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    194.55.244.183 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)
yhb.p.otm-r.com
2    193.232.150.43 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net
px.adhigh.net
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
1    193.3.184.201 (Russian Federation)

ASN50214 (QWARTA, RU)
ssp-rtb.sape.ru
2    167.235.33.114 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.33.235.167.clients.your-server.de
exchange.buzzoola.com
1    37.18.16.6 (Netherlands)

ASN205675 (HYBRID-AS, DE)
hbe199.hybrid.ai
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
kdmttk.com
2    80.239.201.54 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-54.teliacarrier-cust.com
mc.webvisor.org
3    2607:f8b0:4004:c1b::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c1b::63 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
ads.adfox.ru
Apex Domain
Subdomains		 Transfer
15 joxi.ru
joxi.ru
cdn.joxi.ru
371 KB
14 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1743
mc.yandex.ru — Cisco Umbrella Rank: 3788
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 29570
191 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
302 KB
9 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7252
195 KB
6 rotarb.bid
rotarb.bid — Cisco Umbrella Rank: 190033
398 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
5 KB
3 adfox.ru
ads.adfox.ru — Cisco Umbrella Rank: 11490
362 B
3 google.com
adservice.google.com — Cisco Umbrella Rank: 67
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23
20 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 25495
861 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 21313
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 17632
726 B
2 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13125
696 B
2 ftd.agency
cdn.ftd.agency — Cisco Umbrella Rank: 108612
z.cdn.ftd.agency — Cisco Umbrella Rank: 120195
3 KB
2 digitalcaramel.com
ads.digitalcaramel.com — Cisco Umbrella Rank: 106715
3 KB
2 joxi.net
joxi.net — Cisco Umbrella Rank: 518403
dl4.joxi.net
153 KB
1 kdmttk.com
kdmttk.com — Cisco Umbrella Rank: 105898
306 B
1 hybrid.ai
hbe199.hybrid.ai — Cisco Umbrella Rank: 72626
263 B
1 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 29783
446 B
1 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 9923
330 B
1 otm-r.com
yhb.p.otm-r.com — Cisco Umbrella Rank: 44114
246 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1479
912 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 854
500 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 360
67 KB
0 bidvol.com Failed
ssp.bidvol.com Failed
0 creativecdn.com Failed
adfox-c2s-ams.creativecdn.com Failed
0 pluso.ru Failed
x.pluso.ru Failed
87 27
Domain Requested by
14 cdn.joxi.ru joxi.net
cdn.joxi.ru
10 mc.yandex.ru 3 redirects joxi.net
mc.yandex.ru
cdn.jsdelivr.net
9 yastatic.net yandex.ru
9 pagead2.googlesyndication.com joxi.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
yastatic.net
6 rotarb.bid joxi.net
rotarb.bid
3 ads.adfox.ru
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.google-analytics.com joxi.net
3 yandex.ru joxi.net
yandex.ru
2 mc.webvisor.org 1 redirects joxi.net
2 exchange.buzzoola.com 1 redirects joxi.net
2 px.adhigh.net 1 redirects joxi.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.ca pagead2.googlesyndication.com
2 ads.digitalcaramel.com joxi.net
ads.digitalcaramel.com
1 www.google.com tpc.googlesyndication.com
1 kdmttk.com yandex.ru
1 hbe199.hybrid.ai yandex.ru
1 ssp-rtb.sape.ru yandex.ru
1 ad.mail.ru yandex.ru
1 yhb.p.otm-r.com yandex.ru
1 ads.betweendigital.com yandex.ru
1 matchid.adfox.yandex.ru yandex.ru
1 z.cdn.ftd.agency cdn.ftd.agency
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.ftd.agency joxi.net
1 cdn.jsdelivr.net joxi.net
1 dl4.joxi.net joxi.net
1 joxi.net
1 joxi.ru 1 redirects
0 ssp.bidvol.com Failed yandex.ru
0 adfox-c2s-ams.creativecdn.com Failed yandex.ru
0 x.pluso.ru Failed joxi.net
87 35

This site contains links to these domains. Also see Links.

Domain
brizo.ru
joxi.ru
www.facebook.com
twitter.com
vk.com
www.odnoklassniki.ru
Subject Issuer Validity Valid
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
caramel.am
R3		 2022-11-13 -
2023-02-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.cdn.ftd.agency
Go Daddy Secure Certificate Authority - G2		 2022-12-27 -
2023-12-28		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2022-12-21 -
2023-06-14		 6 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.p.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-02-03 -
2023-03-07		 a year crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.sape.ru
R3		 2022-12-11 -
2023-03-11		 3 months crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-26 -
2023-09-26		 a year crt.sh
kdmttk.com
R3		 2023-01-06 -
2023-04-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.adfox.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-26 -
2023-04-07		 5 months crt.sh

This page contains 6 frames:

Primary Page: http://joxi.net/V2VwLYJTGWMpKA
Frame ID: BDAEF334096CB9F37A3B28B7285DD1F6
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
Frame ID: 343461DD9C87561497AAF24AA12AB0BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5187259805604906&output=html&adk=1812271804&adf=3025194257&lmt=1675877296&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ea=0&pra=5&wgl=1&dt=1675877296529&bpp=5&bdt=890&idt=179&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4483119056919&frm=20&pv=2&ga_vid=2035782986.1675877296&ga_sid=1675877297&ga_hid=1730786353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44779793&oid=2&pvsid=2427654941527645&tmod=1976343805&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=212
Frame ID: C8CB115359F306058AB22504D702379A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00A693C78CEE0F2191EBCC9E4E575957
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0186F98572C1F6EFDAC85B27A67101FE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&h=600&slotname=8980172363&adk=2425055050&adf=1671111989&pi=t.ma~as.8980172363&w=240&fwrn=4&fwrnh=100&lmt=1675877298&rafmt=1&format=240x600&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1675877298418&bpp=3&bdt=2780&idt=3&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92a02316d91ea0e1-221f2040eada009a%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_MajcGdbDfMlrvGd8xCV9sv9H5h5zw&gpic=UID%3D000009a6001f4a26%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_Mbl98VNFJY7Kgqtiqh-RU0-07ICIA&prev_fmts=0x0&nras=1&correlator=4483119056919&frm=20&pv=2&ga_vid=2035782986.1675877296&ga_sid=1675877297&ga_hid=1730786353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1345&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44779793&oid=2&pvsid=2427654941527645&tmod=525446157&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=HwjLJZkPxu&p=http%3A//joxi.net&dtd=14
Frame ID: 2B8061846B206A480BEE2EB2A5FC9A16
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1675877090332 (146 kb) uploaded February 8, 2023 Joxi

Page URL History Show full URLs

  1. http://joxi.ru/V2VwLYJTGWMpKA HTTP 301
    http://joxi.net/V2VwLYJTGWMpKA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
  • cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

87
Requests

62 %
HTTPS

50 %
IPv6

27
Domains

35
Subdomains

30
IPs

5
Countries

1711 kB
Transfer

4063 kB
Size

38
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://joxi.ru/V2VwLYJTGWMpKA HTTP 301
    http://joxi.net/V2VwLYJTGWMpKA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 28
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1162378076&gjid=1436892911&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&z=268529989 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1162378076&gjid=1436892911&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&z=268529989
Request Chain 31
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1143500974756%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A396270068%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Ast%3A1675877297&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1143500974756%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A396270068%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Ast%3A1675877297&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 32
  • https://mc.yandex.ru/watch/14929090?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A543791978861%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A577125809%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Arqnl%3A1%3Ast%3A1675877297%3At%3A1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/14929090/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A543791978861%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A577125809%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Arqnl%3A1%3Ast%3A1675877297%3At%3A1675877090332%20%28146%20kb%29%20uploaded%20February%208%2C%202023%20Joxi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 43
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=system&ea=push&el=adblock&_u=aGBAgAABAAAAAE~&jid=&gjid=&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&cd1=No&z=43748798 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=system&ea=push&el=adblock&_u=aGBAgAABAAAAAE~&jid=&gjid=&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&cd1=No&z=43748798
Request Chain 50
  • https://px.adhigh.net/rtb/yandex_hb HTTP 307
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
Request Chain 55
  • https://exchange.buzzoola.com/ssp/adfox HTTP 307
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Request Chain 59
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9908.ufncLgDqfdRfSrmX5_SR0EzDguma-AK-dTk8uNZiNa1EKC3sK2j27hRrLCHF99A8.RgpBFyvDVim7QcLcwcP3oH-7sPs%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9908.CSHl-w5q_DmX-J62oQDW455vR_G4HGZLqurA23pfRVP1kSAlXyYBRW5nukP6Ua_K_WBVgzbQFukt0ZZeb19Z4rKaPd0o-Z0OI5iG2jSbS8Kh9EYlOYUY6fkhDqCsaXq9-A55bRxObDCfbb4sJ0dtJONp9_UkoIEMsJaPANjtvdSOapN586jBARvlaDWlB7sDj5QPKt2p0S4lkg5HylEZlr1NhQ1NahtRcw7uQh22iXc%2C.IMUHCQ5Y5MqFYGBIA3XWvCbIkEM%2C

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request V2VwLYJTGWMpKA
joxi.net/
Redirect Chain
  • http://joxi.ru/V2VwLYJTGWMpKA
  • http://joxi.net/V2VwLYJTGWMpKA
18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.205 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs13.joxi.ru
Software
nginx / PHP/5.4.45
Resource Hash
3b3e5c4826dc9f7f5fd2137eaf0f57ca00c3173213aec27142b0bb51608207f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 17:28:15 GMT
Node
vs13
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Language
X-Powered-By
PHP/5.4.45

Redirect headers

Cache-Control
private, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Feb 2023 17:28:15 GMT
Location
http://joxi.net/V2VwLYJTGWMpKA
Node
vs10
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Language
X-Powered-By
PHP/5.4.26
expires
-1
pragma
no-cache
video-js.css
cdn.joxi.ru/assets/video-js/ 		44 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/video-js/video-js.css
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
ae8e3b8884ea2187c24a5cac8c855dacdb159439e3cefec2fd5d8c8d953dfab9

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs13
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
video-js-5.9.2.min.js
cdn.joxi.ru/assets/video-js/ 		255 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/video-js/video-js-5.9.2.min.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
66028bdf106e9d9a5be6200c370f79f276738ea78fb24c002c214ad449a809ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs10
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
videojs-ie8.min.js
cdn.joxi.ru/assets/video-js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/video-js/videojs-ie8.min.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs13
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
common_3d899dba.css
cdn.joxi.ru/assets/css/ 		183 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/css/common_3d899dba.css
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
f607b1477ebae1c118de82367ea4a8b04ae29cf48a03f12b1fbb1646007bbe88

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 13:54:03 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs10
Content-Type
text/css
Access-Control-Allow-Origin
*
Connection
keep-alive
jquery-2.2.1.min.js
cdn.joxi.ru/assets/js/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/js/jquery-2.2.1.min.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs10
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
header-bidding.js
yandex.ru/ads/system/ 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8bc5e5b75c9bcb2488222f4c21d69a240738bb48b4fba59f2d0d1a5a443cb30a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id
1675877296722686-5446302969348346941-sas2-0564-sas-l7-balancer-8080-BAL-5950
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 08 Feb 2023 18:28:16 GMT
joxi.ru.js
ads.digitalcaramel.com/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.digitalcaramel.com/js/joxi.ru.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
digitalcaramel.com
Software
nginx /
Resource Hash
5f2cc4c7f25f8b82c96d4e44105c5288133fdb3c3c75751d2993eafec8a3847a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=15724800; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 11:46:50 GMT
server
nginx
content-encoding
gzip
etag
W/"6304be2a-1b3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
context.js
yandex.ru/ads/system/ 		277 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
972890fe5871b9d2e69441758d7f4fdc0f2c343e1c46d09d0f88fa250b5c6b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id
1675877296723045-968557434398949473-sas2-0564-sas-l7-balancer-8080-BAL-3627
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 08 Feb 2023 18:28:16 GMT
userpic-default.png
cdn.joxi.ru/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.joxi.ru/assets/images/userpic-default.png
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
0ff196c9d9258507ab91d23671e4b07818fabdfe1167056787bf5b721fe3799e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-5ef"
Node
vs10
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1519
a22ba0caf6.png
dl4.joxi.net/drive/2023/02/08/0045/2786/3001058/58/ 		146 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dl4.joxi.net/drive/2023/02/08/0045/2786/3001058/58/a22ba0caf6.png
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.201 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs01.joxi.ru
Software
nginx /
Resource Hash
14eb37ff053f47cee65b5767a92f9fca2d79ca319e42e65e66a359bbb307c87a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Wed, 08 Feb 2023 17:24:51 GMT
Server
nginx
ETag
"63e3dae3-249fa"
node
vs01
Content-Type
image/png
Access-Control-Allow-Origin
joxi.ru, joxi.net, beta.joxi.ru, beta.joxi.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
150010
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f42c1b77a49ae051875683bf30108e84890646b9085ca180a3e142d70be052a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49656
x-xss-protection
0
server
cafe
etag
15622535835597724305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 17:28:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5187259805604906
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57cb213a2a3cc2a8de0b2421cb14d29b0fe13b228dfef0327121ac1622ba8df4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49635
x-xss-protection
0
server
cafe
etag
14852074193290154272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 17:28:16 GMT
jquery-1.11.1.min.js
cdn.joxi.ru/assets/js/ 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/js/jquery-1.11.1.min.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs13
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
lang-en.js
cdn.joxi.ru/assets/js/ 		325 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/js/lang-en.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
c49511af4f4a02ddfe9856512a215c88dc38d0a5a298c09ffab127957ec0c6f3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-145"
Node
vs10
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
325
common_79cf64d9.js
cdn.joxi.ru/assets/js/ 		107 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/js/common_79cf64d9.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
ca12d80db5ffac0ef34023dab8d59ef25777305da393294cc78161ad7e058bf3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
Transfer-Encoding
chunked
Node
vs13
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Feb 2023 15:32:17 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6959
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 08 Feb 2023 17:32:17 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
tag.js
mc.yandex.ru/metrika/ 		211 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7ddf2bfbac37620db215b2ef833b10ca654424297afffc037f7db9c7cb972301
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:45:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63e36f34-1207d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73853
expires
Wed, 08 Feb 2023 18:28:16 GMT
248h9.min.js
rotarb.bid/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rotarb.bid/248h9.min.js?6169ade
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
93c07ea435a1e59453a46241b908ca43d071c6a9cb810a4b6ba6dc92df4e77aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Server
nginx
Duration
2383351
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Connection
keep-alive
Keep-Alive
timeout=60
Access-Control-Allow-Headers
*
Expires
Wed, 08-Feb-2023 19:33:16 EET
joxi.ru.css
ads.digitalcaramel.com/css/ 		561 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.digitalcaramel.com/css/joxi.ru.css
Requested by
Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/js/joxi.ru.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.99.234.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
digitalcaramel.com
Software
nginx /
Resource Hash
7b5be1373fac573691c1b35a3766aa4e9c024a0d77664ac1934a3fffb0089e52
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=15724800; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 11:46:50 GMT
server
nginx
content-encoding
gzip
etag
W/"6304be2a-231"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
pluso-x.js
x.pluso.ru/ 		0
0
logo.png
cdn.joxi.ru/assets/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.joxi.ru/assets/images/logo.png
Requested by
Host: cdn.joxi.ru
URL: http://cdn.joxi.ru/assets/css/common_3d899dba.css
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
b3aa5d847dd7a9e291a4fcdd26d5fca89f59cd9f9b8e2e5a7761cad0bad8815c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://cdn.joxi.ru/assets/css/common_3d899dba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-69ff"
Node
vs13
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27135
icons.png
cdn.joxi.ru/assets/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.joxi.ru/assets/images/icons.png
Requested by
Host: cdn.joxi.ru
URL: http://cdn.joxi.ru/assets/css/common_3d899dba.css
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
b86b29f13ca937b3a0f884eea766b082d994c125820f0835fea7dcf117ae4b63

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://cdn.joxi.ru/assets/css/common_3d899dba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-11215"
Node
vs10
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70165
helveticaneuecyr-ultralight-webfont.woff
cdn.joxi.ru/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/fonts/helveticaneuecyr-ultralight-webfont.woff
Requested by
Host: cdn.joxi.ru
URL: http://cdn.joxi.ru/assets/css/common_3d899dba.css
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
b16c52edca6da03f0e8d51d188b34ed03f4b29de7b7e09e08b5f4b7f0b25bbca

Request headers

Referer
http://cdn.joxi.ru/assets/css/common_3d899dba.css
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-648c"
Node
vs10
Content-Type
font/woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25740
helveticaneuecyr-light-webfont.woff
cdn.joxi.ru/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://cdn.joxi.ru/assets/fonts/helveticaneuecyr-light-webfont.woff
Requested by
Host: cdn.joxi.ru
URL: http://cdn.joxi.ru/assets/css/common_3d899dba.css
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
6344718a67ed4427607fc3163e1af2a302b22bc9164c138e9950e9c47ad59dd4

Request headers

Referer
http://cdn.joxi.ru/assets/css/common_3d899dba.css
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-5e44"
Node
vs13
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24132
icons-flags.png
cdn.joxi.ru/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.joxi.ru/assets/images/icons-flags.png
Requested by
Host: cdn.joxi.ru
URL: http://cdn.joxi.ru/assets/css/common_3d899dba.css
Protocol
HTTP/1.1
Server
176.9.162.204 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
vs12.joxi.ru
Software
nginx /
Resource Hash
d506d736956ae463d7d2c5896d2ea92232aa2006c42e1c185cedc99d8d775d87

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://cdn.joxi.ru/assets/css/common_3d899dba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Last-Modified
Mon, 05 Feb 2018 09:45:10 GMT
Server
nginx
ETag
"5a7827a6-df9"
Node
vs10
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3577
watch.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		163 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87114e0ae8cc1d1f588fe2d54adef6cbae7d5196e6886be76b703e34570df18d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19286
x-jsd-version
1.257.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA, cache-jnb7020-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"28b9e-k7VMbzLlxta0PUMGv7+1skJZRMc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2yzfh8fwv4xkkH%2FelkLRGHLzNCtsSp8fIl53sthq4wmOld1EVA6Ug6y4pS4hz%2F2PXsmQ3GNUCxCRWLt6yWKxOG8bxayUjOQz8I5P%2Fdcf4dh%2Fg7bxdSjfVhtopTvoVFnkopwBstKbRf%2B%2FsPq72A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
796614aeef927154-YUL
e.js
cdn.ftd.agency/libs/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ftd.agency/libs/e.js
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b94cca07fdf39214a885812d5c0cf5bc370499e17f4d94ddfc4728d4dcf1ef47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block;
Last-Modified
Tue, 13 Sep 2022 09:47:20 GMT
Server
nginx
ETag
W/"632051a8-aec"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Thu, 09 Feb 2023 17:28:16 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-30950280-5&cid=2035782986.1675877296&jid=1162378076&gjid=1436892911&_gid=112278569.1675877296&_u=IGBAgAABAAAAAE~&z=2124234972
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 Feb 2023 17:28:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://joxi.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2...
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1162378076&gjid=1436892911&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&z=268529989
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 21:32:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71720
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=pageview&_s=1&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1162378076&gjid=1436892911&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&z=268529989
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 		361 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5187259805604906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65cf438443f9a4aaba6805302a8487c61a4c46c28b6994900c69fa9a5999b649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121152
x-xss-protection
0
server
cafe
etag
2721226687244683009
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 17:28:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/ Frame 3434 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5187259805604906
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
4758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 16:08:58 GMT
etag
10353107486223812946
expires
Wed, 22 Feb 2023 16:08:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala...
264 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1143500974756%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A396270068%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Ast%3A1675877297&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
231e7a429d67f3e1dae41d012960b37101dcaedb2305f24ff37cd1b8a9b3b1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 08-Feb-2023 17:28:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
264
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 17:28:16 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/3/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1143500974756%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A396270068%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Ast%3A1675877297&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:16 GMT
1
mc.yandex.ru/watch/14929090/
Redirect Chain
  • https://mc.yandex.ru/watch/14929090?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.ru/watch/14929090/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
428 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/14929090/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A543791978861%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A577125809%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Arqnl%3A1%3Ast%3A1675877297%3At%3A1675877090332%20%28146%20kb%29%20uploaded%20February%208%2C%202023%20Joxi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
fb424f758b24862fb8c20d09d150050cf89163a33a86b4926292674e7a093fba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 08-Feb-2023 17:28:16 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:16 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 17:28:16 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/14929090/1?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A543791978861%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172816%3Aet%3A1675877297%3Ac%3A1%3Arn%3A577125809%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675877294413%3Arqnl%3A1%3Ast%3A1675877297%3At%3A1675877090332%20%28146%20kb%29%20uploaded%20February%208%2C%202023%20Joxi&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:16 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:45:24 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63e36f34-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 08 Feb 2023 18:28:16 GMT
cookie.js
partner.googleadservices.com/gampad/ 		383 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=joxi.net&callback=_gfp_s_&client=ca-pub-5187259805604906
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d823f9a25aa02ed0eecab9de11119de22dacd5aa2107cf45b15fe0ce15b4b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=joxi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=joxi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&tn=HEADER&cls=navbar%20navbar-header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C8CB 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5187259805604906&output=html&adk=1812271804&adf=3025194257&lmt=1675877296&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ea=0&pra=5&wgl=1&dt=1675877296529&bpp=5&bdt=890&idt=179&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4483119056919&frm=20&pv=2&ga_vid=2035782986.1675877296&ga_sid=1675877297&ga_hid=1730786353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44779793&oid=2&pvsid=2427654941527645&tmod=1976343805&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 17:28:16 GMT
expires
Wed, 08 Feb 2023 17:28:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
248h9.json
rotarb.bid/ 		59 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rotarb.bid/248h9.json
Requested by
Host: rotarb.bid
URL: http://rotarb.bid/248h9.min.js?6169ade
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
29e2c9d0d5b9b434f5c58515bc373167c3cd8a7f12f4859a462e9c3fb0ff437d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Strict-Transport-Security
max-age=63072000
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
59
Access-Control-Allow-Headers
*
248h9.json
rotarb.bid/ 		191 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rotarb.bid/248h9.json
Requested by
Host: rotarb.bid
URL: http://rotarb.bid/248h9.min.js?6169ade
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
3210a53d9504c76e9131749f841004809098b7316aaa8da12d371bda7dddf950
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Strict-Transport-Security
max-age=63072000
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
191
Access-Control-Allow-Headers
*
6890577.rffa3v.png
rotarb.bid/media/images/teaser/6/8/9/0/5/7/7/ 		376 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rotarb.bid/media/images/teaser/6/8/9/0/5/7/7/6890577.rffa3v.png
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
13595fec98790a573137335e23ead84834ce336edc309a2c57b56783f3211eb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 17:28:16 GMT
Strict-Transport-Security
max-age=63072000
Last-Modified
Fri, 22 Jul 2022 12:46:29 GMT
Server
nginx
ETag
"62da9c25-5e048"
Content-Type
image/png
Cache-Control
max-age=600, public, must_revalidate
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
385096
Expires
Wed, 08 Feb 2023 17:38:16 GMT
load
z.cdn.ftd.agency/ 		0
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.ftd.agency/load?z=1284981025&div=zone_1284981025&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2376&pl=3&mi=4&hc=4&n=1675877296789&url=joxi.net%2FV2VwLYJTGWMpKA&vc=Intel%20Iris%20OpenGL%20Engine&ti=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&zyx=2767079613
Requested by
Host: cdn.ftd.agency
URL: https://cdn.ftd.agency/libs/e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 08 Feb 2023 17:28:17 GMT
Cache-Control
no-cache, must-revalidate
Server
nginx
Connection
keep-alive
P3P
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208...
  • https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%20...
35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=system&ea=push&el=adblock&_u=aGBAgAABAAAAAE~&jid=&gjid=&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&cd1=No&z=43748798
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H3
Server
2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 02:45:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52962
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j99&a=1730786353&t=event&ni=1&_s=2&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&ul=en-us&de=UTF-8&dt=1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=system&ea=push&el=adblock&_u=aGBAgAABAAAAAE~&jid=&gjid=&cid=2035782986.1675877296&tid=UA-30950280-5&_gid=112278569.1675877296&cd1=No&z=43748798
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
248h9.json
rotarb.bid/ 		60 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rotarb.bid/248h9.json
Requested by
Host: rotarb.bid
URL: http://rotarb.bid/248h9.min.js?6169ade
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
db0f15886d3b483b30b77a2eb1d1aea7bd883d893a0e3bb28d9ff115bf46a881
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 08 Feb 2023 17:28:17 GMT
Strict-Transport-Security
max-age=63072000
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
60
Access-Control-Allow-Headers
*
getcookie
matchid.adfox.yandex.ru/ 		87 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
64c7beb738149f41a4ed17fba4fb1218361b4c5bc0a6b0fa6a54a399b52de874
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
http://joxi.net
date
Wed, 08 Feb 2023 17:28:17 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
timing-allow-origin
*
content-length
87
content-type
application/json
b887192c4a62fd372984.js
yastatic.net/partner-code-bundles/718954/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/b887192c4a62fd372984.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5870f1aa4ffa0224b3e534a97a00edeeb5681d6220788babdd5cb1141ea64739
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3549
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"0167a734927051bb685225f46e250151"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:04:05 GMT
47cd80af7dfc1a4aa9ca.js
yastatic.net/partner-code-bundles/718954/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/47cd80af7dfc1a4aa9ca.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
ec9ce646449261e54f279bbecaed5a73761c66f2bb35f5ded47097d65a03acba
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8412
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"e939782f914e42ed1e95e5f55383e7d1"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:01:32 GMT
adjson
ads.betweendigital.com/ 		11 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://joxi.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
yhb
yhb.p.otm-r.com/ 		11 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yhb.p.otm-r.com/yhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.183 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://joxi.net
date
Wed, 08 Feb 2023 17:28:17 GMT
access-control-allow-credentials
true
server
nginx/1.23.2
content-length
11
vary
Origin
content-type
text/plain; charset=utf-8
yandex_hb
px.adhigh.net/rtb/
Redirect Chain
  • https://px.adhigh.net/rtb/yandex_hb
  • https://px.adhigh.net/rtb/yandex_hb?bounced=1
11 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
193.232.150.43 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
hosting.adhigh.net
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:17 GMT
server
nginx
x-backend-id
f24-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://joxi.net
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
11
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:17 GMT
server
nginx
x-backend-id
f24-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://joxi.net
location
https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
bids
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 		0
0
/
ad.mail.ru/hbid_yandex/ 		11 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/hbid_yandex/
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Feb 2023 17:28:17 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://joxi.net
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
pl999
ssp.bidvol.com/rtb/ 		0
0
adfoxhb
ssp-rtb.sape.ru/ 		11 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-rtb.sape.ru/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.3.184.201 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 08 Feb 2023 17:28:17 GMT
Server
openresty
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
http://joxi.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
11
adfox
exchange.buzzoola.com/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/ssp/adfox
  • https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
11 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
167.235.33.114 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.114.33.235.167.clients.your-server.de
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
server
nginx
serverid
TODO
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://joxi.net
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
11

Redirect headers

date
Wed, 08 Feb 2023 17:28:17 GMT
server
nginx
etag
W/"87c59e9f437882437dde4987343b6bfed1057f2ec5b4c5191698a14f06b52783"
serverid
TODO
access-control-allow-origin
http://joxi.net
location
/ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers
Set-Cookie, Etag
access-control-allow-credentials
true
access-control-allow-headers
Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length
0
adfoxhb
hbe199.hybrid.ai/ 		11 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbe199.hybrid.ai/adfoxhb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.6 , Netherlands, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
gzip
server
Hybrid Web Server
content-type
application/json; charset=utf-8
access-control-allow-origin
http://joxi.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
10502
content-length
31
expires
-1
get_data
kdmttk.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kdmttk.com/get_data?format=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://joxi.net
date
Wed, 08 Feb 2023 17:28:17 GMT
access-control-allow-credentials
true
server
nginx/1.19.0
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS
89142389
mc.yandex.ru/watch/ 		435 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/89142389?wmode=7&page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afp%3A1965%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1282569894014%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172817%3Aet%3A1675877297%3Ac%3A1%3Arn%3A678134069%3Arqn%3A1%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A166%2C101%2C165%2C1%2C685%2C0%2C%2C940%2C9%2C%2C%2C%2C2059%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A0%3Ans%3A1675877294413%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675877297%3At%3A1675877090332%20(146%20kb)%20uploaded%20February%208%2C%202023%20Joxi&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
447e8bd8faf1296d6113dc1b02a9adf1d20564618b7593409f1ba8234a11ee63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 08-Feb-2023 17:28:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:17 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9908.ufncLgDqfdRfSrmX5_SR0EzDguma-AK-dTk8uNZiNa1EKC3sK2j27hRrLCHF99A8.RgpBFyvDVim7QcLcwcP3oH-7sPs%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9908.CSHl-w5q_DmX-J62oQDW455vR_G4HGZLqurA23pfRVP1kSAlXyYBRW5nukP6Ua_K_WBVgzbQFukt0ZZeb19Z4rKaPd0o-Z0OI5iG2jSbS8Kh9EYlOYUY6fkhDqCsaXq9-A55bRxOb...
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9908.CSHl-w5q_DmX-J62oQDW455vR_G4HGZLqurA23pfRVP1kSAlXyYBRW5nukP6Ua_K_WBVgzbQFukt0ZZeb19Z4rKaPd0o-Z0OI5iG2jSbS8Kh9EYlOYUY6fkhDqCsaXq9-A55bRxObDCfbb4sJ0dtJONp9_UkoIEMsJaPANjtvdSOapN586jBARvlaDWlB7sDj5QPKt2p0S4lkg5HylEZlr1NhQ1NahtRcw7uQh22iXc%2C.IMUHCQ5Y5MqFYGBIA3XWvCbIkEM%2C
Requested by
Host: joxi.net
URL: http://joxi.net/V2VwLYJTGWMpKA
Protocol
H2
Server
80.239.201.54 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
80-239-201-54.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9908.CSHl-w5q_DmX-J62oQDW455vR_G4HGZLqurA23pfRVP1kSAlXyYBRW5nukP6Ua_K_WBVgzbQFukt0ZZeb19Z4rKaPd0o-Z0OI5iG2jSbS8Kh9EYlOYUY6fkhDqCsaXq9-A55bRxObDCfbb4sJ0dtJONp9_UkoIEMsJaPANjtvdSOapN586jBARvlaDWlB7sDj5QPKt2p0S4lkg5HylEZlr1NhQ1NahtRcw7uQh22iXc%2C.IMUHCQ5Y5MqFYGBIA3XWvCbIkEM%2C
date
Wed, 08 Feb 2023 17:28:17 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1c0942547d39e10f5f56.js
yastatic.net/partner-code-bundles/718954/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/1c0942547d39e10f5f56.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c5c661ed9117d3bfaa1270862ea0e61184a85d076ca95d1bb2d0b15bb5d3dd71
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4801
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"19cece338cdd217d0771d4f8522ea336"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:03:02 GMT
36caea299034b123bba5.js
yastatic.net/partner-code-bundles/718954/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/36caea299034b123bba5.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d721c430ddd91cbf2aa9f63dbf7f9476c2f284a235fc6cc3ab844f5cb5d159ae
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23534
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"733dd172cf86f7c3cbe7087116475df2"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:03:02 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:04:08 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
2816d63604dd9851
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 23:13:19 GMT
07cea2bf8567304efc16.js
yastatic.net/partner-code-bundles/718954/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/07cea2bf8567304efc16.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
677a116bab2c7a9f731a136d5be9a66bb60a3f2bf98496ae6a669f22f45aff95
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7925
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"7f2cadff7389788cd781bce9174300ce"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:03:02 GMT
2ec9a88e40a26b53acde.js
yastatic.net/partner-code-bundles/718954/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/2ec9a88e40a26b53acde.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
59d03afb04958ebbceaae1fb0d39439835b625e9aad2151ca01d4e82733f2f44
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2065
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"e2158c7529d630a098c3824fd3aaad94"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:03:02 GMT
2e96844bde3642fb4544.js
yastatic.net/partner-code-bundles/718954/ 		562 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/718954/2e96844bde3642fb4544.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
84d2d80b4c7f9f92b0b5abfe0ae5ca1bd26b8d940c693854151f44ec896f10ec
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:17 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
109240
last-modified
Tue, 07 Feb 2023 15:31:43 GMT
server
nginx/1.17.9
etag
"9f61d56ce794dd529daef5e3fdb52e38"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 08 Feb 2053 00:03:02 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa953da28d2a4b3dc7112246da6e32a8aea3482ba57578f8428e325e3d5958a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11173
x-xss-protection
0
248h9.json
rotarb.bid/ 		59 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rotarb.bid/248h9.json
Requested by
Host: rotarb.bid
URL: http://rotarb.bid/248h9.min.js?6169ade
Protocol
HTTP/1.1
Server
46.4.104.244 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e1ab25ad530de520093017f5275ad7c65b239a3cb334b2e4b45754fac7b6baab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 08 Feb 2023 17:28:18 GMT
Strict-Transport-Security
max-age=63072000
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
59
Access-Control-Allow-Headers
*
v2
yandex.ru/ads/adfox/260971/getBulk/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/260971/getBulk/v2?dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&date=2023-02-08T17%3A28%3A18.024%2B00%3A00&pd=8&pdh=1200&pdw=1600&pr1=3904589035&pr=914960401&prr=&pv=17&pw=3&extid_loader=MTY3NTg3NzI5NzI4OTM1MzUzMQ%3D%3D&extid_tag_loader=joxi.net&ylv=0.718954&ybv=0.718954&ytt=58275727147013&is-turbo=0&skip-token=&ad-session-id=5683441675877298030&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1345%2C%22top%22%3A223%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=718954&available-width=240&available-height=400&yaru=true&p1=cusln&p2=gxmo&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjk1Nzg5MywicmVzcG9uc2VfdGltZSI6MjYyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNDU4OTU1NCJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTMxLCJyZXNwb25zZV90aW1lIjo0ODIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzNDQ3MCJ9LHsiYmlkZGVyTmFtZSI6ImdldGludGVudCIsImNhbXBhaWduX2lkIjoxMDQ4ODk5LCJyZXNwb25zZV90aW1lIjo3NTIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2Nl8yNDB4NDAwXzFfYWxmYWRhcnQifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjoxMDE5MTA1LCJyZXNwb25zZV90aW1lIjo5LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiU01YRjJpMlA5aHhsdnNVbGJZdTEifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo5NTI5NjEsInJlc3BvbnNlX3RpbWUiOjU3MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNzMxNjUifSx7ImJpZGRlck5hbWUiOiJiaWR2b2wiLCJjYW1wYWlnbl9pZCI6MTQ0NTcyNSwicmVzcG9uc2VfdGltZSI6MTAwNCwiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjI1NDMyIn0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk3LCJyZXNwb25zZV90aW1lIjo1MjgsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3NzA3ODAifSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjo5NTcxMjksInJlc3BvbnNlX3RpbWUiOjUxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzQ3NzgifSx7ImJpZGRlck5hbWUiOiJoeWJyaWQiLCJjYW1wYWlnbl9pZCI6MTg3OTc1OSwicmVzcG9uc2VfdGltZSI6NDQ0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNjJiYWRkNzBmYTFlMmVhODUwNjhlYzE0In0seyJiaWRkZXJOYW1lIjoia2FkYW0iLCJjYW1wYWlnbl9pZCI6MTk5MzE0NiwicmVzcG9uc2VfdGltZSI6Mzg3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMzI3OTEwIn1d&utf8=%E2%9C%93&duid=MTY3NTg3NzI5NzI4OTM1MzUzMQ%3D%3D&pcode-test-ids=657519%2C0%2C32%3B685681%2C0%2C9%3B718868%2C0%2C55%3B719186%2C0%2C37%3B716710%2C0%2C94%3B714015%2C0%2C35%3B709005%2C0%2C66%3B718954%2C0%2C72%3B681850%2C0%2C78&pcode-flags-map=eJytWNtu2zgQ%2FZWFnxdd3S99oyTKJiyJWpJy4hYF4bZu4kUui9TpZlv033coyrYkO3TTLVCkjuI5HM7lzBl9m5BpRRmWJeEcZzJDAskaMVRymVMmFyTDVJJKprRM6OT122%2BTL6ubx%2FXk9WT99Pfk98l2%2FXlLPsKvfmx5vj%2F5%2Fu73yQJxyfCfDeZCLkpUy5zRUqKMD%2BwFa3AfILBDJ7JaAFyhpMCjw%2BFDTioiMPiXzvmMCnlBxIw2QiLwXXCTd4HvB5H7YvBfgYyKQtaMZk0q%2BPExL4PGAPnCvPRAVF7gzAtIhSxQgosWCkASVFWYmbMTuK4X9n2p8IXkc7CGfwqQogwzWRdoOYIaOxT5ThzvHSJVjaZYckHS%2BVJmhCvwrI1aolKb5fQSHjOcCslxUQyg8WU9hA5t5wDd8KGXFarqxnzL2A4tbw8gZgyihRlTYcolb9gCLyHkkMSpJFxWUCYLVJDsDKgT%2BNEeFGUq%2BktVtx2SoLpNup4xgoVW6EXhAawowENaFUtZN0lBUolq0qYVUsIFdLYZzbYt3%2B41bUkXWNICbMkbvCcC1b4%2F7qHtRp51KDihmwIzTmg1sAztILC9oW0UBfawWPe9QytwCHJ65vTYc8OjntmDFARICWph3KSsNNUsoPquJremIl2pt1Eu677d9uFx3TPznMiNdShULXLedtvIZnxWz0jlEONK0oRjKL1RW92t3t%2BsB5Zu4MT67jm5BEqv5AyT6UzISpiP9Hw31mFfoirDl5I1MqMlIpWR8q3QcYP9eQmjc3AWzpJTNuqJsaUd%2BlFw8kBFAYKRxGju2Fag2%2FQNrhyZN8AWFyQDwiYlsInR1rO9bsy0th3jyIQylVSGMtLw334QYYmU39ph6MULtDTOCh9Ks4tzlqtu4jWtoDAEKTHwwcDUsSxraOtZrr5zndIMK%2FLguDIOEN%2FzAaYrJcWjDKva3Z0nFX0azb0wdI7NgQrh54VqUKjOn0HYOQDk2Qyy5VqnrQuMWCVLpVQWiBE0urczONS3rC7KNSOUEbGUyRI6Hl%2FUlJkDFoRB13u7uuhGT8qNQ82HwRH1KhKGQ4pgbsAAS1PIEjewhB%2B7vm0PbNsq5nt9U8PMINXUDOL5HeumtKkElLJY1li6Zq9hlvi99JQshThxkpAComY%2BLg6DZy0VV6cwjeZnTt9hlE0hiFYhEgg2J6AAiLpEjlJzN8eRE4Y9PzoQTe8wWKHYlCRJQG6pjhGMFsUZfWI5nqurbspQ4pi%2FCyVqHb7bjs2%2BgW87lun7Jzrf9p%2Bx2BXHDLfjh%2BEMc1DvRv9s3wm0tRJCDOfAOTPQalOSmu0ityPYVqOwUnUQw9Vu7tUMJ2aKD4CjHXvQSjADGdR1Bd00w5APRds8ZWrCcW5kosCObc8bgM2IaD3pgUA85oKagdzQcQaSOq1LWeKMIAkgSJBFO6fNGLE7XFTSOv3fGCNBkuEcQVO8cGHwfCsIBmHiJWJCgmprsAI%2FF2c%2FCILDEqf178gzLYepUtSt9pW8OONVaIddQ6VK1tOqKySUK5oiOYhMrPcHc0WFURzEezWVMwIwIHy1vRJWtflyQ%2FtkftStRxZB7HZl17N46WYchLFnhXsUGGWZQjAKziCIvE4I907WRWY%2By3EsHeteYyg59kPdEQWe7e7aHlQNSGa4KhSNdB1Ly6yW1rViOt4aj%2FDCyD2%2BhZia7wBpig5WB9bmsoaJAMMR1PwCl%2BOxOvn0WW7vHz9cjzY6K3LGe6tmzhN57Lb%2BM8mBha5rXt1esGDWUrB2xpybekEMC0q3Hg2Pzguq9zbt6BmQqGup50DaSh2GZ%2FMkb1dP8nq9ubrePgNHKugiOccJSiSIeuNSZIF6GPS1poaLGZRcr%2FrUlqw33QZmVrvVg6TCwJLGdg9ty%2BvECWNSjy%2FRgArUtNEGumWoZjo7u%2BR6uu8L9GbZMo1sNXTf7Nvk03r74bpcPVxt7ropfHv%2FfnOz5h9WN5u7q8lr5%2FsA1Qfp0SsCzbEgqWVSqEpQm2b%2FgLeT29Xm5tXDI%2Fj27%2Bru4%2FoJPv%2BxuV1drT8PHl2tbtsnH7%2Bu7%2FTXV18223v98fZV75ePd5vuqULeI8CDh9XXm%2Fuv192fvz7o%2Fx8fVq%2Fu1v98PvrCX6v7201r%2Bu70Ffvte0itOX3Brs4Hxqo%2B0ZnEg6V9qrh3Q1EBgo4ANVEMRGe3JktgLiTwdGk%2BJfYC92QLHUr3Vx8EM7VjoVbdctgsCD3s9x2H9E5SXIe5enNy5uVp5O84E2U8m49fFrQvVqKjVy3REdergX9SWb5%2F3G7v70YXs6Oh2sh515cZBtHdt4c9dJhiaO%2BTpmcqY2cmplRtWBQyVEhW1j8kh0Pbs%2ByDvFnUiBh2URs28IHTVmxZPWu9YvyktaosBMw4U1knJWx3hz2lfe2GVX30eNPMxD%2BB%2FQLApMlzwMJlDSVZAOKJ%2B%2FqGy3b2rX74mYC1ZH2ipGN%2F%2FPZQPfn%2B7vt%2FIjtMhw%3D%3D&use-server-side-rendering=1&pcode-icookie=GKSYqlRJIcplZt889tE6YOnYbPljktVq7HVswaajxYF5Uhw08scXXPLjewI2aUFUFMCgJKxhxXqnqHgpGKUtLLit%2FLI%3D&top-ancestor=http%3A%2F%2Fjoxi.net&top-ancestor-undetermined=0&grab-orig-len=1376&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo4NX0KKqiicRvL74EgrKeGpdtDAsxMzEytsNv5p9vnYR_9saNiZ4kTN4lFWMbymB6baxIDidg0MfVvh7ZjjSZRUBVUjTqSEREgwCMgUMBTkJFJGxIZCXHjTVC3rLQyx48N7s0sz4zZ8KBsEoWEvIEr0B0yCfZT3MnI_3UbU4ly_p0-47rxGzJRi2qziNrPYRFjj-0t0MWZSHV0iOrHuetUH87GPwZb8kj2NkqNXyOcbVPZ5eMv0a7EXip6LdWla5aB2UabKcHZytR_xd7edgl9FpnrxJkzbwddEqMESujQP1YsylEdHSfSDnjOXj-zOrlg0QrbIpNYTUVubbUnxD1yUUbB1mOYIlMrellmnnXYlgvzvMdH41IhibUhuV71JeUWrm6hWbI6244PHZfcYp6t61p0IL3iPqfffPZaH-Prgk62BXa_XMBI7PNmrBfr0kIguZyVYjfwjoQccLJRqeq5yArnz_U86UpvzfFzV2_gV5yUWcVKd1hRPhsznfNAvECGuboFc8rEt-HsJtxjIjWwWAJUiBdjloKvBb6LEJDJQ1aPr67ggVzaZWfKMZaKdprrJ6orZ-MpECMsly6a0lRYvWkYRa5xqT_63D4YDPViTDgRFujI8W-cqBZHyEUVo5ruWtUtEHD6147ZwMqKoU38MbmGFDkODCWL_biw1_Yzn83S752fG-PKW6941sr3ED1AOF8DBjiNr8RpseMD5ukE1Y6EZpApyjW4tNebZ1xJFQ2Y54YpAq3NHIwZCaDDHPiPe24fZoctF3PCaX_BCdxGr4osbX23aX5bSpvGa6WdOhToe2YLJhATi6Tvk1YikeqY2ZPlkrYuInTmztuKYO-ixTE4HWA7r-TH9ccCAP_Dwp52Hw_g5wF1mEPf2GfV053oZjL9dhxUQsBQDIxdK5kAIJeyrIeu0iz3SmUs9KoDm2dAtW1U5u10g3oyveMZ2hv4k6Q5CoCjXH1P2qdQGyxtAVFc_pMxdIRSIq347RhBQx6HsAOs6UuRk7aQPKg6pM7xfQfRgyZ1kSki1zcoR6DcuHmGVE-Ov7cv8bzwHsbVhdGhx9qjbSH2tgVMOcl9mkWOm5eYWwczKkB9VtMuhC2nczfU6ID7H-Y08DxNqtyYtE1bJPRg4nrqZnCbDvaAMwafIUOotGjSIjO4iMzgIhLLR07yYxbMUURhaV4BRERgRIosvcwLtkXXz3yDLpZripgWBHSuKqZFi5p03Z89nOHF14j82evwc-J-vQbF3fYizYaBAQniBvnENp9U2vmD9PQDIo3CdL9YAuxYZiteVJVqA2B7UIIBiBjQ&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0c9602e28e329b6eedd9809e6f54e948aae2a495ac54a63767b5f6a892bead52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1675877298127745-10938747262893090944-sas2-0564-sas-l7-balancer-8080-BAL-3348
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 08 Feb 2023 17:28:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 08 Feb 2023 17:28:18 GMT
1
mc.yandex.ru/watch/14929090/ 		43 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/14929090/1?page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&hittoken=1675877296_d251e68d069a3e696294ceeb83e304da392458f91ce2ec21378f54b748829bfd&browser-info=pa%3A1%3Aar%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A543791978861%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172818%3Aet%3A1675877298%3Ac%3A1%3Arn%3A1058993946%3Arqn%3A2%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3580%2C3580%2C3%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A0%3Ans%3A1675877294413%3Aadb%3A2%3Ast%3A1675877298&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ti(2)
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://joxi.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:18 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 17:28:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:18 GMT
1
mc.yandex.ru/watch/89142389/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/89142389/1?page-url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&charset=utf-8&hittoken=1675877297_2e5c4c180eb4cb0cd8b9ac56e08f818480097db5eff211c609e69c4db9519c08&browser-info=pa%3A1%3Aar%3A1%3Avf%3Asm0gggw3usgug1h33hqlj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A1282569894014%3Ahid%3A778290178%3Az%3A0%3Ai%3A20230208172818%3Aet%3A1675877298%3Ac%3A1%3Arn%3A815699642%3Arqn%3A2%3Au%3A1675877297289353531%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3580%2C3580%2C3%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A0%3Ans%3A1675877294413%3Aadb%3A2%3Ast%3A1675877298&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%225683441675877298030%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:18 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08-Feb-2023 17:28:18 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
http://joxi.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 08-Feb-2023 17:28:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 17:28:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00A6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
58319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 01:16:19 GMT
expires
Thu, 08 Feb 2024 01:16:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0186 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::63 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc94adb312d39ae2244890a81c02347aa21e762d890980db6737f3e0756ec140
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cUOgeaVXi8jR_yP-tfCDyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://joxi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-cUOgeaVXi8jR_yP-tfCDyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 17:28:18 GMT
expires
Wed, 08 Feb 2023 17:28:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 00A6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:51:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
27416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 09:51:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0186 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230206&jk=2427654941527645&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4894759983606832
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/718954/2e96844bde3642fb4544.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af38617c04f5f3e2efda077aba22383396db34ab85b1180bd91cb29454b3ff62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Origin
http://joxi.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49637
x-xss-protection
0
server
cafe
etag
8820095925995761706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 17:28:18 GMT
event
ads.adfox.ru/260971/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=cyz&hash=15993a7c196da42e&duid=1675877297289353531&p5=nfmax&rand=icdtcsg&sj=drvglFdXQZQC9TuaAeqLNpwIS-hRWVKol3ipvF1W8aZ1JuZsYy8OovjSfnxL2g%3D%3D&ad-session-id=5683441675877298030&utg=oxum&lts=flbiile&ytt=58275727147013&ybv=0.718954&ylv=0.718954&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&pr=czafjsr&p1=cusln&rqs=sHPBEUFnxFGy2-NjwxUMaR2Z1v3jSP-Q&p2=gxmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Feb 2023 17:28:18 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
generate_204
tpc.googlesyndication.com/ Frame 00A6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BwE51Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
integrator.js
adservice.google.ca/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=joxi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=joxi.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 17:28:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2B80 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&h=600&slotname=8980172363&adk=2425055050&adf=1671111989&pi=t.ma~as.8980172363&w=240&fwrn=4&fwrnh=100&lmt=1675877298&rafmt=1&format=240x600&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1675877298418&bpp=3&bdt=2780&idt=3&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92a02316d91ea0e1-221f2040eada009a%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_MajcGdbDfMlrvGd8xCV9sv9H5h5zw&gpic=UID%3D000009a6001f4a26%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_Mbl98VNFJY7Kgqtiqh-RU0-07ICIA&prev_fmts=0x0&nras=1&correlator=4483119056919&frm=20&pv=2&ga_vid=2035782986.1675877296&ga_sid=1675877297&ga_hid=1730786353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1345&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44779793&oid=2&pvsid=2427654941527645&tmod=525446157&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=HwjLJZkPxu&p=http%3A//joxi.net&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://joxi.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 17:28:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230206&jk=2427654941527645&bg=!NzSlNGDNAAaq5O5FiuQ7ADkAdvg8Wtq4xz8camLED6HHv8LrOkcp4RI7WL0UE2010UxxjZsfjMqMBAko6XXJq8jhnBGO8X1R4jcCAAAAhlIAAAADaAEHCgBggkhWX0xa5Hsd62CtXrqt0F1OlXfm-OfwueR6qWXouoFSBmASOM38FL-YkLQnagTPxKzJFOZJpIkBBjDiWpX4ob4UlWy2UPPmGSSkEVL1GG0j0ff7qpGdYIuhbXXdH4trmQKoI6EKH0A2-8LhXyeLIUImgQnMQ3KYgBBhBEr4qGDAGvpRyEAkt5ugSpGp3hlI0kKRv_QU-31mr-BU3dPdiCUwFeymqnC9U2-p7NY1tPaSD8jYaCzbZqsXmCy4hgAxLEoJOaSy2UpLwDmMlwLlG8nfzApHbDm9DAC2qI_Z_lRQnoZ1tt2q89UBQqYuXC9PPQfkHGt15nBCE8CP_xg7wiaVIGkAZi3-36d8EpTSHFZNyDGydkEQ0G52mfUCqrq73sZ5qOfjZzSddGj4sTNap2-oEh7i3_M1B19_5cVdvK9VzmnpLREP5-Yqz26vvhCLYkAZ07J3Sw5OEoqimrjrkyNhbxDxLpKlRZDaANYcnXneR_gNMk-1DreT-E09uPinjf9Dfq3qcNJrOmDwJIOY4_c7QLuzTDXWIMmBo4DRxH3fLoKrupwIvwXkRW0qexN0gEne0ErggwqZLlYR8v3n8k8eu13WHLnzpiosJ4RX_uD6AVPr1zvtOXEYvMsqiv1pq13ylP5IcEDUfM0AGbZ308BYHZzLmpAYie8N9lpDlP-7BSo0tZIp14LcIKhRi9mgmoJRWq-05_tana9d4zkbfORMMANLPOmKAOqi8sClCJV81_4c6LJAuwvRkPKEkFWqgLoTfI1shHCwFgdpo-FQTEXSVyz4CXRAUrmUxwSEg-xX8mJvdvwrEBf62GfYwQDozlH5koCSaFGM-0YMLR2ECfrhgQSWhO08ii8xRciZiZ-rX2e2upbbldAWXTNJsFnky2z2iicZp1WHy-rQMaFY2MeYcMp6FbX4_hwsfyonjCDQx2bHEkugX3fMSdcHX_BFeYUj4OjSureD5F6PDjeGuXUgH5dKdkbvTqxA_OFvBBoMiEZWhrPSIrgi4tpRjQTqyey42omuyRrwhi8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
event
ads.adfox.ru/260971/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=cza&hash=1d99d5cc351f7d44&duid=1675877297289353531&p5=nfmax&rand=cnebukw&sj=drvglFdXQZQC9TuaAeqLNpwIS-hRWVKol3ipvF1W8aZ1JuZsYy8OovjSfnxL2g%3D%3D&ad-session-id=5683441675877298030&utg=oxum&lts=flbiile&ytt=58275727147013&ybv=0.718954&ylv=0.718954&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&pr=czafjsr&p1=cusln&rqs=sHPBEUFnxFGy2-NjwxUMaR2Z1v3jSP-Q&p2=gxmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Feb 2023 17:28:19 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
event
ads.adfox.ru/260971/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/260971/event?pm=bmn&hash=4b07386959204677&duid=1675877297289353531&p5=nfmax&rand=gwswdty&sj=drvglFdXQZQC9TuaAeqLNpwIS-hRWVKol3ipvF1W8aZ1JuZsYy8OovjSfnxL2g%3D%3D&ad-session-id=5683441675877298030&utg=oxum&lts=flbiile&ytt=58275727147013&ybv=0.718954&ylv=0.718954&dl=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&pr=czafjsr&p1=cusln&rqs=sHPBEUFnxFGy2-NjwxUMaR2Z1v3jSP-Q&p2=gxmo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://joxi.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 17:28:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 08 Feb 2023 17:28:20 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.pluso.ru
URL
http://x.pluso.ru/pluso-x.js
Domain
adfox-c2s-ams.creativecdn.com
URL
https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Domain
ssp.bidvol.com
URL
https://ssp.bidvol.com/rtb/pl999

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga function| videojs object| vttjs function| VTTRegion function| WebVTT undefined| returnExports function| $ function| jQuery function| ym object| rbConfig string| token object| rsdfhse function| _0x3d188a function| _0x2c58 object| adfoxBiddersMap object| adUnits number| userTimeout function| _0x4903 object| headID object| link object| YaHeaderBiddingSettings object| yaContextCb object| messages object| ZeroClipboard function| initializationBrowser object| jQuery1111029950342753879244 object| joxi function| declOfNum function| ABNS string| ABNSh object| ABNSl object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| Ya object| yaCounter14929090 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| $jscomp number| SesEOa2m2OKxd56JECgK string| rulvW5gntb function| updateRbDisplays function| ABN number| pr number| pos string| k number| v object| e object| b function| cnc object| webpackChunkyandex_pcode object| yaCounter89142389 object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| GoogleGcLKhOms number| google_lpabyc

38 Cookies

Domain/Path Name / Value
joxi.ru/ Name: js
Value: 4eVAWNpIM%2CbMetRNlY0KznzvYNF5w%2CVnTDnsmyfKNQ4Z3bjcEME4mdN2iAkdMjvGh3Z59zJb8neXY-hGP8%2C8N2
joxi.ru/ Name: lunetics_locale
Value: en
joxi.net/ Name: js
Value: cFonuY-om7GV7-doyppaQnUxlHCXAHdLri7I9TsZbIXF3ncLOBPYDkIMJolKBUSLs36WJQWmSL-bzK3jgfR471
joxi.net/ Name: lunetics_locale
Value: en
.joxi.net/ Name: _ga
Value: GA1.2.2035782986.1675877296
.joxi.net/ Name: _gid
Value: GA1.2.112278569.1675877296
.joxi.net/ Name: _gat
Value: 1
.joxi.net/ Name: _ym_uid
Value: 1675877297289353531
.joxi.net/ Name: _ym_d
Value: 1675877297
.joxi.net/ Name: __gads
Value: ID=92a02316d91ea0e1-221f2040eada009a:T=1675877296:RT=1675877296:S=ALNI_MajcGdbDfMlrvGd8xCV9sv9H5h5zw
.joxi.net/ Name: __gpi
Value: UID=000009a6001f4a26:T=1675877296:RT=1675877296:S=ALNI_Mbl98VNFJY7Kgqtiqh-RU0-07ICIA
.yandex.ru/ Name: yashr
Value: 4962999041675877296
mc.yandex.ru/ Name: yabs-sid
Value: 1458114941675877296
.yandex.ru/ Name: i
Value: wa5rLbxLHyd+KTTLJ39l0GsduHxf70if0vFw3xkZaJuDH7FMdnAvdtdZIXjvpRfRLeNBoTS9DwCFz2UAJAthu+O57Xg=
.yandex.ru/ Name: yandexuid
Value: 5891947741675877296
.yandex.ru/ Name: yuidss
Value: 5891947741675877296
.joxi.net/ Name: _ym_isad
Value: 2
.joxi.net/ Name: _ym_visorc
Value: w
.cdn.ftd.agency/ Name: AU
Value: da9d865664bd6ef3
.yandex.ru/ Name: ymex
Value: 1991237296.yrts.1675877296#1991237296.yrtsi.1675877296
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 3671ca85-3537-5327-8d5e-b9b7eebd6206
.betweendigital.com/ Name: ut
Value: Y-PbsQAD79B2c1KEZZ70ofUx-q8AvZwgVUQKDw==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.exchange.buzzoola.com/ Name: uuid
Value: 56c0e1b1-86cc-475a-6b46-e8c8328e4c7d
.kdmttk.com/ Name: sspUid
Value: b919ecea98f6752226ece1ad10ba1ec2
.otm-r.com/ Name: mpid
Value: NjNlM2RiYjEwM2U4YjhiZQ==
.exchange.buzzoola.com/ Name: cookiesyncs
Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDFmPj27EEPgAhHGlHAtLg8orFuo+UN+PUcUa3K6jVv6tE
.adhigh.net/ Name: gi_u
Value: PnDGMOPfPfL.AikABlGGMhItnw
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 405736595fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2768772373fake
.webvisor.org/ Name: yandexuid
Value: 5891947741675877296
.webvisor.org/ Name: yuidss
Value: 5891947741675877296
.webvisor.org/ Name: i
Value: wa5rLbxLHyd+KTTLJ39l0GsduHxf70if0vFw3xkZaJuDH7FMdnAvdtdZIXjvpRfRLeNBoTS9DwCFz2UAJAthu+O57Xg=
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.doubleclick.net/ Name: IDE
Value: AHWqTUkDusPX50zmpFqbMkwUBEgGtEfCRX3uYinWK_EG638qb1Q-w0GYYoyfvZCAkrE

3 Console Messages

Source Level URL
Text
network error URL: http://x.pluso.ru/pluso-x.js
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4894759983606832&output=html&h=600&slotname=8980172363&adk=2425055050&adf=1671111989&pi=t.ma~as.8980172363&w=240&fwrn=4&fwrnh=100&lmt=1675877298&rafmt=1&format=240x600&url=http%3A%2F%2Fjoxi.net%2FV2VwLYJTGWMpKA&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1675877298418&bpp=3&bdt=2780&idt=3&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D92a02316d91ea0e1-221f2040eada009a%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_MajcGdbDfMlrvGd8xCV9sv9H5h5zw&gpic=UID%3D000009a6001f4a26%3AT%3D1675877296%3ART%3D1675877296%3AS%3DALNI_Mbl98VNFJY7Kgqtiqh-RU0-07ICIA&prev_fmts=0x0&nras=1&correlator=4483119056919&frm=20&pv=2&ga_vid=2035782986.1675877296&ga_sid=1675877297&ga_hid=1730786353&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1345&ady=223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44779793&oid=2&pvsid=2427654941527645&tmod=525446157&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=HwjLJZkPxu&p=http%3A//joxi.net&dtd=14
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.digitalcaramel.com
adservice.google.ca
adservice.google.com
cdn.ftd.agency
cdn.joxi.ru
cdn.jsdelivr.net
dl4.joxi.net
exchange.buzzoola.com
googleads.g.doubleclick.net
hbe199.hybrid.ai
joxi.net
joxi.ru
kdmttk.com
matchid.adfox.yandex.ru
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
rotarb.bid
ssp-rtb.sape.ru
ssp.bidvol.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
x.pluso.ru
yandex.ru
yastatic.net
yhb.p.otm-r.com
z.cdn.ftd.agency
adfox-c2s-ams.creativecdn.com
ssp.bidvol.com
x.pluso.ru
167.235.33.114
176.9.162.201
176.9.162.204
176.9.162.205
193.232.150.43
193.3.184.201
194.55.244.183
2606:4700::6810:5914
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c1b::63
2607:f8b0:4004:c1b::84
2607:f8b0:4004:c1b::9c
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::200e
2a00:1148:db00::17
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8:a::a
31.220.27.134
37.18.16.6
37.48.117.210
46.4.104.244
78.47.21.152
80.239.201.54
88.99.234.26
96.46.183.20
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0c9602e28e329b6eedd9809e6f54e948aae2a495ac54a63767b5f6a892bead52
0d823f9a25aa02ed0eecab9de11119de22dacd5aa2107cf45b15fe0ce15b4b0e
0ff196c9d9258507ab91d23671e4b07818fabdfe1167056787bf5b721fe3799e
13595fec98790a573137335e23ead84834ce336edc309a2c57b56783f3211eb0
14eb37ff053f47cee65b5767a92f9fca2d79ca319e42e65e66a359bbb307c87a
231e7a429d67f3e1dae41d012960b37101dcaedb2305f24ff37cd1b8a9b3b1c2
29e2c9d0d5b9b434f5c58515bc373167c3cd8a7f12f4859a462e9c3fb0ff437d
3210a53d9504c76e9131749f841004809098b7316aaa8da12d371bda7dddf950
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3b3e5c4826dc9f7f5fd2137eaf0f57ca00c3173213aec27142b0bb51608207f6
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
447e8bd8faf1296d6113dc1b02a9adf1d20564618b7593409f1ba8234a11ee63
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cb213a2a3cc2a8de0b2421cb14d29b0fe13b228dfef0327121ac1622ba8df4
5870f1aa4ffa0224b3e534a97a00edeeb5681d6220788babdd5cb1141ea64739
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59d03afb04958ebbceaae1fb0d39439835b625e9aad2151ca01d4e82733f2f44
5f2cc4c7f25f8b82c96d4e44105c5288133fdb3c3c75751d2993eafec8a3847a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6344718a67ed4427607fc3163e1af2a302b22bc9164c138e9950e9c47ad59dd4
64c7beb738149f41a4ed17fba4fb1218361b4c5bc0a6b0fa6a54a399b52de874
65cf438443f9a4aaba6805302a8487c61a4c46c28b6994900c69fa9a5999b649
66028bdf106e9d9a5be6200c370f79f276738ea78fb24c002c214ad449a809ac
677a116bab2c7a9f731a136d5be9a66bb60a3f2bf98496ae6a669f22f45aff95
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b5be1373fac573691c1b35a3766aa4e9c024a0d77664ac1934a3fffb0089e52
7ddf2bfbac37620db215b2ef833b10ca654424297afffc037f7db9c7cb972301
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d2d80b4c7f9f92b0b5abfe0ae5ca1bd26b8d940c693854151f44ec896f10ec
87114e0ae8cc1d1f588fe2d54adef6cbae7d5196e6886be76b703e34570df18d
8bc5e5b75c9bcb2488222f4c21d69a240738bb48b4fba59f2d0d1a5a443cb30a
93c07ea435a1e59453a46241b908ca43d071c6a9cb810a4b6ba6dc92df4e77aa
972890fe5871b9d2e69441758d7f4fdc0f2c343e1c46d09d0f88fa250b5c6b26
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa953da28d2a4b3dc7112246da6e32a8aea3482ba57578f8428e325e3d5958a2
ae8e3b8884ea2187c24a5cac8c855dacdb159439e3cefec2fd5d8c8d953dfab9
af38617c04f5f3e2efda077aba22383396db34ab85b1180bd91cb29454b3ff62
b16c52edca6da03f0e8d51d188b34ed03f4b29de7b7e09e08b5f4b7f0b25bbca
b3aa5d847dd7a9e291a4fcdd26d5fca89f59cd9f9b8e2e5a7761cad0bad8815c
b86b29f13ca937b3a0f884eea766b082d994c125820f0835fea7dcf117ae4b63
b94cca07fdf39214a885812d5c0cf5bc370499e17f4d94ddfc4728d4dcf1ef47
c49511af4f4a02ddfe9856512a215c88dc38d0a5a298c09ffab127957ec0c6f3
c5c661ed9117d3bfaa1270862ea0e61184a85d076ca95d1bb2d0b15bb5d3dd71
ca12d80db5ffac0ef34023dab8d59ef25777305da393294cc78161ad7e058bf3
d506d736956ae463d7d2c5896d2ea92232aa2006c42e1c185cedc99d8d775d87
d721c430ddd91cbf2aa9f63dbf7f9476c2f284a235fc6cc3ab844f5cb5d159ae
db0f15886d3b483b30b77a2eb1d1aea7bd883d893a0e3bb28d9ff115bf46a881
dc94adb312d39ae2244890a81c02347aa21e762d890980db6737f3e0756ec140
e1ab25ad530de520093017f5275ad7c65b239a3cb334b2e4b45754fac7b6baab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9ce646449261e54f279bbecaed5a73761c66f2bb35f5ded47097d65a03acba
f42c1b77a49ae051875683bf30108e84890646b9085ca180a3e142d70be052a8
f607b1477ebae1c118de82367ea4a8b04ae29cf48a03f12b1fbb1646007bbe88
fb424f758b24862fb8c20d09d150050cf89163a33a86b4926292674e7a093fba