www.cyberforum.ru Open in urlscan Pro
178.208.71.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cyberforum.ru/powershell/thread2416870.html
Submission: On March 18 via api (March 18th 2022, 1:16:14 pm UTC) from RU — Scanned from DE

Summary HTTP 233 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 54 domains to perform 233 HTTP transactions. The main IP is 178.208.71.14, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is www.cyberforum.ru. The Cisco Umbrella rank of the primary domain is 390733.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 18th 2022. Valid for: a year.

This is the only time www.cyberforum.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	178.208.71.14 178.208.71.14	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
27	178.208.69.121 178.208.69.121	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	18.66.139.54 18.66.139.54	16509 (AMAZON-02) (AMAZON-02)
6 18	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	2606:4700:303... 2606:4700:3034::ac43:97ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:e1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.67.59.158 45.67.59.158	198610 (BEGET-AS) (BEGET-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 18	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3 7	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
2	193.200.65.18 193.200.65.18	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3	35.157.180.254 35.157.180.254	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:7200:5:3aaa:f40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3035::ac43:dac6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	193.200.65.146 193.200.65.146	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 11	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	45.80.71.141 45.80.71.141	198610 (BEGET-AS) (BEGET-AS)
3 23	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	94.130.13.220 94.130.13.220	24940 (HETZNER-AS) (HETZNER-AS)
7 20	193.200.65.147 193.200.65.147	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
5 6	188.42.29.165 188.42.29.165	7979 (SERVERS-COM) (SERVERS-COM)
3 3	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1 4	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2606:4700:10:... 2606:4700:10::ac43:2ac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.40.155.13 185.40.155.13	21030 (CDNNOW-AS) (CDNNOW-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
23	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
2	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
2	45.141.78.48 45.141.78.48	198610 (BEGET-AS) (BEGET-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
3 3	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
2	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
2 2	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	91.192.149.14 91.192.149.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	52.212.153.175 52.212.153.175	16509 (AMAZON-02) (AMAZON-02)
2	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
6 6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	81.163.17.245 81.163.17.245	49505 (SELECTEL) (SELECTEL)
2 2	217.66.147.167 217.66.147.167	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	193.232.150.46 193.232.150.46	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
3	18.66.97.70 18.66.97.70	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
233	50

1 178.208.71.14 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: cyber.deserv.net

www.cyberforum.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 178.208.69.121 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: mensa.deserv.net

cyberstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.139.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-54.fra60.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8:a::a (Moscow, Russian Federation) 6 redirects

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:97ef (United States)

ASN13335 (CLOUDFLARENET, US)

edgrmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:e1e (United States)

ASN13335 (CLOUDFLARENET, US)

vak345.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.67.59.158 (Russian Federation)

ASN198610 (BEGET-AS, RU)

s1.marketplacepro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 88.212.201.210 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro

portoteamo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.180.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-180-254.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7200:5:3aaa:f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::ac43:dac6 (United States)

ASN13335 (CLOUDFLARENET, US)

videotoday.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 193.200.65.146 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

logger.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l2.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.80.71.141 (Russian Federation)

ASN198610 (BEGET-AS, RU)

statika.mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.13.220 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 193.200.65.147 (Amsterdam, Netherlands) 7 redirects

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

code.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.29.165 (Luxembourg) 5 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.65.2.150 (Moscow, Russian Federation) 3 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)

sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.40.155.13 (Russian Federation)

ASN21030 (CDNNOW-AS, RU)

user91471.clients-cdnnow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.141.78.48 (Russian Federation)

ASN198610 (BEGET-AS, RU)

stats.mpsuadv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.217.86.150 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.214 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.146 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Redkino, Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Redkino, Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.153.175 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-153-175.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.138.28 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.237.106 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.167 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-167-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.46 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp19.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-70.fra56.r.cloudfront.net

intelaxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.114.109 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	yandex.ru 7 redirects yandex.ru — Cisco Umbrella Rank: 1397 mc.yandex.ru — Cisco Umbrella Rank: 2926 an.yandex.ru — Cisco Umbrella Rank: 2490 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 23590 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 25929	465 KB
29	moviead55.ru 7 redirects logger.moviead55.ru — Cisco Umbrella Rank: 115446 code.moviead55.ru — Cisco Umbrella Rank: 118338 l2.moviead55.ru — Cisco Umbrella Rank: 205928	8 KB
27	cyberstatic.net cyberstatic.net	78 KB
18	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	6 KB
18	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 2215 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2029 clients1.google.com — Cisco Umbrella Rank: 386	251 KB
13	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 176 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	7 KB
13	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 6293	310 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6433	885 B
7	yadro.ru 3 redirects counter.yadro.ru — Cisco Umbrella Rank: 7964	5 KB
7	yandex.net site.yandex.net — Cisco Umbrella Rank: 104862 avatars.mds.yandex.net — Cisco Umbrella Rank: 7459	127 KB
6	betweendigital.com 5 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1509	4 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	103 KB
6	videotoday.site videotoday.site	22 KB
5	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 29505 dm.hybrid.ai — Cisco Umbrella Rank: 21464	1 KB
4	gstatic.com fonts.gstatic.com	191 KB
4	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3131	923 B
4	mpsuadv.ru statika.mpsuadv.ru — Cisco Umbrella Rank: 410234 stats.mpsuadv.ru — Cisco Umbrella Rank: 223400	2 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35	60 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 101	16 KB
3	intelaxa.com intelaxa.com	23 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 27973 tech.rtb.mts.ru — Cisco Umbrella Rank: 28592	2 KB
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 30766 e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com	2 KB
3	clients-cdnnow.ru user91471.clients-cdnnow.ru — Cisco Umbrella Rank: 170363	155 KB
3	quantumdex.io sync.quantumdex.io — Cisco Umbrella Rank: 3073
3	new-programmatic.com 3 redirects match.new-programmatic.com — Cisco Umbrella Rank: 35379	849 B
3	buzzoola.com 3 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 21041	564 B
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	277 KB
3	pubguru.net a3.pubguru.net — Cisco Umbrella Rank: 17828	785 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 11171	812 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 8470	496 B
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 9987	1019 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13774	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 65194 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 65589	521 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 23259	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 12564	402 B
2	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 55194	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	portoteamo.com portoteamo.com	51 KB
2	vak345.com vak345.com — Cisco Umbrella Rank: 144904	10 KB
2	m2.ai m2d.m2.ai — Cisco Umbrella Rank: 17242	188 KB
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 2702	390 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 26416	785 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 4149	410 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 67325	386 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 22109	244 B
1	magnitent.com sync.magnitent.com — Cisco Umbrella Rank: 210236	676 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 157566	335 B
1	acint.net www.acint.net — Cisco Umbrella Rank: 33498 Failed acint.net Failed	254 B
1	pubguru.com cdn.pubguru.com — Cisco Umbrella Rank: 24285	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	36 KB
1	marketplacepro.ru s1.marketplacepro.ru — Cisco Umbrella Rank: 719667	78 KB
1	edgrmtracking.com edgrmtracking.com — Cisco Umbrella Rank: 192772	6 KB
1	cyberforum.ru www.cyberforum.ru — Cisco Umbrella Rank: 390733	12 KB
233	54

	Domain	Requested by
27	cyberstatic.net	www.cyberforum.ru
23	an.yandex.ru	yandex.ru www.cyberforum.ru
20	code.moviead55.ru	7 redirects videotoday.site user91471.clients-cdnnow.ru
18	mc.yandex.com	2 redirects mc.yandex.ru www.cyberforum.ru videotoday.site
18	yandex.ru	6 redirects www.cyberforum.ru yandex.ru yastatic.net
13	yastatic.net	1 redirects www.cyberforum.ru site.yandex.net yandex.ru yastatic.net
11	www.google.com	2 redirects cse.google.com www.cyberforum.ru
7	www.google.de	www.cyberforum.ru
7	l2.moviead55.ru	videotoday.site
7	counter.yadro.ru	3 redirects www.cyberforum.ru videotoday.site
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	cm.g.doubleclick.net	6 redirects
6	ads.betweendigital.com	5 redirects www.cyberforum.ru
6	cdnjs.cloudflare.com	videotoday.site
6	videotoday.site	vak345.com videotoday.site
5	mc.yandex.ru	1 redirects www.cyberforum.ru yandex.ru videotoday.site yastatic.net
5	site.yandex.net	www.cyberforum.ru site.yandex.net
4	fonts.gstatic.com	fonts.googleapis.com
4	s.uuidksinc.net	1 redirects videotoday.site
4	fundingchoicesmessages.google.com	cdn.pubguru.com
3	www.googleadservices.com	2 redirects yastatic.net
3	intelaxa.com	www.cyberforum.ru yastatic.net
3	user91471.clients-cdnnow.ru	videotoday.site
3	sync.quantumdex.io	videotoday.site
3	match.new-programmatic.com	3 redirects
3	dm-eu.hybrid.ai	videotoday.site
3	exchange.buzzoola.com	3 redirects
3	cdn.jsdelivr.net	videotoday.site
3	a3.pubguru.net	m2d.m2.ai
3	ajax.googleapis.com	www.cyberforum.ru
2	px.adhigh.net	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	dm.hybrid.ai	www.cyberforum.ru
2	dpm.demdex.net	1 redirects www.cyberforum.ru
2	redirect.frontend.weborama.fr	2 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	ssp.adriver.ru	www.cyberforum.ru
2	sonar.semantiqo.com	2 redirects
2	stats.mpsuadv.ru	s1.marketplacepro.ru
2	avatars.mds.yandex.net	www.cyberforum.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	statika.mpsuadv.ru	s1.marketplacepro.ru
2	logger.moviead55.ru	www.cyberforum.ru
2	portoteamo.com	www.cyberforum.ru portoteamo.com
2	cse.google.com	www.cyberforum.ru www.google.com
2	vak345.com	www.cyberforum.ru
2	m2d.m2.ai	www.cyberforum.ru m2d.m2.ai
1	matchid.adfox.yandex.ru	yastatic.net
1	fonts.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	sync.bumlam.com	www.cyberforum.ru
1	tech.rtb.mts.ru	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	t.adx.opera.com	www.cyberforum.ru
1	e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.magnitent.com	www.cyberforum.ru
1	cdn3.caltat.com	1 redirects
1	ysa-static.passport.yandex.ru	www.cyberforum.ru
1	clients1.google.com	www.cyberforum.ru
1	www.acint.net	videotoday.site
1	cdn.pubguru.com	m2d.m2.ai
1	www.googletagmanager.com	www.cyberforum.ru
1	s1.marketplacepro.ru	www.cyberforum.ru
1	edgrmtracking.com	www.cyberforum.ru
1	www.cyberforum.ru
0	acint.net Failed	www.cyberforum.ru videotoday.site
233	73

This site contains links to these domains. Also see Links.

Domain
vk.com
connect.ok.ru
edgrmtracking.com
edugrampromo.com
market-place.su

Subject Issuer	Validity	Valid
cyberforum.ru Sectigo RSA Domain Validation Secure Server CA	`2022-01-18` - `2023-02-17`	a year	crt.sh
cyberstatic.net Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.m2.ai Amazon	`2021-11-08` - `2022-12-07`	a year	crt.sh
yandex.ru Yandex CA	`2022-02-17` - `2022-08-16`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
s1.marketplacepro.ru R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.yastatic.net Yandex CA	`2022-01-22` - `2022-07-23`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
portoteamo.com R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.pubguru.net Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.moviead55.ru R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
statika.mpsuadv.ru R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.clients-cdnnow.ru Sectigo RSA Domain Validation Secure Server CA	`2022-02-02` - `2023-03-05`	a year	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2022-02-09` - `2022-08-10`	6 months	crt.sh
stats.mpsuadv.ru R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.bumlam.com R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
intelaxa.com Amazon	`2021-12-06` - `2023-01-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.cyberforum.ru/powershell/thread2416870.html
Frame ID: 4243B3E8C8AF5DE1F93B809327AED0E3
Requests: 115 HTTP requests in this frame

Frame: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Frame ID: B08575AD958C0145E333B85052E8DC47
Requests: 66 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 222FBE8FB8747E3DFA0918E9C30EA1CB
Requests: 50 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: EE6D9E0B3467D4CED4AE9ECB1BE31094
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: A20E9823904431C579C6097CC78CA0D2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Авторизация на сайте и ввод данных в поля - PowerShell - Киберфорумпоиск

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

233
Requests

79 %
HTTPS

40 %
IPv6

54
Domains

73
Subdomains

50
IPs

9
Countries

2506 kB
Transfer

7328 kB
Size

85
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/share.php?url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&title=%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&image=%2F%2Fcyberstatic.net%2Fimages%2Fcyberforum_logo.png&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&title=%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&imageUrl=%2F%2Fcyberstatic.net%2Fimages%2Fcyberforum_logo.png&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://edgrmtracking.com/?rid=01487a71a39c2542&promo=1

Search URL Search Domain Scan URL

URL: https://edugrampromo.com/unreg-order?rid=07975d0f191f7a31
Title: здесь

Search URL Search Domain Scan URL

URL: https://market-place.su/?utm_source=combo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://counter.yadro.ru/hit?t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20%u0441%u0430%u0439%u0442%u0435%20%u0438%20%u0432%u0432%u043E%u0434%20%u0434%u0430%u043D%u043D%u044B%u0445%20%u0432%20%u043F%u043E%u043B%u044F%20-%20PowerShell%20-%20%u041A%u0438%u0431%u0435%u0440%u0444%u043E%u0440%u0443%u043C;0.46804827315665 HTTP 302
https://counter.yadro.ru/hit?q;t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20%u0441%u0430%u0439%u0442%u0435%20%u0438%20%u0432%u0432%u043E%u0434%20%u0434%u0430%u043D%u043D%u044B%u0445%20%u0432%20%u043F%u043E%u043B%u044F%20-%20PowerShell%20-%20%u041A%u0438%u0431%u0435%u0440%u0444%u043E%u0440%u0443%u043C;0.46804827315665

Request Chain 73

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D HTTP 301
https://code.moviead55.ru/bzcookiesync.php?bzcookie=df30d526-e131-482f-460b-481b0268369e

Request Chain 75

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

Request Chain 76

https://code.moviead55.ru/cookieinit_sape.php HTTP 302
https://www.acint.net/rmatch?dp=167&euid=9bea2a59-13a1-470f-8eff-cc650172356e&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D

Request Chain 77

https://code.moviead55.ru/cookieinit_target.php HTTP 302
https://match.new-programmatic.com/userbind?src=skyadvert&id=5fcfa9d5-5d39-4e6e-9ef3-94eb787d83de HTTP 302
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

Request Chain 78

https://code.moviead55.ru/cookieinit_kadam.php HTTP 302
https://s.uuidksinc.net/match/1062/?remote_uid=f36d6309-6715-4a79-b2e2-a06b12fe974a

Request Chain 99

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 108

https://counter.yadro.ru/hit?t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html;h;0.5434669344090224 HTTP 302
https://counter.yadro.ru/hit?q;t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html;h;0.5434669344090224

Request Chain 120

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1199169431527%3Ahid%3A617614489%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A1051073129%3Arqn%3A1%3Au%3A1647609370473619981%3Aw%3A400x225%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609368931%3Ads%3A10%2C34%2C45%2C1%2C0%2C0%2C%2C463%2C0%2C%2C%2C%2C554%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647609370%3At%3A&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1199169431527%3Ahid%3A617614489%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A1051073129%3Arqn%3A1%3Au%3A1647609370473619981%3Aw%3A400x225%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609368931%3Ads%3A10%2C34%2C45%2C1%2C0%2C0%2C%2C463%2C0%2C%2C%2C%2C554%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647609370%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 122

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=4B9CAB1AACCD6C18&sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8 HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=1e2b8513235e4b468473a052ff2c6749&sonar=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v=

Request Chain 124

https://dmg.digitaltarget.ru/1/119/i/i?i=1647609369 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1647609369 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/0m1q9JSnqIG4W0-7lm9P

Request Chain 125

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/_f5K3YeEKEZm?sign=3871716196

Request Chain 126

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/ewj3wF073Lnl

Request Chain 127

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/FU91tK1NRyCGAUWQHmEv1Q?sign=668985803

Request Chain 128

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/939a5e80-a6bd-11ec-8677-901b0e934d81?sign=3394633161

Request Chain 129

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1877320107 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/rQUo5NVsKGchSygT.flsWe

Request Chain 130

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 131

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=B403B0E5D6BAC8DB HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=B403B0E5D6BAC8DB

Request Chain 133

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/9828cd493a95a81a1bdb6e774f8aee9c4fc1d28b51bcefa1a974a29c2950177a

Request Chain 134

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/e1ead2d8-6e92-4375-ae40-8e87cbdcd93b

Request Chain 135

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 136

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 137

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 138

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=12BD400D40F27869

Request Chain 139

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=57380F3CCB65C4F8

Request Chain 141

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
https://an.yandex.ru/mapuid/qbitis/f590139d-733f-4d9d-93ff-1f9af5c4f715

Request Chain 142

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/eddc8351-5af9-514d-8568-6f86e75ce99f

Request Chain 143

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=7ebe3757-739e-4436-b624-ed891d0d558c&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F7ebe3757-739e-4436-b624-ed891d0d558c HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/7ebe3757-739e-4436-b624-ed891d0d558c

Request Chain 147

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/7IxeoKYAbi76h2oDnz8O

Request Chain 148

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/73yJEhhZLrG.AikABlF_nSvWAA

Request Chain 150

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9581.9Q3AmYDBplFu0diikpxlg4oWA7QWciwiKBjtS6PS2RGWlakVKaFpA8Avrv7xYuqX.kyYqj_zQQk9m9eJz6-J6XrV5o7Q%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9581.AdIIcqauPlQCTjs0yiNR2qe7feC2J6AqODz9pc7RZV04xZhWqPJextjNt-Boiu6ZHcCN5dbt_m1-wg_I1Z8qiHySO_67R-Ria1SvQCm9fIM%2C.qp1uTBXzePgDaGnn5uhkpxBlkGk%2C

Request Chain 188

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D HTTP 301
https://code.moviead55.ru/bzcookiesync.php?bzcookie=8dfe80b5-2813-460e-629d-31d2dd47f329

Request Chain 190

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D HTTP 302
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

Request Chain 191

https://code.moviead55.ru/cookieinit_sape.php HTTP 302
https://www.acint.net/rmatch?dp=167&euid=c6dd1c5c-9cbe-4f2c-ae57-3690a95c8920&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=c6dd1c5c-9cbe-4f2c-ae57-3690a95c8920 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fcookiesync_sape.php%253Fsapecookie%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=0100007F1B8634621B00757B02473D4A&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D$%7BUSER_ID%7D

Request Chain 192

https://code.moviead55.ru/cookieinit_target.php HTTP 302
https://match.new-programmatic.com/userbind?src=skyadvert&id=e6775b26-d375-47c7-a394-f5476ab4f611 HTTP 302
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

Request Chain 193

https://code.moviead55.ru/cookieinit_kadam.php HTTP 302
https://s.uuidksinc.net/match/1062/?remote_uid=d76ae845-b340-4d55-8e98-ef7eb0625684

Request Chain 200

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G4Y0Yq3THtikbNDAiIgF&random=578294954&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538&ipr=y

Request Chain 201

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G4Y0Yv7WHtWDbLrMqsAN&random=601357100&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400&ipr=y

Request Chain 227

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D HTTP 301
https://code.moviead55.ru/bzcookiesync.php?bzcookie=e90b19af-eae1-4410-4103-67d57e2e7ff0

Request Chain 229

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D HTTP 302
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

Request Chain 230

https://code.moviead55.ru/cookieinit_sape.php HTTP 302
https://www.acint.net/rmatch?dp=167&euid=66c3ceea-1b66-429e-a7ff-9c2fccb53ba1&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D HTTP 302
https://code.moviead55.ru/cookiesync_sape.php?sapecookie=0100007F1B863462400072BC02F1D72E

Request Chain 231

https://code.moviead55.ru/cookieinit_target.php HTTP 302
https://match.new-programmatic.com/userbind?src=skyadvert&id=f1f9955b-118f-43e7-9dd5-3ace2ccc67b8 HTTP 302
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

Request Chain 232

https://code.moviead55.ru/cookieinit_kadam.php HTTP 302
https://s.uuidksinc.net/match/1062/?remote_uid=b905876c-6edf-44d4-93e4-c6e8e075c4a5

233 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request thread2416870.html Show response
www.cyberforum.ru/powershell/ 48 KB
12 KB 486ms
285ms Document
text/html 178.208.71.14
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.208.71.14 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

cyber.deserv.net

Software

ddos-guard / PHP/5.6.31

Resource Hash

97c19d18d31ea99bd60e9d9519d07577f70ec6aaefbb63c4de43804f1cd11249

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: ddos-guard
date: Fri, 18 Mar 2022 13:16:08 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.6.31
cache-control: private
pragma: private
x-frame-options: SAMEORIGIN
content-encoding: gzip

GET
H2 200 cyberforum.css
cyberstatic.net/clientscript/vbulletin_css/ 13 KB
3 KB 147ms
45ms Stylesheet
text/css 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_css/cyberforum.css
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: e4f4fc8a884570ca129eba39c4a1061ffb3d6d868693f1498abe4a191eaf83d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 18:06:23 GMT
server: nginx
etag: W/"6160889f-333f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 vbulletin_important.css
cyberstatic.net/clientscript/ 2 KB
723 B 147ms
46ms Stylesheet
text/css 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_important.css
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: cc61c44a97e0a7d64a8a1f791a518903f1f9f075fa802590e46b13175f51ae8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:37 GMT
server: nginx
etag: W/"59eb8a19-67b"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 yahoo-dom-event.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/ 37 KB
13 KB 169ms
85ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yahoo-dom-event/yahoo-dom-event.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 00:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 479477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13289
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 00:04:51 GMT

GET
H2 200 connection-min.js Show response
ajax.googleapis.com/ajax/libs/yui/2.9.0/build/connection/ 13 KB
14 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/connection/connection-min.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 02:23:33 GMT
x-content-type-options: nosniff
age: 298355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13257
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 02:23:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 129ms
46ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 18:46:16 GMT

GET
H2 200 jquery.browser.min.js Show response
cyberstatic.net/clientscript/custom/ 1 KB
705 B 191ms
90ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/custom/jquery.browser.min.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 1b2113191e228a2c56eb76957a87c565f375f0fdaa5fd606a03b7723054d98cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:39 GMT
server: nginx
etag: W/"59eb8a1b-4db"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_global.js Show response
cyberstatic.net/clientscript/ 25 KB
8 KB 194ms
93ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_global.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 872d751d8312e0c745053ce5ef4f60a8e4c91475147341adca71f48d17d6d7b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Tue, 03 Jul 2018 11:56:09 GMT
server: nginx
etag: W/"5b3b6459-6248"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_menu.js Show response
cyberstatic.net/clientscript/ 17 KB
5 KB 195ms
94ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_menu.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 45a81fb6dc99a3b2e0e03ed11f1661f189f705ced277866f1a8b02916f27e172

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:37 GMT
server: nginx
etag: W/"59eb8a19-4374"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_vbpost.js Show response
cyberstatic.net/clientscript/ 3 KB
1 KB 194ms
94ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_vbpost.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: b4e9ccfcb7d5ca026a1262a7075b7e6e6f30446fb8fc35205fe6edfa6f5a9b5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:39 GMT
server: nginx
etag: W/"59eb8a1b-c4a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_post_loader.js Show response
cyberstatic.net/clientscript/ 4 KB
1 KB 191ms
91ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_post_loader.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: c25f3f18658ceca1cc19c38d7e1ce8db3a148d2b69c65c2dbda0062ce4b93d03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:38 GMT
server: nginx
etag: W/"59eb8a1a-e04"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_md5.js Show response
cyberstatic.net/clientscript/ 10 KB
3 KB 194ms
94ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_md5.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: f4ad7c81a625a0702dcdd837b046d8c5950d51ccad59e12b6d729ba758b2e1a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:37 GMT
server: nginx
etag: W/"59eb8a19-2700"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 geshi.css
cyberstatic.net/clientscript/vbulletin_css/ 118 KB
15 KB 189ms
89ms Stylesheet
text/css 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_css/geshi.css
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: f032a18f7c04f76defc8384f928121cfc7d50efedc2d0bf710eca5504fc5dc18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 10:33:15 GMT
server: nginx
etag: W/"60474eeb-1d768"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 spoiler.css
cyberstatic.net/clientscript/vbulletin_css/ 798 B
510 B 190ms
90ms Stylesheet
text/css 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_css/spoiler.css
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 27f28f040d744fd271be425ee09bf36026eeec1cdca6d6889b672f0050b8c988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:41 GMT
server: nginx
etag: W/"59eb8a1d-31e"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 pg.cyberforum.thread.js Show response
m2d.m2.ai/ 19 KB
7 KB 44ms
9ms Script
application/javascript 18.66.139.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.cyberforum.thread.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34222bb7f979d6657019ae037337c08ff12dabb33062ca316447c55daa54c27c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:15:32 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 23:57:05 GMT
server: AmazonS3
age: 37
etag: W/"cad49510a97ff0569977af00d5e9f514"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: it_VOw8_CsQNSeX8WsdyGSVOFCGegpe_l6Q95YzUBElvIxcd5rSnnA==

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 264 KB
73 KB 114ms
40ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d6ac1f3b7e918bc6cb195a1e75204ff550438e4842ee13414407214b4206be79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1647609368751412-2799993636972334657-man1-8149-man-l7-balancer-8080-BAL-1112
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 18 Mar 2022 14:16:08 GMT

GET
H2 200 button_02.png
edgrmtracking.com/assets/img/partners/promo/a24/ 5 KB
6 KB 74ms
20ms Image
image/png 2606:4700:3034::ac43:97ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edgrmtracking.com/assets/img/partners/promo/a24/button_02.png
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:97ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8333680a413d15a5a62f6ce4cc1fa2f7e7441be9be7902ad2d8694ac6adda583

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5317
last-modified: Mon, 25 Dec 2017 09:21:40 GMT
server: cloudflare
etag: "5a40c324-14c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cefm4Z9aB2mJxrSX5SqvKPZqXAl0lE%2BRt42oAVuGUFgrr7hUpGT3sR2SOKmrxV%2BDW9ZDRz%2FX1qg1fFluMt6bUdYeT2m9NLgxv%2BXue8WnCSsUdA7rPh%2FUir1efERlAHNRhMWYauXst2XF50VxnUM0Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ede3dba786d90dc-FRA

GET
H2 200 s.js Show response
vak345.com/ 3 KB
2 KB 81ms
39ms Script
text/javascript 2606:4700:3035::6815:e1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/s.js?v=8d94458a2b7741a172956c4b6a86f3a7
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1dd01f7c92174e4a7c827828e9b37ead5da3097e2dd82e248648cb236e32c2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFNR5gvsPl2aTw78T3b59b7kBuwPfFDV5Zg2f0KCXF8WXLrRuaYk8b4f1uZN3Nq16qawBz%2F%2FakvWfcVs2p1QTE0egEfr4DRoahN0%2Bx6GmPOn4hhzBy9EVLL0Wq31e9II3Y7PxEfN0X5y"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-movieads-country: DE
cf-ray: 6ede3dba6b5e9a18-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tick.png
cyberstatic.net/images/misc/ 285 B
405 B 47ms
44ms Image
image/png 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/misc/tick.png
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: c840f8dcafc53324267c96f7268889f3a52f5630bcdb17ab66baa9d92e788e4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:32 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d168-11d"
content-length: 285
content-type: image/png

GET
H2 200 vbulletin_lightbox.js Show response
cyberstatic.net/clientscript/ 21 KB
6 KB 49ms
49ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_lightbox.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 473989572be7cf8d9ffef442f7113355e38cc1af23571c534a7d41007c545ba7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:37 GMT
server: nginx
etag: W/"59eb8a19-558c"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK banners.js Show response
s1.marketplacepro.ru/lib/custom/ 78 KB
78 KB 235ms
93ms Script
application/javascript 45.67.59.158
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.marketplacepro.ru/lib/custom/banners.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.67.59.158 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 7e2a6e19a4be1a244d2e9577de74c7ef49e90567b554ac3b7aebabc23e5cf983

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:08 GMT
Last-Modified: Fri, 18 Mar 2022 12:43:04 GMT
Server: nginx/1.14.1
ETag: "62347e58-13875"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79989

GET
H2 200 addedit.js Show response
cyberstatic.net/clientscript/kr_scripts/tests/ 39 KB
6 KB 48ms
46ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/kr_scripts/tests/addedit.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 43f67cee90d69b2ceb8944ab3d3106abda2e40a33a324ab4ce1ef828ec2ae4a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:44 GMT
server: nginx
etag: W/"59eb8a20-9af5"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bestanswer.js Show response
cyberstatic.net/clientscript/kr_scripts/bestanswer/ 10 KB
2 KB 48ms
46ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/kr_scripts/bestanswer/bestanswer.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: b27f8c0281546dbd8050053a7d6971ab660d7aeb0c93f00ac2b06c9a48bfa601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:43 GMT
server: nginx
etag: W/"59eb8a1f-2984"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 thumbs.css
cyberstatic.net/clientscript/kr_scripts/thumbsup/ 3 KB
836 B 47ms
45ms Stylesheet
text/css 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/kr_scripts/thumbsup/thumbs.css
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 1b82b243f5e7f2c56730773716844b1a275f10bbc8b66d4285aad996f675bf9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 21:19:50 GMT
server: nginx
etag: W/"59ebb9f6-cd2"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 thumbsup.js Show response
cyberstatic.net/clientscript/kr_scripts/thumbsup/ 18 KB
3 KB 49ms
47ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/kr_scripts/thumbsup/thumbsup.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: c7e70d434e17a158fe1bf1ff44515243cb0eb2cda8d6b72ee956a17a31505607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:45 GMT
server: nginx
etag: W/"59eb8a21-494d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 vbulletin_autosave.js Show response
cyberstatic.net/clientscript/ 5 KB
2 KB 49ms
47ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/vbulletin_autosave.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: e49621b25309592564baae61844a761a674d07b48292ec57ac6bfe27afa4eb49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:36 GMT
server: nginx
etag: W/"59eb8a18-1335"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 CtrlPagenav.js Show response
cyberstatic.net/clientscript/custom/ 2 KB
859 B 49ms
47ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/custom/CtrlPagenav.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 2e91fefb7391b9e6e5e1c9cdf691630ae6f51a0006fb5a8f5b887dc896f8db5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 11:53:02 GMT
server: nginx
etag: W/"5dc1629e-658"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 spoiler.js Show response
cyberstatic.net/clientscript/custom/ 365 B
354 B 49ms
47ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/custom/spoiler.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 187a7f45f8a6233d976c52fbb67c680381efbf6d81e06b4cab4115d1e5f4b064

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 11:53:40 GMT
server: nginx
etag: W/"5dc162c4-16d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 topbutton.js Show response
cyberstatic.net/clientscript/custom/ 1 KB
848 B 49ms
48ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/custom/topbutton.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 7ffd852e45f9eafb24080a731d4e8c9ffdfffd23498266f8be0e0433df747ba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:39 GMT
server: nginx
etag: W/"59eb8a1b-5cd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sorttable.js Show response
cyberstatic.net/clientscript/ 7 KB
3 KB 49ms
48ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/sorttable.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: b271a70ce1ba380a80c924c6435b3e77c03408cd4d4a7389928970f7658d962a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2017 17:55:35 GMT
server: nginx
etag: W/"59eb8a17-1b5d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 selectcode.js Show response
cyberstatic.net/clientscript/custom/ 1 KB
707 B 50ms
48ms Script
application/javascript 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberstatic.net/clientscript/custom/selectcode.js
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: ac3b6b4d0377c3efbbed06d70c8c1c9bf1a6f5e48118fd4a688d1619fea13f39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
last-modified: Tue, 19 May 2020 18:00:53 GMT
server: nginx
etag: W/"5ec41ed5-58d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 140ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-595018-2

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8b47e4a13385866c85139b480b5c9a51ad44f5b82662afbadded93f0498df05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36815
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 13:16:08 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 143 KB
38 KB 97ms
30ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

553f8aabc850b35ffd002398ccef7666d3f015f4015cb2fdb91db41f41043bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 11:43:04 GMT
server: nginx/1.17.9
etag: W/"d1f50e7764e147ede58b5f2ba90f4767"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:12:21 GMT

GET
H2 200 menu_open.gif
cyberstatic.net/images/misc/ 279 B
399 B 49ms
49ms Image
image/gif 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/misc/menu_open.gif
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 5ae986db0dcbb3131602f6be4d222a521aac9363a25666666df3ab72d61df51f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:28 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d164-117"
content-length: 279
content-type: image/gif

GET
H2 200 cyberforum_logo.png
cyberstatic.net/images/ 11 KB
11 KB 45ms
45ms Image
image/png 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/cyberforum_logo.png
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 982798c3ab58ec9ca4b0fc8ea76f491e1b81d7dc557a3f640df68975283b636e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:16 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d158-2aec"
content-length: 10988
content-type: image/png

GET
H2 200 all.js Show response
site.yandex.net/v2.0/js/ 56 KB
15 KB 166ms
59ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/all.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15151
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "a144f832184afae15f82138151d89089"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:15:54 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 163ms
66ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-6796001588681838:1260530199

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

668b0d80f55925b12b8628367348264111bccff7e5aa89ab5c47c673049418b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3468
x-xss-protection: 0
server: gws
expires: Fri, 18 Mar 2022 13:16:08 GMT

GET
H2 200 rating_5.gif
cyberstatic.net/images/rating/ 1 KB
1 KB 46ms
45ms Image
image/gif 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/rating/rating_5.gif
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: c3c0674e370e514dd2d0984506c3f3b0890e673d05dc489deabd0b43b7496eb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:33 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d169-500"
content-length: 1280
content-type: image/gif

GET
H2 200 reply.png
cyberstatic.net/images/buttons/ 1 KB
1 KB 47ms
47ms Image
image/png 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/buttons/reply.png
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 984ed07cfb706ce8375665769acf5e06d3d4f60002b296b3662c8bc6be959c89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:15 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d157-472"
content-length: 1138
content-type: image/png

GET
H2 200 newthread.png
cyberstatic.net/images/buttons/ 1 KB
2 KB 48ms
47ms Image
image/png 178.208.69.121
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberstatic.net/images/buttons/newthread.png
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.208.69.121 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: mensa.deserv.net
Software: nginx /
Resource Hash: 6e038a09ccaa009545c02a7eb859d7a05cf83bd162a2907daab499d652cb7ccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
last-modified: Fri, 07 Apr 2017 17:50:15 GMT
server: nginx
accept-ranges: bytes
etag: "58e7d157-5d5"
content-length: 1493
content-type: image/png

GET
DATA 200
OK truncated
/ 40 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0121f65b42375f25d1cf2b27339ee481af715b231881dca6acfe59d5edcbd777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20%u...
https://counter.yadro.ru/hit?q;t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20...

649 B
1 KB

43ms
42ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20%u0441%u0430%u0439%u0442%u0435%20%u0438%20%u0432%u0432%u043E%u0434%20%u0434%u0430%u043D%u043D%u044B%u0445%20%u0432%20%u043F%u043E%u043B%u044F%20-%20PowerShell%20-%20%u041A%u0438%u0431%u0435%u0440%u0444%u043E%u0440%u0443%u043C;0.46804827315665

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

8c00a3c4214d1b757be553078fab14641dc4367c6b7b3c5a9b1e72cb663f4996

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:08 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 649
Expires: Wed, 17 Mar 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:08 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t12.2;r;s1600*1200*24;uhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;h%u0410%u0432%u0442%u043E%u0440%u0438%u0437%u0430%u0446%u0438%u044F%20%u043D%u0430%20%u0441%u0430%u0439%u0442%u0435%20%u0438%20%u0432%u0432%u043E%u0434%20%u0434%u0430%u043D%u043D%u044B%u0445%20%u0432%20%u043F%u043E%u043B%u044F%20-%20PowerShell%20-%20%u041A%u0438%u0431%u0435%u0440%u0444%u043E%u0440%u0443%u043C;0.46804827315665
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 17 Mar 2021 21:00:00 GMT

GET
H/1.1 200
OK / Show response
portoteamo.com/ranging/e7829cff86/js/ 50 KB
51 KB 97ms
45ms Script
text/html 193.200.65.18
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://portoteamo.com/ranging/e7829cff86/js/?rand=3777&cookie=0
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: utarget.pro
Software: nginx /
Resource Hash: c685ab23ae4c8e71c3be743f96c4032d45bc03395f464103532a248300b8ff06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:08 GMT
Server: nginx
P3P: CP="NON DSP COR CURa TIA"
Vary: Accept-Language, Cookie
Content-Language: ru
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=utf-8

GET
H2 200 pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js Show response
m2d.m2.ai/v/ 644 KB
181 KB 7ms
7ms Script
application/javascript 18.66.139.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/v/pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.cyberforum.thread.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea144e0ec3d8459529344bdd5133c2e5a8f8d5ca005311925b1e88f56598228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:10:42 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 22:04:21 GMT
server: AmazonS3
age: 327
etag: W/"740598b762cdff79521466047c9b2041"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: sp3pdRmtFN5buqcAnsyieCxxGn2-m4AW7GKP79Ui5jtC1hF7zJ780g==

GET
H2 200 202203181616.js Show response
vak345.com/cs/ 23 KB
7 KB 39ms
38ms Script
application/javascript 2606:4700:3035::6815:e1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/cs/202203181616.js?v=8d94458a2b7741a172956c4b6a86f3a7&_t=1647609368745.745
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb896422aac3e6c5cc9aea5b55110efc1c3a7af4581b8c9d47e46d415253785e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-movieads-udata: cache
x-movieads-country: DE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-movieads-setup: base
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1kYOxZn8s2Z0ga7Yz9BrAu%2Bk5nyGJLr%2F8BelSxnybGEMQo9vuwAAZwDBvHT0P0IPF0lFlkbBI%2B8AktiWIa7e2xppIneZUzfEJwTggX8HXXWd%2B27bvKefC9sCLIPL%2FCxCsnlPh9FeEvg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 6ede3dbaabb79a18-FRA

GET
H2 200 / Show response
a3.pubguru.net/ 141 B
440 B 47ms
11ms XHR
application/json 35.157.180.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&domain=cyberforum.ru

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.180.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-180-254.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6bc760ba9bac5e35e9ccead84b8596b550d2497464846ff298a1131c7437417d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://www.cyberforum.ru
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 1
vary: Origin
content-length: 141
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
345 B 11ms
11ms XHR
text/plain 35.157.180.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.180.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-180-254.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://www.cyberforum.ru
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 1
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 gfc.js Show response
cdn.pubguru.com/ 8 KB
4 KB 46ms
7ms Script
application/javascript 2600:9000:223f:7200:5:3aaa:f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/gfc.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7200:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 1zDVHlGcx640ZLzoe7igwdx1_E7DY9Fe
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 11:40:16 GMT
server: AmazonS3
age: 52783
etag: W/"c1441c4083795f70984ad8988cab61ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
date: Thu, 17 Mar 2022 22:36:29 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: HlxpGtzqtsIHBsupZCelvRXkJm3PqmTvXzIRUcDgqKHN7vqb4m9QPQ==

GET
H2 200 ovp.php Show response
videotoday.site/ Frame B085 11 KB
5 KB 89ms
45ms Document
text/html 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202203181616.js?v=8d94458a2b7741a172956c4b6a86f3a7&_t=1647609368745.745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43b46778d4426d9ccd1e7eb1b1543cdd3746a6fde5535f0a46927d4c3476a0f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/powershell/thread2416870.html

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: DE
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlt4HUU6uoBEU49hLA4lQE8PZkIdoxS4aZR7lt%2FBTlbpgUadvXPF19sYIvSlQ9cs91nwlHMBYxhHJIcAhL7LD%2Bu%2BueghUV8bwrvNWf3OqZAjQ%2FFOvL%2BNEhCr175BL1XaB4Hcri2sQYpVXFc5fuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ede3dbc1ff69b8f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 logger.php
logger.moviead55.ru/ 70 B
197 B 4331ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=target_country_load&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22chrome%5C%22%2C%5C%22version%5C%22%3A%5C%2299%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%7D
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
H/1.1 200
OK / Show response
portoteamo.com/is_clickunder/ 16 B
325 B 17ms
17ms Script
text/html 193.200.65.18
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://portoteamo.com/is_clickunder/
Requested by: Host: portoteamo.com
URL: https://portoteamo.com/ranging/e7829cff86/js/?rand=3777&cookie=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: utarget.pro
Software: nginx /
Resource Hash: fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:08 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: Cookie, Accept-Language
Content-Language: ru

GET
H2 200 cse_element__ru.js Show response
www.google.com/cse/static/element/45f4e5efab1258be/ 305 KB
101 KB 133ms
46ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__ru.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6796001588681838:1260530199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e0660dd3436c140cc6514982b47694b9be7cbd58103b2b6c40234e802dafe21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 22:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102901
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 21:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 17 Mar 2023 22:19:41 GMT

GET
H2 200 default+ru.css
www.google.com/cse/static/element/45f4e5efab1258be/ 41 KB
9 KB 126ms
41ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/45f4e5efab1258be/default+ru.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6796001588681838:1260530199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 19:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 21:05:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 11 Mar 2023 19:53:27 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 131ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-6796001588681838:1260530199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:07:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 18 Mar 2022 13:57:33 GMT

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ 89 KB
28 KB 37ms
36ms Script
application/x-javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:08 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
x-nginx-request-id: 64118b1bb557a374
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Feb 2023 18:47:44 GMT

GET
H2 200 15817c614afb4888babc.js Show response
yastatic.net/partner-code-bundles/55963/ 13 KB
5 KB 90ms
30ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55963/15817c614afb4888babc.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b96f9a62676d54ccb59cdc808633ee3f33cb68d600c3864a649c3f41aa4ca1c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4465
last-modified: Thu, 17 Mar 2022 16:40:11 GMT
server: nginx/1.17.9
etag: "d5c36242118671c5d0ffeaa6603e7736"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:52:08 GMT

GET
H2 200 14d3a80cae1080be7013.js Show response
yastatic.net/partner-code-bundles/55963/ 88 KB
19 KB 166ms
107ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55963/14d3a80cae1080be7013.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

62d1c6ae49c39212f5d854dfd4d02eb0d333dbfa14c65f18a311024374b72d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18730
last-modified: Thu, 17 Mar 2022 16:40:11 GMT
server: nginx/1.17.9
etag: "5f4aa911776063890f822bf299652fa3"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:47:18 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 166ms
107ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:49:55 GMT

GET
H2 200 29317 Show response
yandex.ru/ads/meta/ 50 KB
51 KB 189ms
189ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/29317?target-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&pcode-test-ids=512023%2C0%2C20%3B545844%2C0%2C60%3B545902%2C0%2C30%3B541544%2C0%2C93%3B543067%2C0%2C83%3B542737%2C0%2C58%3B406668%2C0%2C1%3B545266%2C0%2C89%3B542720%2C0%2C32&pcode-flags-map=eJy1V9mO2zYU%2FZXCz0ZBkVozT5REy8RQpEJSXhIEF2k7fQqKop0GBYL8e68WL5Jn5MlD%2FWDZgM8h73LOvf62EprnSkBhSlE42G%2BlF0o6v3r38dvq6%2Bcv%2Fzyt3q28bcVqvXp%2B%2BvtZ%2FobfQ5qRKFt9%2F7ReldL1%2BFJseKs8%2BK2oBYi68UcoW8u9NPouV8J6rlqUksNGIl0uPWIFNFYaK5Frwwtv7ISJ%2FEy6V3DDFvZsO6NavEreem80cC3r28sMwd8QJD1Bq%2BXGWES9BTJko9hyXWEylSweMRXWtNUWlKlkMeHAWPAmp6udYpxwMppQ2nOOBdo12Vik5XSGQZIF18BLVrG80m%2BhdqL76oWFVpf4zvMSjFbHO8RRSMfMcodB6QrEoYGN4vhhfhT4Y3NTPcB0YqM4aUV5qvDymQmLA%2FbKmXcOmxAHc1Yan1nHu2%2BNFsfGeMwEuJorBY2whdDLSohISNmQbmVMAx%2BEhp0shQGpwVcG%2BKbLc6P4MefF44Tr%2BS98XHPRkJGo57LifSuch13NMVprajhyLNUBbLt8HZowOiTMbc0eFM%2BFukQ0NNwyAyMByc7Jca3diSM2nt4Ji%2Bo2oMUeeFlYgWraifEHE8o%2B%2FilnEKfBmfMGDcjt5tL8GmdB9jsG8zqR84MyXkBHIUswl9fYMCLB1LOkbninVqO9NUp1dbJCGV5KXU3Ynv79c0aVjVLg5cYcoLYFVt3JXKquATHfvQMscYRYKUZOPtMdKgZ98Lq5xnVNMoGlLBthKGPnbNdoM8ztWWfQi%2FfN8cp7LSaS%2BYiZjmmyphFafYSPNE2DNYvCIE3XlGUR6x4RSeI1jcMwZGtKaEDI6SeMZHGM8IRkJEB4Eobpp4kIs4AE453ACdSNyZ3Adpgq9%2BmPz798eZpaY0yzwaE3EmPB%2BLdCVlsP2i%2BnIYzYaI0oUwroQuhFlQYawHuG3SQaYIsEEaXZoC5sFHQZsD7H%2FCupxSIuoVk03Lgwre5ldNjaRUiapGOL7WVZCbQlVULJPV9sTBJmZJgaZ7%2BA0tRc6mVYQtloiCfvKkydG9i0SjlUq1jGB2g65FyR3JpHLCdWAyory2VkEqXxixcGVKm3Ml%2BEY8fFkywhrumm5CKKhUGQXPqgCxInY4mjEXeEahkbBmFKLtiTleTGdgK26B2t%2B%2BmNDMME6wy14ZbX7g4sjtl1qD%2BMO%2FIuuUNWgas9P95BstMmUW4aVItrjEbP8bIWpp2ORYp72BQbEjYUpi9H57FuPktvXRVprlxq8OLTed3gX4aHSUJv4XKDAwf23bi418avMJwusOOqnTQHIy%2Bjf2RXQcffqmkdAjLPZoDeelmDTj3Xz5j%2BE0c3cgMX0n7AecYV1KZfMj3H6TL1mr7LH7z0Sjzkpjw%2B9HprrXoQB1zKAP3s0c1Kk4aX3W%2FCjKXt3huuhMeFXfN6KqD%2BHwXk1QLfUkDd2iGL%2FzWc8wL4htTdrEsXKl668nE%2BvrpVAR15tjyMHj0zWyv2HF2kfM11f33%2BMlN2NB6N0sKFGieSuYNgJE6uGpwcCPS72B3Pw10leXV9WNpWSBzH6cUGbrITZTGbe0DczYPv%2FwH4jjKW&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=v0ufkaTFuGYcN40gERP%2FeuRyEUqOI2TczzVMVLADQE5fVdm2qRFY%2F6JGN0BmzrPADEWryBJBioXJLUsEQF2%2BKRCdAlA%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=366738667470850&ad-session-id=1080301647609368954&target-id=14661127&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.cyberforum.ru&top-ancestor-undetermined=0&pcode-version=55963&pcodever=55963&flash-ver=0&available-width=1532&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1532%2C%22h%22%3A0%2C%22width%22%3A1532%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A34%2C%22top%22%3A134%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=256&grab=dNCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0L3QsCDRgdCw0LnRgtC1INC4INCy0LLQvtC0INC00LDQvdC90YvRhSDQsiDQv9C-0LvRjyAtIFBvd2VyU2hlbGwgLSDQmtC40LHQtdGA0YTQvtGA0YPQvAox0JDQstGC0L7RgNC40LfQsNGG0LjRjyDQvdCwINGB0LDQudGC0LUg0Lgg0LLQstC-0LQg0LTQsNC90L3Ri9GFINCyINC_0L7Qu9GPIAo%3D&uniformat=true&callback=Ya%5B8995621002527%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7d03afea2ec7090265ff925262ecc05b3971477eb2aa6fa0894a4458d5d95bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1647609368988979-1564424222174116062-man1-8149-man-l7-balancer-8080-BAL-8885
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2 200 49d9ddcfec6df777ae56.js Show response
yastatic.net/partner-code-bundles/55963/ 667 KB
136 KB 98ms
62ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55963/49d9ddcfec6df777ae56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ef196e5b4f7321f54b61303c88739708e0e9c5b4fb62220734634a53c6f007e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 138532
last-modified: Thu, 17 Mar 2022 16:40:11 GMT
server: nginx/1.17.9
etag: "3ee3db4e6521c644b2e5ed7a0668c525"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:52:08 GMT

GET
H/1.1 200
OK 3887.json Show response
statika.mpsuadv.ru/json/ 2 KB
1 KB 48ms
47ms XHR
application/json 45.80.71.141
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://statika.mpsuadv.ru/json/3887.json
Requested by: Host: s1.marketplacepro.ru
URL: https://s1.marketplacepro.ru/lib/custom/banners.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.80.71.141 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6f017cefff077bc561c775fa49aa23511ec674a5dfb422ef526a2e7f04980fd6

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 14:02:05 GMT
Server: nginx/1.14.1
ETag: W/"620d03dd-79e"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: Fri, 18 Mar 2022 13:16:09 GMT

OPTIONS
H/1.1 204
No Content 3887.json
statika.mpsuadv.ru/json/ Frame 0
0 194ms
48ms Preflight
text/plain 45.80.71.141
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://statika.mpsuadv.ru/json/3887.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.80.71.141 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.1
Date: Fri, 18 Mar 2022 13:16:09 GMT
Connection: keep-alive
Expires: Fri, 18 Mar 2022 13:16:09 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 206 KB
71 KB 132ms
66ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7bfc5fb50ef2f75611eddbd29d8f155eca0f77b00cb6268841f7821dd4713542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-11906"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71942
expires: Fri, 18 Mar 2022 14:16:09 GMT

GET
H2 200 AGSKWxW_l0SDT-YWY47X7CXdmUdM6BjZm0jl8bctRmSRwZ1ykuW8ai3hqd7m1nWoTbxf2bS-_6zGWXwwQRydrBzaqiE= Show response
fundingchoicesmessages.google.com/f/ 89 KB
31 KB 146ms
62ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW_l0SDT-YWY47X7CXdmUdM6BjZm0jl8bctRmSRwZ1ykuW8ai3hqd7m1nWoTbxf2bS-_6zGWXwwQRydrBzaqiE=

Requested by

Host: cdn.pubguru.com
URL: https://cdn.pubguru.com/gfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7aebcff4c4562292278d46ad73b1ae484931465916d2c02852b4e47b431709b6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IKOyI+dOCJC3ubvqhbLXHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IKOyI+dOCJC3ubvqhbLXHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IKOyI+dOCJC3ubvqhbLXHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IKOyI+dOCJC3ubvqhbLXHA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 suggest.js Show response
site.yandex.net/v2.0/js/ 8 KB
3 KB 31ms
30ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/suggest.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2610
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "5905bc95497a3dcdd5543e8af9bb2553"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:14:49 GMT

GET
H2 200 opensearch.js Show response
site.yandex.net/v2.0/js/ 22 KB
7 KB 38ms
38ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/opensearch.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6188
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "1df256fb3e065fdf3b47b6ac51380393"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:14:33 GMT

GET
H2 200 yandex-hint-rb.png
site.yandex.net/v2.0/i/ 425 B
953 B 35ms
35ms Image
image/png 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://site.yandex.net/v2.0/i/yandex-hint-rb.png

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 425
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "fbe624b4939c4538e386beffac5861f6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:11:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-595018-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4283
date: Fri, 18 Mar 2022 12:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 14:04:46 GMT

GET
H2 200 plyr.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 37 KB
5 KB 46ms
20ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.css

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd367f76a977afab78d96c84f6779c0cf8963fe0586d553f5e45a4cd6783c762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1139515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4660
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-9309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDRjJeOHwhizKdBaHteiso2H2%2F7dGKIm2pU%2F4AfC%2BGuiNFFOAoebEXCdCd4GOIyYZe78jjloTYpYjOlPtAYbrKvlAbdkZDwVVbgIkENb%2FgwPoX1o%2BlRAdLShcuuEDoXfNHZG329J60IDzHqhsEj36g%2B6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dbd282e9a3b-FRA
expires: Wed, 08 Mar 2023 13:16:09 GMT

GET
H2 200 plyr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 118 KB
29 KB 68ms
36ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf294fce72e402fc8912f348cf3855a5501cb955dbeedaa92eea6a47a434fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Origin: https://videotoday.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 758249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29152
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-1d736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZwGdtrXlsgyu7zLe7J5wUMMcBMVG%2Fag%2BtvRLbS1JinvYeVX8V0ZjDz6F4ps9gIYhCdzPjQe3pggSOjPwBfJtey5WIeEGuRVXWWCT4Hlv1IlH%2BegiX1%2FNo0XHykYR0Kt6rKZlyCMTlJ6cKW0TESTByZm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dbd3bc99034-FRA
expires: Wed, 08 Mar 2023 13:16:09 GMT

GET
H3 200 fload.js Show response
videotoday.site/ Frame B085 6 KB
3 KB 67ms
43ms Script
application/javascript 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/fload.js?v3
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b8c3d797a3c48dc6e72584f65dc87b89c2df868cd20ec1c88d60237675e9de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2095
x-movieads-country: RU
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 07:22:41 GMT
server: cloudflare
etag: W/"61dd3041-186a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNuZeAbLfCQWOD66DVL7XFtd6X%2BpDg%2BfKeX3r30hi2pU%2FV1BDlzKpjTGOnVM4mzF%2F1znD70BEsa7tPW0yXwXQH3jt0Az4eccfrCtyzVIX38RhUQfg5SXYGbcVOGAuG2l%2F%2FGWNZ5hiutczq2bDxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ede3dbd2d2b8fd6-FRA

GET
H2 200 hls.js Show response
cdn.jsdelivr.net/npm/ Frame B085 315 KB
92 KB 59ms
26ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13010
x-jsd-version: 1.1.5
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eb29-4v2sGw7mpSOmcj8olLhMCR3UuXM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ede3dbd3a999b37-FRA

GET
H2

200

bzcookiesync.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D
https://code.moviead55.ru/bzcookiesync.php?bzcookie=df30d526-e131-482f-460b-481b0268369e

0
252 B

21ms
20ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/bzcookiesync.php?bzcookie=df30d526-e131-482f-460b-481b0268369e
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/bzcookiesync.php?bzcookie=df30d526-e131-482f-460b-481b0268369e
date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx
content-length: 123
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 204 match Show response
dm-eu.hybrid.ai/ Frame B085 0
239 B 68ms
25ms Script
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_hbrd2.php%3Fhbrdcookie2%3D%24%7BVID%7D

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 503
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

cookiesync_btw.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D&crf=1
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

0
253 B

15ms
14ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET

rmatch
www.acint.net/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_sape.php
https://www.acint.net/rmatch?dp=167&euid=9bea2a59-13a1-470f-8eff-cc650172356e&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D

0
0

GET
H2

200

cookiesync_target.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_target.php
https://match.new-programmatic.com/userbind?src=skyadvert&id=5fcfa9d5-5d39-4e6e-9ef3-94eb787d83de
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

0
228 B

16ms
15ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

/ Show response
s.uuidksinc.net/match/1062/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_kadam.php
https://s.uuidksinc.net/match/1062/?remote_uid=f36d6309-6715-4a79-b2e2-a06b12fe974a

74 B
241 B

55ms
14ms

Script
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.uuidksinc.net/match/1062/?remote_uid=f36d6309-6715-4a79-b2e2-a06b12fe974a
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 1ee70acbd3b0edaf32c0d04341fe602fb7fd51d8924cd737287696b26f0ecae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://s.uuidksinc.net/match/1062/?remote_uid=f36d6309-6715-4a79-b2e2-a06b12fe974a
date: Fri, 18 Mar 2022 13:16:09 GMT
x-movieads-country: DE
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 skyadvert Show response
sync.quantumdex.io/usersync/ Frame B085 0
0 177ms
138ms Script
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/skyadvert
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 mstream.min.js Show response
user91471.clients-cdnnow.ru/vp_dist/ Frame B085 175 KB
52 KB 95ms
27ms Script
application/javascript 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 59c10cdf6276df542a02482f83c87a9b478e953e645d09ca18e196547b5c2576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
etag: W/"6231a6e9-2bb5c"
last-modified: Wed, 16 Mar 2022 08:59:21 GMT
server: nginx
x-edge-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
x-movieads-country: RU
x-edge-ip: 172.19.25.189

GET
DATA 200
OK truncated Show response
/ Frame B085 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1400de002ed04668de976192cbf02ee5c017e6621126f9c3962b26d45ad6cd32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
198 B 1113ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=cdiv&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=90&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
BLOB 200
OK 297235ca-d1a4-422f-8aa1-666b277c040e
https://videotoday.site/ Frame B085 168 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videotoday.site/297235ca-d1a4-422f-8aa1-666b277c040e
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9f364d09959a9d9bd4fe5c18a1f6d7350e17ac7a0a6567936bb6a8858f1115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 168
Content-Type: text/javascript

GET
H2 200 punycode.js Show response
site.yandex.net/v2.0/js/ 3 KB
2 KB 30ms
30ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/punycode.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

53f195d73d3772db367875c72b49e33c27fba5cf221fa164118ac7c8cbfcf993

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 1285
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "950bc9cba9ad2bd0fe8e439d3d775b56"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 01:11:16 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 136 KB
50 KB 91ms
46ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/45f4e5efab1258be/cse_element__ru.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26b455d05301acda19c24cf35fa5aec0945bf50244421d00678502a785d33393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "12222482082425325471"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H3 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
1 KB 89ms
40ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 06:32:13 GMT
x-content-type-options: nosniff
age: 24236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 18 Mar 2023 06:32:13 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 152ms
39ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 120ms
52ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
397 B 119ms
53ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 138 KB
49 KB 125ms
64ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-c3d1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50129
expires: Fri, 18 Mar 2022 14:16:09 GMT

GET
H2 200 29317 Show response
yandex.ru/ads/meta/ 56 KB
56 KB 204ms
204ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/29317?target-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&pcode-test-ids=512023%2C0%2C20%3B545844%2C0%2C60%3B545902%2C0%2C30%3B541544%2C0%2C93%3B543067%2C0%2C83%3B542737%2C0%2C58%3B406668%2C0%2C1%3B545266%2C0%2C89%3B542720%2C0%2C32&pcode-flags-map=eJy1V9mO2zYU%2FZXCz0ZBkVozT5REy8RQpEJSXhIEF2k7fQqKop0GBYL8e68WL5Jn5MlD%2FWDZgM8h73LOvf62EprnSkBhSlE42G%2BlF0o6v3r38dvq6%2Bcv%2Fzyt3q28bcVqvXp%2B%2BvtZ%2FobfQ5qRKFt9%2F7ReldL1%2BFJseKs8%2BK2oBYi68UcoW8u9NPouV8J6rlqUksNGIl0uPWIFNFYaK5Frwwtv7ISJ%2FEy6V3DDFvZsO6NavEreem80cC3r28sMwd8QJD1Bq%2BXGWES9BTJko9hyXWEylSweMRXWtNUWlKlkMeHAWPAmp6udYpxwMppQ2nOOBdo12Vik5XSGQZIF18BLVrG80m%2BhdqL76oWFVpf4zvMSjFbHO8RRSMfMcodB6QrEoYGN4vhhfhT4Y3NTPcB0YqM4aUV5qvDymQmLA%2FbKmXcOmxAHc1Yan1nHu2%2BNFsfGeMwEuJorBY2whdDLSohISNmQbmVMAx%2BEhp0shQGpwVcG%2BKbLc6P4MefF44Tr%2BS98XHPRkJGo57LifSuch13NMVprajhyLNUBbLt8HZowOiTMbc0eFM%2BFukQ0NNwyAyMByc7Jca3diSM2nt4Ji%2Bo2oMUeeFlYgWraifEHE8o%2B%2FilnEKfBmfMGDcjt5tL8GmdB9jsG8zqR84MyXkBHIUswl9fYMCLB1LOkbninVqO9NUp1dbJCGV5KXU3Ynv79c0aVjVLg5cYcoLYFVt3JXKquATHfvQMscYRYKUZOPtMdKgZ98Lq5xnVNMoGlLBthKGPnbNdoM8ztWWfQi%2FfN8cp7LSaS%2BYiZjmmyphFafYSPNE2DNYvCIE3XlGUR6x4RSeI1jcMwZGtKaEDI6SeMZHGM8IRkJEB4Eobpp4kIs4AE453ACdSNyZ3Adpgq9%2BmPz798eZpaY0yzwaE3EmPB%2BLdCVlsP2i%2BnIYzYaI0oUwroQuhFlQYawHuG3SQaYIsEEaXZoC5sFHQZsD7H%2FCupxSIuoVk03Lgwre5ldNjaRUiapGOL7WVZCbQlVULJPV9sTBJmZJgaZ7%2BA0tRc6mVYQtloiCfvKkydG9i0SjlUq1jGB2g65FyR3JpHLCdWAyory2VkEqXxixcGVKm3Ml%2BEY8fFkywhrumm5CKKhUGQXPqgCxInY4mjEXeEahkbBmFKLtiTleTGdgK26B2t%2B%2BmNDMME6wy14ZbX7g4sjtl1qD%2BMO%2FIuuUNWgas9P95BstMmUW4aVItrjEbP8bIWpp2ORYp72BQbEjYUpi9H57FuPktvXRVprlxq8OLTed3gX4aHSUJv4XKDAwf23bi418avMJwusOOqnTQHIy%2Bjf2RXQcffqmkdAjLPZoDeelmDTj3Xz5j%2BE0c3cgMX0n7AecYV1KZfMj3H6TL1mr7LH7z0Sjzkpjw%2B9HprrXoQB1zKAP3s0c1Kk4aX3W%2FCjKXt3huuhMeFXfN6KqD%2BHwXk1QLfUkDd2iGL%2FzWc8wL4htTdrEsXKl668nE%2BvrpVAR15tjyMHj0zWyv2HF2kfM11f33%2BMlN2NB6N0sKFGieSuYNgJE6uGpwcCPS72B3Pw10leXV9WNpWSBzH6cUGbrITZTGbe0DczYPv%2FwH4jjKW&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=v0ufkaTFuGYcN40gERP%2FeuRyEUqOI2TczzVMVLADQE5fVdm2qRFY%2F6JGN0BmzrPADEWryBJBioXJLUsEQF2%2BKRCdAlA%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=366738667470850&ad-session-id=1080301647609368954&target-id=15596232&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.cyberforum.ru&top-ancestor-undetermined=0&pcode-version=55963&pcodever=55963&flash-ver=0&available-width=1345&skip-token=yabs.NzIwNTc2MDU5MDE4NTAzODk%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1345%2C%22h%22%3A0%2C%22width%22%3A1345%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A218%2C%22top%22%3A1450%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A1%2C%22req_no%22%3A1%7D&grab-orig-len=256&grab=dNCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0L3QsCDRgdCw0LnRgtC1INC4INCy0LLQvtC0INC00LDQvdC90YvRhSDQsiDQv9C-0LvRjyAtIFBvd2VyU2hlbGwgLSDQmtC40LHQtdGA0YTQvtGA0YPQvAox0JDQstGC0L7RgNC40LfQsNGG0LjRjyDQvdCwINGB0LDQudGC0LUg0Lgg0LLQstC-0LQg0LTQsNC90L3Ri9GFINCyINC_0L7Qu9GPIAo%3D&uniformat=true&callback=Ya%5B5677925435418%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1315df4e2ac305398e5405bb448c433329f155afd7277b1fb4905d959a4a6c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1647609369216328-15327557919324452730-man1-8149-man-l7-balancer-8080-BAL-2076
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5331951/0wZlxgvOiEipl5DQgaaqUA/ 47 KB
47 KB 131ms
60ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5331951/0wZlxgvOiEipl5DQgaaqUA/x450
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 3c306caffcbea9b3ac27fb5858cc6e377d78117f222e029feb1f91b2be29a9b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Thu, 24 Feb 2022 14:59:53 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 48030
x-request-id: cb8c794731fcc4de

OPTIONS
H2 200 trace
yandex.ru/ads/ Frame 0
0 116ms
54ms Preflight 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
access-control-allow-headers: content-type
x-content-type-options: nosniff
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
x-yandex-req-id: 1647609369309047-12353673071886189850-man1-4229-331-man-l7-balancer-8080-BAL-1979
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-request-method: post

POST
H2 200 trace Show response
yandex.ru/ads/ 0
262 B 52ms
52ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1647609369363798-7568181484429587723-man1-4229-331-man-l7-balancer-8080-BAL-4653
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 222F 24 KB
7 KB 32ms
32ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/

Response headers

server: nginx/1.17.9
date: Fri, 18 Mar 2022 13:16:09 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 17 Mar 2052 19:48:07 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame EE6D 2 KB
716 B 32ms
31ms Document
text/html 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e324f04bc076180ddb51d604021fb6f7b2b5b4f38e04f8933cac10440cef68ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/

Response headers

content-length: 661
date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-allow-origin: *
etag: "623334c0-295"
expires: Fri, 18 Mar 2022 14:16:09 GMT
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: text/html
strict-transport-security: max-age=31536000

OPTIONS
H2 200 sbor
stats.mpsuadv.ru/ Frame 0
0 192ms
47ms Preflight
image/gif 45.141.78.48
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.mpsuadv.ru/sbor?event=pageload&pid=3887&version=1.006&rnd=632825934
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.78.48 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: if-unmodified-since
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Fri, 18 Mar 2022 13:16:09 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,If-Unmodified-Since

GET
H2 200 sbor Show response
stats.mpsuadv.ru/ 35 B
340 B 142ms
47ms XHR
image/gif 45.141.78.48
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.mpsuadv.ru/sbor?event=pageload&pid=3887&version=1.006&rnd=632825934
Requested by: Host: s1.marketplacepro.ru
URL: https://s1.marketplacepro.ru/lib/custom/banners.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.141.78.48 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
If-Unmodified-Since: 1647609369313
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx/1.14.1
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,If-Unmodified-Since
content-length: 35

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

123 KB
32 KB

63ms
63ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ac001e06727f90198b24207a341886a34659f000df60308faffda72ce6877f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1647609369538033-5595663740019707295-man1-8149-man-l7-balancer-8080-BAL-3638
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 18 Mar 2022 14:16:09 GMT

Redirect headers

date: Fri, 18 Mar 2022 13:16:09 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4042bee588db57497a206202da9e007d8ef52b5e85b2d968304dcc1c7ef24787

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 679 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6888fcccacbfc6754c9fa416f78891c6e4f51a9b98a2a0689ede23038ae663b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 AGSKWxXJ8erqShn9tIPsCRFs1H1rITupXSwQKyYHiVCRoqvEOScOLJsR0MD5xIWuWq_CJSWDZczvfgjtZpg688jB4v4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 109ms
62ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXJ8erqShn9tIPsCRFs1H1rITupXSwQKyYHiVCRoqvEOScOLJsR0MD5xIWuWq_CJSWDZczvfgjtZpg688jB4v4=?pvid=228BA9A3-94C9-43F1-B3CF-D9C1D8A3B85A&anonid=184CE205-04F8-4BD3-8867-27F6193D7D98

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.9eE7xu43CaE.es5.O/d=1/rs=AJlcJMycDao8DgDD4i9nQ1vEiDdRCJ09IQ/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DwGjVH1Q30890FYKgE4uPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DwGjVH1Q30890FYKgE4uPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-DwGjVH1Q30890FYKgE4uPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DwGjVH1Q30890FYKgE4uPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW5aO9KhHxKUU7yq3BzHvaPMg0YAJ-_QzeboQOENKukNtGRZBgE44yLCGpMhAaFKhj3cOkMpq56felsm_A--dA= Show response
fundingchoicesmessages.google.com/f/ 250 KB
52 KB 121ms
77ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW5aO9KhHxKUU7yq3BzHvaPMg0YAJ-_QzeboQOENKukNtGRZBgE44yLCGpMhAaFKhj3cOkMpq56felsm_A--dA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ3NjA5MzY5LDM4MTAwMDAwMF0sIjIyOEJBOUEzLTk0QzktNDNGMS1CM0NGLUQ5QzFEOEEzQjg1QSIsIjE4NENFMjA1LTA0RjgtNEJEMy04ODY3LTI3RjYxOTNEN0Q5OCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5jeWJlcmZvcnVtLnJ1L3Bvd2Vyc2hlbGwvdGhyZWFkMjQxNjg3MC5odG1sIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc28ebbacc4f1ec97b4d883ff5af75c3f517ff3bd2331fbe5eb30bed45ab35a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-490dztPsMpMTSAjXy8NLpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-490dztPsMpMTSAjXy8NLpw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-490dztPsMpMTSAjXy8NLpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-490dztPsMpMTSAjXy8NLpw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:16:09 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame B085 199 KB
68 KB 36ms
35ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Fri, 18 Mar 2022 14:16:09 GMT

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 1114ms
16ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=player_frame_loaded&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=0&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 1108ms
15ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=player_loaded&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=%7B%22loadTime%22%3A0.292%2C%22version%22%3A440%7D&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
H/1.1

200
OK

hit
counter.yadro.ru/ Frame B085
Redirect Chain

https://counter.yadro.ru/hit?t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4...
https://counter.yadro.ru/hit?q;t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956...

132 B
437 B

42ms
42ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html;h;0.5434669344090224

Requested by

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Wed, 17 Mar 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:09 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html;h;0.5434669344090224
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 17 Mar 2021 21:00:00 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/386735/getBulk/ 1 KB
1 KB 253ms
253ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/386735/getBulk/v2?dl=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&date=2022-03-18T13%3A16%3A09.421%2B00%3A00&pd=18&pdh=1200&pdw=1600&pr1=965607002&pr=1540473455&prr=&pv=13&pw=5&extid_loader=MTY0NzYwOTM2OTk5NjMzMzYwMQ%3D%3D&extid_tag_loader=www.cyberforum.ru&ylv=0.55963&ybv=0.55963&ytt=366688739655685&is-turbo=0&skip-token=yabs.NzIwNTc2MDU5MDE4NTAzODk%3D&ad-session-id=1080301647609368954&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A400%2C%22h%22%3A250%2C%22width%22%3A400%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1200%2C%22top%22%3A1075%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=55963&available-width=400&available-height=250&yaru=true&p2=y&pp=brpj&ps=fevw&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY0NzYwOTM2OTk5NjMzMzYwMQ%3D%3D&pcode-test-ids=512023%2C0%2C20%3B545844%2C0%2C60%3B545902%2C0%2C30%3B541544%2C0%2C93%3B543067%2C0%2C83%3B542737%2C0%2C58%3B406668%2C0%2C1%3B545266%2C0%2C89%3B542720%2C0%2C32&pcode-flags-map=eJy1V9mO2zYU%2FZXCz0ZBkVozT5REy8RQpEJSXhIEF2k7fQqKop0GBYL8e68WL5Jn5MlD%2FWDZgM8h73LOvf62EprnSkBhSlE42G%2BlF0o6v3r38dvq6%2Bcv%2Fzyt3q28bcVqvXp%2B%2BvtZ%2FobfQ5qRKFt9%2F7ReldL1%2BFJseKs8%2BK2oBYi68UcoW8u9NPouV8J6rlqUksNGIl0uPWIFNFYaK5Frwwtv7ISJ%2FEy6V3DDFvZsO6NavEreem80cC3r28sMwd8QJD1Bq%2BXGWES9BTJko9hyXWEylSweMRXWtNUWlKlkMeHAWPAmp6udYpxwMppQ2nOOBdo12Vik5XSGQZIF18BLVrG80m%2BhdqL76oWFVpf4zvMSjFbHO8RRSMfMcodB6QrEoYGN4vhhfhT4Y3NTPcB0YqM4aUV5qvDymQmLA%2FbKmXcOmxAHc1Yan1nHu2%2BNFsfGeMwEuJorBY2whdDLSohISNmQbmVMAx%2BEhp0shQGpwVcG%2BKbLc6P4MefF44Tr%2BS98XHPRkJGo57LifSuch13NMVprajhyLNUBbLt8HZowOiTMbc0eFM%2BFukQ0NNwyAyMByc7Jca3diSM2nt4Ji%2Bo2oMUeeFlYgWraifEHE8o%2B%2FilnEKfBmfMGDcjt5tL8GmdB9jsG8zqR84MyXkBHIUswl9fYMCLB1LOkbninVqO9NUp1dbJCGV5KXU3Ynv79c0aVjVLg5cYcoLYFVt3JXKquATHfvQMscYRYKUZOPtMdKgZ98Lq5xnVNMoGlLBthKGPnbNdoM8ztWWfQi%2FfN8cp7LSaS%2BYiZjmmyphFafYSPNE2DNYvCIE3XlGUR6x4RSeI1jcMwZGtKaEDI6SeMZHGM8IRkJEB4Eobpp4kIs4AE453ACdSNyZ3Adpgq9%2BmPz798eZpaY0yzwaE3EmPB%2BLdCVlsP2i%2BnIYzYaI0oUwroQuhFlQYawHuG3SQaYIsEEaXZoC5sFHQZsD7H%2FCupxSIuoVk03Lgwre5ldNjaRUiapGOL7WVZCbQlVULJPV9sTBJmZJgaZ7%2BA0tRc6mVYQtloiCfvKkydG9i0SjlUq1jGB2g65FyR3JpHLCdWAyory2VkEqXxixcGVKm3Ml%2BEY8fFkywhrumm5CKKhUGQXPqgCxInY4mjEXeEahkbBmFKLtiTleTGdgK26B2t%2B%2BmNDMME6wy14ZbX7g4sjtl1qD%2BMO%2FIuuUNWgas9P95BstMmUW4aVItrjEbP8bIWpp2ORYp72BQbEjYUpi9H57FuPktvXRVprlxq8OLTed3gX4aHSUJv4XKDAwf23bi418avMJwusOOqnTQHIy%2Bjf2RXQcffqmkdAjLPZoDeelmDTj3Xz5j%2BE0c3cgMX0n7AecYV1KZfMj3H6TL1mr7LH7z0Sjzkpjw%2B9HprrXoQB1zKAP3s0c1Kk4aX3W%2FCjKXt3huuhMeFXfN6KqD%2BHwXk1QLfUkDd2iGL%2FzWc8wL4htTdrEsXKl668nE%2BvrpVAR15tjyMHj0zWyv2HF2kfM11f33%2BMlN2NB6N0sKFGieSuYNgJE6uGpwcCPS72B3Pw10leXV9WNpWSBzH6cUGbrITZTGbe0DczYPv%2FwH4jjKW&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=v0ufkaTFuGYcN40gERP%2FeuRyEUqOI2TczzVMVLADQE5fVdm2qRFY%2F6JGN0BmzrPADEWryBJBioXJLUsEQF2%2BKRCdAlA%3D&top-ancestor=https%3A%2F%2Fwww.cyberforum.ru&top-ancestor-undetermined=0&grab-orig-len=256&grab=dNCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0L3QsCDRgdCw0LnRgtC1INC4INCy0LLQvtC0INC00LDQvdC90YvRhSDQsiDQv9C-0LvRjyAtIFBvd2VyU2hlbGwgLSDQmtC40LHQtdGA0YTQvtGA0YPQvAox0JDQstGC0L7RgNC40LfQsNGG0LjRjyDQvdCwINGB0LDQudGC0LUg0Lgg0LLQstC-0LQg0LTQsNC90L3Ri9GFINCyINC_0L7Qu9GPIAo%3D&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

070ecabfdf964a7363184cd2777cf243769b4a450bad17d854025b6c040f5fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1647609369443901-18040817436026898908-man1-8149-man-l7-balancer-8080-BAL-5555
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

POST
H2 200 stream
a3.pubguru.net/ 0
0 33ms
10ms Ping
text/plain 35.157.180.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.180.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-180-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 31ms
31ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 32ms
31ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2 200 x600
avatars.mds.yandex.net/get-direct/5129327/TykK6bqs8P5blAq5hG7wtg/ 51 KB
52 KB 40ms
40ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5129327/TykK6bqs8P5blAq5hG7wtg/x600
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 2c3d39b3302aa741fbbee02a47e8dc142597ebd5cb6207288ce05ca23c689124

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Thu, 17 Mar 2022 10:25:06 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 52668
x-request-id: e4f29ca4a7ab661d

GET
H2 200 29317 Show response
yandex.ru/ads/meta/ 5 KB
5 KB 149ms
148ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/29317?target-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&pcode-test-ids=512023%2C0%2C20%3B545844%2C0%2C60%3B545902%2C0%2C30%3B541544%2C0%2C93%3B543067%2C0%2C83%3B542737%2C0%2C58%3B406668%2C0%2C1%3B545266%2C0%2C89%3B542720%2C0%2C32&pcode-flags-map=eJy1V9mO2zYU%2FZXCz0ZBkVozT5REy8RQpEJSXhIEF2k7fQqKop0GBYL8e68WL5Jn5MlD%2FWDZgM8h73LOvf62EprnSkBhSlE42G%2BlF0o6v3r38dvq6%2Bcv%2Fzyt3q28bcVqvXp%2B%2BvtZ%2FobfQ5qRKFt9%2F7ReldL1%2BFJseKs8%2BK2oBYi68UcoW8u9NPouV8J6rlqUksNGIl0uPWIFNFYaK5Frwwtv7ISJ%2FEy6V3DDFvZsO6NavEreem80cC3r28sMwd8QJD1Bq%2BXGWES9BTJko9hyXWEylSweMRXWtNUWlKlkMeHAWPAmp6udYpxwMppQ2nOOBdo12Vik5XSGQZIF18BLVrG80m%2BhdqL76oWFVpf4zvMSjFbHO8RRSMfMcodB6QrEoYGN4vhhfhT4Y3NTPcB0YqM4aUV5qvDymQmLA%2FbKmXcOmxAHc1Yan1nHu2%2BNFsfGeMwEuJorBY2whdDLSohISNmQbmVMAx%2BEhp0shQGpwVcG%2BKbLc6P4MefF44Tr%2BS98XHPRkJGo57LifSuch13NMVprajhyLNUBbLt8HZowOiTMbc0eFM%2BFukQ0NNwyAyMByc7Jca3diSM2nt4Ji%2Bo2oMUeeFlYgWraifEHE8o%2B%2FilnEKfBmfMGDcjt5tL8GmdB9jsG8zqR84MyXkBHIUswl9fYMCLB1LOkbninVqO9NUp1dbJCGV5KXU3Ynv79c0aVjVLg5cYcoLYFVt3JXKquATHfvQMscYRYKUZOPtMdKgZ98Lq5xnVNMoGlLBthKGPnbNdoM8ztWWfQi%2FfN8cp7LSaS%2BYiZjmmyphFafYSPNE2DNYvCIE3XlGUR6x4RSeI1jcMwZGtKaEDI6SeMZHGM8IRkJEB4Eobpp4kIs4AE453ACdSNyZ3Adpgq9%2BmPz798eZpaY0yzwaE3EmPB%2BLdCVlsP2i%2BnIYzYaI0oUwroQuhFlQYawHuG3SQaYIsEEaXZoC5sFHQZsD7H%2FCupxSIuoVk03Lgwre5ldNjaRUiapGOL7WVZCbQlVULJPV9sTBJmZJgaZ7%2BA0tRc6mVYQtloiCfvKkydG9i0SjlUq1jGB2g65FyR3JpHLCdWAyory2VkEqXxixcGVKm3Ml%2BEY8fFkywhrumm5CKKhUGQXPqgCxInY4mjEXeEahkbBmFKLtiTleTGdgK26B2t%2B%2BmNDMME6wy14ZbX7g4sjtl1qD%2BMO%2FIuuUNWgas9P95BstMmUW4aVItrjEbP8bIWpp2ORYp72BQbEjYUpi9H57FuPktvXRVprlxq8OLTed3gX4aHSUJv4XKDAwf23bi418avMJwusOOqnTQHIy%2Bjf2RXQcffqmkdAjLPZoDeelmDTj3Xz5j%2BE0c3cgMX0n7AecYV1KZfMj3H6TL1mr7LH7z0Sjzkpjw%2B9HprrXoQB1zKAP3s0c1Kk4aX3W%2FCjKXt3huuhMeFXfN6KqD%2BHwXk1QLfUkDd2iGL%2FzWc8wL4htTdrEsXKl668nE%2BvrpVAR15tjyMHj0zWyv2HF2kfM11f33%2BMlN2NB6N0sKFGieSuYNgJE6uGpwcCPS72B3Pw10leXV9WNpWSBzH6cUGbrITZTGbe0DczYPv%2FwH4jjKW&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=v0ufkaTFuGYcN40gERP%2FeuRyEUqOI2TczzVMVLADQE5fVdm2qRFY%2F6JGN0BmzrPADEWryBJBioXJLUsEQF2%2BKRCdAlA%3D&duid=MTY0NzYwOTM2OTk5NjMzMzYwMQ%3D%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=366738667470850&ad-session-id=1080301647609368954&target-id=42593337&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.cyberforum.ru&top-ancestor-undetermined=0&pcode-version=55963&pcodever=55963&flash-ver=0&available-width=1532&skip-token=yabs.NzIwNTc2MDU4ODU4MTY0NzQ%3D&gdpr=1&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1532%2C%22h%22%3A0%2C%22width%22%3A1532%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A34%2C%22top%22%3A3342%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A2%2C%22req_no%22%3A2%7D&grab-orig-len=256&grab=dNCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0L3QsCDRgdCw0LnRgtC1INC4INCy0LLQvtC0INC00LDQvdC90YvRhSDQsiDQv9C-0LvRjyAtIFBvd2VyU2hlbGwgLSDQmtC40LHQtdGA0YTQvtGA0YPQvAox0JDQstGC0L7RgNC40LfQsNGG0LjRjyDQvdCwINGB0LDQudGC0LUg0Lgg0LLQstC-0LQg0LTQsNC90L3Ri9GFINCyINC_0L7Qu9GPIAo%3D&uniformat=true&callback=Ya%5B3791497549409%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

43b11149cb78981868e59be812c5dc115759b2b118a5a660f2ec2ce5e351d77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1647609369503431-168990399910822418-man1-8149-man-l7-balancer-8080-BAL-5868
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:16:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=214380108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&ul=en-us&de=UTF-8&dt=%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=872459930&gjid=1767282850&cid=1376453666.1647609369&tid=UA-595018-2&_gid=2066051749.1647609369&_r=1&gtm=2ou3e0&z=370801568

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberforum.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 trace
yandex.ru/ads/ Frame 0
0 50ms
49ms Preflight 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
access-control-allow-headers: content-type
x-content-type-options: nosniff
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
x-yandex-req-id: 1647609369521343-9145316207605184681-man1-4229-331-man-l7-balancer-8080-BAL-7919
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-request-method: post

POST
H2 200 trace Show response
yandex.ru/ads/ 0
242 B 35ms
34ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1647609369571029-9935790425698963111-man1-4229-331-man-l7-balancer-8080-BAL-5932
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 52ms
51ms XHR
text/plain 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 51ms
50ms Preflight 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cyberforum.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://www.cyberforum.ru
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000

GET
H2

200

1 Show response
mc.yandex.com/watch/53399341/ Frame B085
Redirect Chain

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab...
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3...

357 B
439 B

32ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1199169431527%3Ahid%3A617614489%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A1051073129%3Arqn%3A1%3Au%3A1647609370473619981%3Aw%3A400x225%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609368931%3Ads%3A10%2C34%2C45%2C1%2C0%2C0%2C%2C463%2C0%2C%2C%2C%2C554%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647609370%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f199c05415d416ca05f569f533c86ca9cc16dfddb31751f2f4f952f8d37cbe3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://videotoday.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
location: /watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1199169431527%3Ahid%3A617614489%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A1051073129%3Arqn%3A1%3Au%3A1647609370473619981%3Aw%3A400x225%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609368931%3Ads%3A10%2C34%2C45%2C1%2C0%2C0%2C%2C463%2C0%2C%2C%2C%2C554%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647609370%3At%3A&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://videotoday.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 222F 95 B
400 B 107ms
31ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sat, 19 Mar 2022 13:16:09 GMT

GET
H2

200

ct_sync.php
sync.magnitent.com/fbfli/ Frame 222F
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=4B9CAB1AACCD6C18&sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=1e2b8513235e4b468473a052ff2c6749&sonar=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v=

0
676 B

104ms
31ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.magnitent.com/fbfli/ct_sync.php?ct=1e2b8513235e4b468473a052ff2c6749&sonar=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v=
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Fri, 18 Mar 2022 13:16:10 GMT
mode: no-cors, no-cors
server: nginx/1.20.1
cache-control: no-cache, no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8

Redirect headers

location: https://sync.magnitent.com/fbfli/ct_sync.php?ct=1e2b8513235e4b468473a052ff2c6749&sonar=bd1f8c91fe0a4c9bb7d5796ba4f343e8&spid=4B9CAB1AACCD6C18&v=
date: Fri, 18 Mar 2022 13:16:09 GMT
mode: no-cors
server: nginx/1.20.2
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 222F 42 B
201 B 345ms
86ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

0m1q9JSnqIG4W0-7lm9P
an.yandex.ru/mapuid/dmpamberdata/ Frame 222F
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1647609369
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1647609369
https://an.yandex.ru/mapuid/dmpamberdata/0m1q9JSnqIG4W0-7lm9P

43 B
80 B

51ms
50ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/0m1q9JSnqIG4W0-7lm9P

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/0m1q9JSnqIG4W0-7lm9P
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 14
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

_f5K3YeEKEZm
an.yandex.ru/mapuid/dmpsegmento/ Frame 222F
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/_f5K3YeEKEZm?sign=3871716196

43 B
80 B

53ms
49ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/_f5K3YeEKEZm?sign=3871716196

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpsegmento/_f5K3YeEKEZm?sign=3871716196
date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx
content-length: 0
p3p: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

ewj3wF073Lnl
an.yandex.ru/mapuid/rutargetis/ Frame 222F
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/ewj3wF073Lnl

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/ewj3wF073Lnl

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/rutargetis/ewj3wF073Lnl
date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx
content-length: 0
p3p: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

FU91tK1NRyCGAUWQHmEv1Q
an.yandex.ru/mapuid/dmpaidatame/ Frame 222F
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/FU91tK1NRyCGAUWQHmEv1Q?sign=668985803

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/FU91tK1NRyCGAUWQHmEv1Q?sign=668985803

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Fri, 18 Mar 2022 13:16:08 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/FU91tK1NRyCGAUWQHmEv1Q?sign=668985803
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Fri, 18 Mar 2022 13:16:08 GMT

GET
H2

200

939a5e80-a6bd-11ec-8677-901b0e934d81
an.yandex.ru/mapuid/dmpcleverdata/ Frame 222F
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/939a5e80-a6bd-11ec-8677-901b0e934d81?sign=3394633161

43 B
82 B

52ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/939a5e80-a6bd-11ec-8677-901b0e934d81?sign=3394633161

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/939a5e80-a6bd-11ec-8677-901b0e934d81?sign=3394633161
date: Fri, 18 Mar 2022 13:16:09 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

rQUo5NVsKGchSygT.flsWe
an.yandex.ru/mapuid/dmpweborama/ Frame 222F
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=1877320107
https://an.yandex.ru/mapuid/dmpweborama/rQUo5NVsKGchSygT.flsWe

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/rQUo5NVsKGchSygT.flsWe

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
via: 1.1 google
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx/1.18.0
location: https://an.yandex.ru/mapuid/dmpweborama/rQUo5NVsKGchSygT.flsWe
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 222F
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 1bal1
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=B403B0E5D6BAC8DB
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=B403B0E5D6BAC8DB

42 B
945 B

31ms
31ms

Image
image/gif

52.212.153.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=B403B0E5D6BAC8DB

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

HTTP/1.1

Server

52.212.153.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-153-175.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0eff5696b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: moAWJTaMSCM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v030-0f3d654ec.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: URDpkzwjSxE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=B403B0E5D6BAC8DB
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 222F 0
238 B 166ms
52ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 101
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

9828cd493a95a81a1bdb6e774f8aee9c4fc1d28b51bcefa1a974a29c2950177a
an.yandex.ru/mapuid/mediascope/ Frame 222F
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/9828cd493a95a81a1bdb6e774f8aee9c4fc1d28b51bcefa1a974a29c2950177a

43 B
152 B

55ms
55ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/9828cd493a95a81a1bdb6e774f8aee9c4fc1d28b51bcefa1a974a29c2950177a

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: ms-counter-3.2.15/1.20.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/9828cd493a95a81a1bdb6e774f8aee9c4fc1d28b51bcefa1a974a29c2950177a
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

e1ead2d8-6e92-4375-ae40-8e87cbdcd93b
an.yandex.ru/mapuid/upravelis/ Frame 222F
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/e1ead2d8-6e92-4375-ae40-8e87cbdcd93b

43 B
80 B

52ms
52ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/e1ead2d8-6e92-4375-ae40-8e87cbdcd93b

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:10 GMT

Redirect headers

date: Fri, 18 Mar 2022 13:16:10 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/e1ead2d8-6e92-4375-ae40-8e87cbdcd93b
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 13:16:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

50ms
44ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 13:16:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=10B551475AA71688&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

54ms
53ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 13:16:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=12BD400D40F27869

0
410 B

73ms
20ms

Image
text/plain

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=12BD400D40F27869
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=12BD400D40F27869
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 222F
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=57380F3CCB65C4F8

68 B
607 B

47ms
46ms

Image
image/png

188.42.29.165
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=57380F3CCB65C4F8
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Server: 188.42.29.165 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=57380F3CCB65C4F8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET /
acint.net/rmatch/ Frame 222F 0
0

GET
H2

200

f590139d-733f-4d9d-93ff-1f9af5c4f715
an.yandex.ru/mapuid/qbitis/ Frame 222F
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
https://an.yandex.ru/mapuid/qbitis/f590139d-733f-4d9d-93ff-1f9af5c4f715

43 B
80 B

50ms
50ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/qbitis/f590139d-733f-4d9d-93ff-1f9af5c4f715

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:10 GMT

Redirect headers

Date: Fri, 18 Mar 2022 13:16:10 GMT
Server: nginx/1.21.0
Location: https://an.yandex.ru/mapuid/qbitis/f590139d-733f-4d9d-93ff-1f9af5c4f715
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H2

200

eddc8351-5af9-514d-8568-6f86e75ce99f
an.yandex.ru/mapuid/betweendigitalis/ Frame 222F
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/eddc8351-5af9-514d-8568-6f86e75ce99f

43 B
82 B

54ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/eddc8351-5af9-514d-8568-6f86e75ce99f

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/eddc8351-5af9-514d-8568-6f86e75ce99f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

7ebe3757-739e-4436-b624-ed891d0d558c
an.yandex.ru/mapuid/mtsdspis/ Frame 222F
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=7ebe3757-739e-4436-b624-ed891d0d558c&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F7ebe3757-739e-4436-b624-ed891d0d558c
https://an.yandex.ru/mapuid/mtsdspis/7ebe3757-739e-4436-b624-ed891d0d558c

43 B
80 B

51ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/7ebe3757-739e-4436-b624-ed891d0d558c

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:10 GMT

Redirect headers

Date: Fri, 18 Mar 2022 13:16:10 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/7ebe3757-739e-4436-b624-ed891d0d558c
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 222F 43 B
390 B 34ms
7ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:09 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 match
dm.hybrid.ai/ Frame 222F 0
237 B 52ms
51ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 116
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 222F 42 B
201 B 105ms
82ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 18 Mar 2022 13:16:10 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

7IxeoKYAbi76h2oDnz8O
an.yandex.ru/mapuid/kadamis/ Frame 222F
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/7IxeoKYAbi76h2oDnz8O

43 B
294 B

52ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/7IxeoKYAbi76h2oDnz8O

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:09 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/7IxeoKYAbi76h2oDnz8O
date: Fri, 18 Mar 2022 13:16:09 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

73yJEhhZLrG.AikABlF_nSvWAA
an.yandex.ru/mapuid/getintentis/ Frame 222F
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/73yJEhhZLrG.AikABlF_nSvWAA

43 B
80 B

51ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/73yJEhhZLrG.AikABlF_nSvWAA

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 13:16:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 18 Mar 2022 13:16:10 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/getintentis/73yJEhhZLrG.AikABlF_nSvWAA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-595018-2&cid=1376453666.1647609369&jid=872459930&gjid=1767282850&_gid=2066051749.1647609369&_u=YEBAAUAAAAAAAC~&z=898809809

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Mar 2022 13:16:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberforum.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/ Frame EE6D
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9581.9Q3AmYDBplFu0diikpxlg4oWA7QWciwiKBjtS6PS2RGWlakVKaFpA8Avrv7xYuqX.kyYqj_zQQk9m9eJz6-J6XrV5o7Q%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9581.AdIIcqauPlQCTjs0yiNR2qe7feC2J6AqODz9pc7RZV04xZhWqPJextjNt-Boiu6ZHcCN5dbt_m1-wg_I1Z8qiHySO_67R-Ria1SvQCm9fIM%2C.qp1uTBXzePgDaGnn5uhkpxBlkGk%2C

43 B
597 B

31ms
31ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9581.AdIIcqauPlQCTjs0yiNR2qe7feC2J6AqODz9pc7RZV04xZhWqPJextjNt-Boiu6ZHcCN5dbt_m1-wg_I1Z8qiHySO_67R-Ria1SvQCm9fIM%2C.qp1uTBXzePgDaGnn5uhkpxBlkGk%2C

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mc.yandex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9581.AdIIcqauPlQCTjs0yiNR2qe7feC2J6AqODz9pc7RZV04xZhWqPJextjNt-Boiu6ZHcCN5dbt_m1-wg_I1Z8qiHySO_67R-Ria1SvQCm9fIM%2C.qp1uTBXzePgDaGnn5uhkpxBlkGk%2C
date: Fri, 18 Mar 2022 13:16:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 60 KB
4 KB 140ms
53ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.hOL_ZlMwVRI.es5.O/d=1/rs=AJlcJMzM5IEdyghUEF9XFD6UzTLhROCe9g/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31dda6cdd8ad7de0d570f703b6bb4f677dab097aa3495bd276e11d988d791f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 13:16:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
DATA 200
OK truncated
/ Frame B085 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db130ab2261c2ff7042b56daa0e0788cad5913d46f5914ca5f054f5d8c13bada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 jmap.php Show response
code.moviead55.ru/ Frame B085 2 B
875 B 22ms
22ms XHR
application/json 193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/jmap.php?v=8d94458a2b7741a172956c4b6a86f3a7&cp.referer=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&it=1&tq=2&cp.cb=7d2054bd-97f1-2950-5a9d-3cab7f32e6cd&session=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&position=pre&vt=%5Bvt%5D&ostream=true&b=1&isp=0&suri=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D90%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html&raw=yes&sid=base&sova=false&rcnt=0&vid=6d8c69170afd1cc11823bc86f8528336&fpr=null&tanc=https%3A%2F%2Fwww.cyberforum.ru
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: gzip
server: nginx
x-movieads-udt: ["Chrome Dev","desktop","Windows"]
x-movieads-udata: cache
vary: Accept-Encoding
x-movieads-referrer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
access-control-allow-origin: https://videotoday.site
access-control-expose-headers: X-Movieads-Queue, X-Response-Id, X-Movieads-Country, X-Movieads-City
x-movieads-country: DE
x-yac-source: Yac
server-timing: Bootstrap;dur=0.05, jmap_1;dur=0.00, jmap_2;dur=0.78, jmap_3;dur=0.05, jmap_4;dur=0.10, jmap_5;dur=0.12, jmap_6;dur=3.48, LocalRedis;dur=0.83, Redis_get_queue_DE_autoplay_0_pre_8d94458a2b7741a172956c4b6a86f3a7;dur=0.77, Redis_get_db_links_222_8d94458a2b7741a172956c4b6a86f3a7_DE;dur=1.21, Redis_get_links_seq_def_1_8d94458a2b7741a172956c4b6a86f3a7_DE_new;dur=0.27
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-movieads-city: Kelsterbach

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame B085 43 B
72 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:16:09 GMT

GET
H2 200 ea5a8f4613d4f23f4709.js Show response
yastatic.net/partner-code-bundles/55963/ 36 KB
10 KB 30ms
30ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55963/ea5a8f4613d4f23f4709.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

07ea54c38ee82bf28d6dd22d390a67ac20e0c8ecf84327509f9e50d532e33a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 9872
last-modified: Thu, 17 Mar 2022 16:40:12 GMT
server: nginx/1.17.9
etag: "37cd411af6c3db02a33f1da31fa778b0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:48:35 GMT

GET
H2 200 ec0a4054d71598856f83.js Show response
yastatic.net/partner-code-bundles/55963/ 11 KB
4 KB 31ms
30ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55963/ec0a4054d71598856f83.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d039a518fa774503cb72050fcb417180dc28246b07d36970f1ef419ce69e5a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3072
last-modified: Thu, 17 Mar 2022 16:40:12 GMT
server: nginx/1.17.9
etag: "1b9cc43ba00266d0f986fed9ba408d55"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:51:13 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame A20E 24 KB
7 KB 35ms
32ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/

Response headers

server: nginx/1.17.9
date: Fri, 18 Mar 2022 13:16:09 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 17 Mar 2052 19:48:07 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
63ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-595018-2&cid=1376453666.1647609369&jid=872459930&_u=YEBAAUAAAAAAAC~&z=884210385

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 148ms
63ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-595018-2&cid=1376453666.1647609369&jid=872459930&_u=YEBAAUAAAAAAAC~&z=884210385

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXRo1QDtQzHg16seknoO6wXEjuv4CZJqLHXs6YiA4QAfMOB8qz6yk68pXs16SH-bxYTRKaIcTCT8LWP31k4G9O73v606QJwoVK7a1Pah2aSFaxhjDfyHBvoiNoxEK26mbEVpUVWQXfInBEo07G1ElR_18uSheffvzIN93ULLctgeBAE32VtPJ76AhIG Show response
fundingchoicesmessages.google.com/el/ 0
25 B 52ms
51ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXRo1QDtQzHg16seknoO6wXEjuv4CZJqLHXs6YiA4QAfMOB8qz6yk68pXs16SH-bxYTRKaIcTCT8LWP31k4G9O73v606QJwoVK7a1Pah2aSFaxhjDfyHBvoiNoxEK26mbEVpUVWQXfInBEo07G1ElR_18uSheffvzIN93ULLctgeBAE32VtPJ76AhIG?dmid=5f4fb49a2cdf6104

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ljOSUQu4Pm47g+G23Fs69g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ljOSUQu4Pm47g+G23Fs69g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ljOSUQu4Pm47g+G23Fs69g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ljOSUQu4Pm47g+G23Fs69g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
277 B 157ms
49ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e75517df278bc0b8f6f6a4fb4383896558bfcd2e9db2957dda58f4a49935a7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://www.cyberforum.ru
date: Fri, 18 Mar 2022 13:16:09 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 t.js Show response
intelaxa.com/ Frame A20E 40 KB
11 KB 41ms
8ms Script
application/javascript 18.66.97.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/t.js?i=lgz4cjpe86clto16p3hf&cb=5159581647609369840
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6103e6cbefbf86900a4f1fce48f124b93921e7c0ca6231e5e283b076b422827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:14:29 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 12:37:22 GMT
server: AmazonS3
age: 72101
etag: W/"2f1a556ba2d0cfe8419072b7e55b184b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-version-id: 1vkcGzOQL03tkCCEdMWqoUPTRufbByaB
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: ZzYr2D7DJ_Gk0__FjTmJY6Zog46x0cmfkXU_UmnNIhTjCIy_IrC_dA==

GET
H2 200 t.js Show response
intelaxa.com/ Frame A20E 40 KB
11 KB 40ms
8ms Script
application/javascript 18.66.97.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intelaxa.com/t.js?i=lgz4cjpe86clto16p3hf&cb=6652771647609369840
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6103e6cbefbf86900a4f1fce48f124b93921e7c0ca6231e5e283b076b422827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 17:14:29 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 12:37:22 GMT
server: AmazonS3
age: 72101
etag: W/"2f1a556ba2d0cfe8419072b7e55b184b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-version-id: 1vkcGzOQL03tkCCEdMWqoUPTRufbByaB
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: f0MQft-7JfmeG5wXELG3JNK8I4cNOyOkOytf184wLaZPA27XqITzjA==

GET
H2 200 1299351 Show response
yandex.ru/ads/meta/ 3 KB
3 KB 133ms
132ms XHR
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1299351?target-ref=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&pcode-test-ids=512023%2C0%2C20%3B545844%2C0%2C60%3B545902%2C0%2C30%3B541544%2C0%2C93%3B543067%2C0%2C83%3B542737%2C0%2C58%3B406668%2C0%2C1%3B545266%2C0%2C89%3B542720%2C0%2C32&pcode-flags-map=eJy1V9mO2zYU%2FZXCz0ZBkVozT5REy8RQpEJSXhIEF2k7fQqKop0GBYL8e68WL5Jn5MlD%2FWDZgM8h73LOvf62EprnSkBhSlE42G%2BlF0o6v3r38dvq6%2Bcv%2Fzyt3q28bcVqvXp%2B%2BvtZ%2FobfQ5qRKFt9%2F7ReldL1%2BFJseKs8%2BK2oBYi68UcoW8u9NPouV8J6rlqUksNGIl0uPWIFNFYaK5Frwwtv7ISJ%2FEy6V3DDFvZsO6NavEreem80cC3r28sMwd8QJD1Bq%2BXGWES9BTJko9hyXWEylSweMRXWtNUWlKlkMeHAWPAmp6udYpxwMppQ2nOOBdo12Vik5XSGQZIF18BLVrG80m%2BhdqL76oWFVpf4zvMSjFbHO8RRSMfMcodB6QrEoYGN4vhhfhT4Y3NTPcB0YqM4aUV5qvDymQmLA%2FbKmXcOmxAHc1Yan1nHu2%2BNFsfGeMwEuJorBY2whdDLSohISNmQbmVMAx%2BEhp0shQGpwVcG%2BKbLc6P4MefF44Tr%2BS98XHPRkJGo57LifSuch13NMVprajhyLNUBbLt8HZowOiTMbc0eFM%2BFukQ0NNwyAyMByc7Jca3diSM2nt4Ji%2Bo2oMUeeFlYgWraifEHE8o%2B%2FilnEKfBmfMGDcjt5tL8GmdB9jsG8zqR84MyXkBHIUswl9fYMCLB1LOkbninVqO9NUp1dbJCGV5KXU3Ynv79c0aVjVLg5cYcoLYFVt3JXKquATHfvQMscYRYKUZOPtMdKgZ98Lq5xnVNMoGlLBthKGPnbNdoM8ztWWfQi%2FfN8cp7LSaS%2BYiZjmmyphFafYSPNE2DNYvCIE3XlGUR6x4RSeI1jcMwZGtKaEDI6SeMZHGM8IRkJEB4Eobpp4kIs4AE453ACdSNyZ3Adpgq9%2BmPz798eZpaY0yzwaE3EmPB%2BLdCVlsP2i%2BnIYzYaI0oUwroQuhFlQYawHuG3SQaYIsEEaXZoC5sFHQZsD7H%2FCupxSIuoVk03Lgwre5ldNjaRUiapGOL7WVZCbQlVULJPV9sTBJmZJgaZ7%2BA0tRc6mVYQtloiCfvKkydG9i0SjlUq1jGB2g65FyR3JpHLCdWAyory2VkEqXxixcGVKm3Ml%2BEY8fFkywhrumm5CKKhUGQXPqgCxInY4mjEXeEahkbBmFKLtiTleTGdgK26B2t%2B%2BmNDMME6wy14ZbX7g4sjtl1qD%2BMO%2FIuuUNWgas9P95BstMmUW4aVItrjEbP8bIWpp2ORYp72BQbEjYUpi9H57FuPktvXRVprlxq8OLTed3gX4aHSUJv4XKDAwf23bi418avMJwusOOqnTQHIy%2Bjf2RXQcffqmkdAjLPZoDeelmDTj3Xz5j%2BE0c3cgMX0n7AecYV1KZfMj3H6TL1mr7LH7z0Sjzkpjw%2B9HprrXoQB1zKAP3s0c1Kk4aX3W%2FCjKXt3huuhMeFXfN6KqD%2BHwXk1QLfUkDd2iGL%2FzWc8wL4htTdrEsXKl668nE%2BvrpVAR15tjyMHj0zWyv2HF2kfM11f33%2BMlN2NB6N0sKFGieSuYNgJE6uGpwcCPS72B3Pw10leXV9WNpWSBzH6cUGbrITZTGbe0DczYPv%2FwH4jjKW&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic&pcode-icookie=v0ufkaTFuGYcN40gERP%2FeuRyEUqOI2TczzVMVLADQE5fVdm2qRFY%2F6JGN0BmzrPADEWryBJBioXJLUsEQF2%2BKRCdAlA%3D&duid=MTY0NzYwOTM2OTk5NjMzMzYwMQ%3D%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=366738667470850&ad-session-id=1080301647609368954&target-id=61199488&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.cyberforum.ru&top-ancestor-undetermined=0&pcode-version=55963&pcodever=55963&flash-ver=0&available-width=400&skip-token=yabs.NzIwNTc2MDU5MDE4NTAzODkKNzIwNTc2MDU4ODU4MTY0NzQ%3D&gdpr=1&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A400%2C%22h%22%3A250%2C%22width%22%3A400%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1200%2C%22top%22%3A1075%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A2%2C%22req_no%22%3A3%7D&grab-orig-len=2048&grab=dNCQ0LLRgtC-0YDQuNC30LDRhtC40Y8g0L3QsCDRgdCw0LnRgtC1INC4INCy0LLQvtC0INC00LDQvdC90YvRhSDQsiDQv9C-0LvRjyAtIFBvd2VyU2hlbGwgLSDQmtC40LHQtdGA0YTQvtGA0YPQvAox0JDQstGC0L7RgNC40LfQsNGG0LjRjyDQvdCwINGB0LDQudGC0LUg0Lgg0LLQstC-0LQg0LTQsNC90L3Ri9GFINCyINC_0L7Qu9GPIAoxQ3liZXJGb3J1bS5ydSBhc2tzIGZvciB5b3VyIGNvbnNlbnQgdG8gdXNlIHlvdXIgcGVyc29uYWwgZGF0YSB0bzogCjFNYW5hZ2UgeW91ciBkYXRhIAoxQ29uZmlybSBvdXIgdmVuZG9ycyAKMQoyV2VsY29tZSB0byBDeWJlckZvcnVtLnJ1IAoyU3RvcmUgYW5kL29yIGFjY2VzcyBpbmZvcm1hdGlvbiBvbiBhIGRldmljZSAKMlNlbGVjdCBiYXNpYyBhZHMgCjJDcmVhdGUgYSBwZXJzb25hbGlzZWQgYWRzIHByb2ZpbGUgCjJTZWxlY3QgcGVyc29uYWxpc2VkIGFkcyAKMkNyZWF0ZSBhIHBlcnNvbmFsaXNlZCBjb250ZW50IHByb2ZpbGUgCjJTZWxlY3QgcGVyc29uYWxpc2VkIGNvbnRlbnQgCjJNZWFzdXJlIGFkIHBlcmZvcm1hbmNlIAoyTWVhc3VyZSBjb250ZW50IHBlcmZvcm1hbmNlIAoyQXBwbHkgbWFya2V0IHJlc2VhcmNoIHRvIGdlbmVyYXRlIGF1ZGllbmNlIGluc2lnaHRzIAoyRGV2ZWxvcCBhbmQgaW1wcm92ZSBwcm9kdWN0cyAKMkVuc3VyZSBzZWN1cml0eSwgcHJldmVudCBmcmF1ZCwgYW5kIGRlYnVnIAoyVGVjaG5pY2FsbHkgZGVsaXZlciBhZHMgb3IgY29udGVudCAKMk1hdGNoIGFuZCBjb21iaW5lIG9mZmxpbmUgZGF0YSBzb3VyY2VzIAoyTGluayBkaWZmZXJlbnQgZGV2aWNlcyAKMlJlY2VpdmUgYW5kIHVzZSBhdXRvbWF0aWNhbGx5LXNlbnQgZGV2aWNlIGNoYXJhY3RlcmlzdGljcyBmb3IgaWRlbnRpZmljYXRpb24gCjJVc2UgcHJlY2lzZSBnZW9sb2NhdGlvbiBkYXRhIAoyRXhwb25lbnRpYWwgSW50ZXJhY3RpdmUsIEluYyBkL2IvYSBWRFgudHYgCjJSb3EuYWQgSW5jLiAKMkluZGV4IEV4Y2hhbmdlLCBJbmMuIAoyUXVhbnRjYXN0IEludGVybmF0aW9uYWwgTGltaXRlZCAKMkJlZXN3YXhJTyBDb3Jwb3JhdGlvbiAKMlNvdnJuIEhvbGRpbmdzIEluYyAKMkFkaWt0ZWV2IAoyUlRCIEhvdXNlIFMuQS4gCjJXaWRlc3BhY2UgQUIgCjJUaGUgVHJhZGUgRGVzayAKMmFkbWV0cmljcyBHbWJIIAoyQW1vYmVlIEluYy4gCjJFcHNpbG9uIAoyWWFob28gRU1FQSBMaW1pdGVkIAoyQUR2ZW50b3JpIFNBUyAKMlRyaXBsZUxpZnQsIEluYy4gCjJYYW5kciwgSW5jLiAKMk5FT1JZIEdtYkggCjJVbnJ1bHkgR3JvdXAgTExDIAoyTkVVUkFMLk9ORSAKMkFESVRJT04gdGVjaG5vbG9naWVzIEdtYkggCjJBY3RpdmUgQWdlbnQgKEFESVRJT04gdGVjaG5vbG9naWVzIEdtYkgpIAoyVGFib29sYSBFdXJvcGUgTGltaXRlZCAKMlNtYXJ0IEFkc2VydmVyIAoyQWRmb3JtIAoyTWFnbml0ZSwgSW5jLiAKMkFEQVJBIE1FRElBIFVOTElNSVRFRCAKMlNpZnQgTWVkaWEsIEluYyAKMlJha3V0ZW4gTWFya2V0aW5nIExMQyAKMkF2b2NldCBTeXN0ZW1zIExpbWl0ZWQgCjJMaWZlU3Ry&uniformat=true&callback=Ya%5B1413745966752%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

93fc2e3b0083299635ed98838dbb0811ebe6fa3565c82beba9080894f37f07bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1647609369867650-711715855613909147-man1-8149-man-l7-balancer-8080-BAL-3375
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 18 Mar 2022 13:16:09 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:16:09 GMT

GET
H2 200 26812653 Show response
mc.yandex.com/watch/ 345 B
589 B 33ms
32ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fo%2Fj%2Fk%2Fk%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A770%3Acn%3A2%3Adp%3A0%3Als%3A510045058755%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609369%3Ac%3A1%3Arn%3A236278352%3Arqn%3A1%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647609367950%3Ads%3A169%2C31%2C284%2C1%2C%2C0%2C%2C604%2C15%2C%2C%2C%2C1111%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647609370%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&t=gdpr(14)mc(p-1)aw(1)cs(4)efid(1)afr(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9fd3f0a0784a6cc63991d154efdc06923948505a2acec24086c6fbd26f644b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 345
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

GET
H2 200 50312308 Show response
mc.yandex.com/watch/ 357 B
545 B 33ms
32ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/50312308?wmode=7&page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A770%3Acn%3A1%3Adp%3A0%3Als%3A871016213128%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609369%3Ac%3A1%3Arn%3A102947349%3Arqn%3A1%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647609367950%3Ads%3A169%2C31%2C284%2C1%2C%2C0%2C%2C604%2C15%2C%2C%2C%2C1111%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647609370%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&t=gdpr(14)aw(1)cs(k77cad)efid(1)afr(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0d8175de9dc95ace0e44167b2895f44b27a36869f9864f4696ee4fb1e312c4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v126/ 121 KB
122 KB 119ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v126/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:57:23 GMT
x-content-type-options: nosniff
age: 325126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124372
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 18:26:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 18:57:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 182ms
106ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 12486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:48:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 225ms
153ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:29:47 GMT
x-content-type-options: nosniff
age: 20782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 07:29:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 142ms
78ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 225062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:07 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
85 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A770%3Acn%3A2%3Adp%3A1%3Als%3A510045058755%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A478237683%3Arqn%3A2%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370&t=gdpr(14)mc(p-4-h-1)lt(33700)aw(1)cs(42)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26812653/ 43 B
73 B 33ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A770%3Acn%3A2%3Adp%3A1%3Als%3A510045058755%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A930991576%3Arqn%3A3%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370&t=gdpr(14)mc(p-4-h-1)lt(33700)aw(1)cs(422)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/50312308/ 43 B
73 B 34ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/50312308/1?page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A770%3Acn%3A1%3Adp%3A1%3Als%3A871016213128%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A936118789%3Arqn%3A2%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370&t=gdpr(14)mc(p-4-h-1)lt(33700)aw(1)cs(k77cad2)efid(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cyberforum.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:09 GMT
last-modified: Fri, 18-Mar-2022 13:16:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:09 GMT

GET
H2 200 unfriendly.gif
intelaxa.com/p/ Frame A20E 0
368 B 7ms
7ms Image
image/gif 18.66.97.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelaxa.com/p/unfriendly.gif?cix=lgz4cjpe86clto16p3hf
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: EE9hgHBeXFHY2gb85mUsL1p1qwyR4gS_
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 17:22:36 GMT
server: AmazonS3
age: 41756
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/gif
date: Fri, 18 Mar 2022 08:38:07 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: t_xPUivluSOVt-OjWWZdQCS0HgfwxvgHJ5QFBEu9i9V21QxPLB-kDw==

GET
H2 200 68f37381e4d2f35131fb.js Show response
yastatic.net/partner-code-bundles/55954/ 36 KB
10 KB 31ms
30ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/55954/68f37381e4d2f35131fb.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0a9ecd3e86ecdc1ad5f3517d15711636edb1a9ad6dc8c7eea86f2246a5c26f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.cyberforum.ru/
Origin: https://www.cyberforum.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:09 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 9870
last-modified: Thu, 17 Mar 2022 16:41:28 GMT
server: nginx/1.17.9
etag: "86cc4b41652d7fc95bfc1efeeabd46ce"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Mar 2052 19:49:48 GMT

GET
H2 200 1299351 Show response
mc.yandex.com/watch/ 319 B
426 B 34ms
33ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1299351?wmode=7&page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A4%3Adp%3A0%3Als%3A1366452138133%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131609%3Aet%3A1647609370%3Ac%3A1%3Arn%3A346311923%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&t=gdpr(14)mc(p-4-h-1)lt(33700)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5a0cf62cf26799a49986dd9fcc257680a237b44105c29c43424e353b7d1bb3d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 319
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:10 GMT

POST
H2 200 1
mc.yandex.com/watch/1299351/ 43 B
73 B 33ms
33ms Ping
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1299351/1?page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A4%3Adp%3A0%3Als%3A1366452138133%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131610%3Aet%3A1647609370%3Ac%3A1%3Arn%3A147776131%3Arqn%3A1%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Ads%3A169%2C31%2C284%2C1%2C%2C0%2C%2C604%2C15%2C%2C%2C%2C1111%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370&t=gdpr(14)mc(p-5-h-2)lt(33700)aw(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221080301647609368954%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
last-modified: Fri, 18-Mar-2022 13:16:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:10 GMT

GET
H2 200 1299351 Show response
mc.yandex.com/watch/ 43 B
73 B 34ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1299351?page-url=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A4%3Adp%3A0%3Als%3A1366452138133%3Ahid%3A767561166%3Az%3A0%3Ai%3A20220318131610%3Aet%3A1647609370%3Ac%3A1%3Arn%3A793477483%3Arqn%3A2%3Au%3A1647609369996333601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1647609367950%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609370%3At%3A%D0%90%D0%B2%D1%82%D0%BE%D1%80%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B0%D0%B9%D1%82%D0%B5%20%D0%B8%20%D0%B2%D0%B2%D0%BE%D0%B4%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D0%B2%20%D0%BF%D0%BE%D0%BB%D1%8F%20-%20PowerShell%20-%20%D0%9A%D0%B8%D0%B1%D0%B5%D1%80%D1%84%D0%BE%D1%80%D1%83%D0%BC&t=gdpr(14)mc(p-5-h-2)lt(33700)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:10 GMT
last-modified: Fri, 18-Mar-2022 13:16:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.cyberforum.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:10 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 222F 105 KB
37 KB 37ms
37ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 21 Mar 2022 01:13:54 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: b442ff877180e7b7

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 222F 138 KB
49 KB 395ms
394ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-c3d1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50129
expires: Fri, 18 Mar 2022 14:16:11 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 222F 403 B
740 B 137ms
137ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.cyberforum.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

69dfa23fee5f8bc933a75388d335ac6aee817178bcd2bab65734f55f85c2a605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET ovp.php
videotoday.site/ Frame B085 0
0

GET
H3 200 ovp.php Show response
videotoday.site/ Frame B085 10 KB
4 KB 28ms
28ms Document
text/html 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202203181616.js?v=8d94458a2b7741a172956c4b6a86f3a7&_t=1647609368745.745
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46fc00671aed6bbab5a4fd7c6175fd1c8fba422b686602b29fefcbef2ca5e1aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/powershell/thread2416870.html

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: DE
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61SBeWEELUXTN6pO%2BFSc0WrXHhcb6O%2FH%2BCk86W4W%2FZDYbRndEUgxPsAHKW2%2FCut00%2BKHlmHRPkVbA%2BQPHkfGuHkPc29NJjkkPjmqdHktk73e4mmz1RNm3cqkkytD5Ht2va7tXYxmCljn5szyfrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ede3dcaa9d68fd6-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 plyr.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 37 KB
5 KB 50ms
31ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.css

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd367f76a977afab78d96c84f6779c0cf8963fe0586d553f5e45a4cd6783c762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1139517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4660
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-9309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MT64KmFYD%2Fye01dm8SUY4o2DFOKhQ%2BZenal7b9RD13fir6OSN8cc%2F2dAdMRAaf14mHsY9I7y7mEm4AF9NEqVsU8eayV0jGQXQWsVXU1e3NepAV9O2xlecU2djvH1keT9DytO7Ixcpb7DTaOt2Rcg2fFj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dcb09799a12-FRA
expires: Wed, 08 Mar 2023 13:16:11 GMT

GET
H3 200 plyr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 118 KB
29 KB 41ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.min.js

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf294fce72e402fc8912f348cf3855a5501cb955dbeedaa92eea6a47a434fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Origin: https://videotoday.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 749149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29152
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-1d736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1GT88NWQGjIM5v%2BY2wcZ0BbP6WxJEekr6T%2BfKEg73g0nBEex06ipMoBWNPF22H13X8qTW9AkVzAqCywmOIOH%2BLKYS1KEzCYOknyhMUeOb7v0OaTlo6Yb2EVlL7TgHYPxtCF46ya1lF4tEhqTjEX8upn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dcb0ac990dc-FRA
expires: Wed, 08 Mar 2023 13:16:11 GMT

GET
H3 200 fload.js Show response
videotoday.site/ Frame B085 6 KB
3 KB 22ms
21ms Script
application/javascript 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/fload.js?v3
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b8c3d797a3c48dc6e72584f65dc87b89c2df868cd20ec1c88d60237675e9de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2097
x-movieads-country: RU
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 07:22:41 GMT
server: cloudflare
etag: W/"61dd3041-186a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSlH1gHInlSGockqB9KERvD%2Fx2Bn6JiB2d%2FOCpe2Ac4zxoqspCB8%2Ffc2rUdH4hqnqf7hfLEEN75cWTHonzyfRXbsvkrEcnsNyz5j6Rtt1SOjqI8Rc%2BH9s%2BmQtVUauOr918iNJMefDoS6qayErVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ede3dcaea598fd6-FRA

GET
H3 200 hls.js Show response
cdn.jsdelivr.net/npm/ Frame B085 315 KB
92 KB 47ms
37ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13012
x-jsd-version: 1.1.5
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eb29-4v2sGw7mpSOmcj8olLhMCR3UuXM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ede3dcaffd3695d-FRA

GET
H2

200

bzcookiesync.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D
https://code.moviead55.ru/bzcookiesync.php?bzcookie=8dfe80b5-2813-460e-629d-31d2dd47f329

0
252 B

17ms
17ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/bzcookiesync.php?bzcookie=8dfe80b5-2813-460e-629d-31d2dd47f329
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/bzcookiesync.php?bzcookie=8dfe80b5-2813-460e-629d-31d2dd47f329
date: Fri, 18 Mar 2022 13:16:11 GMT
server: nginx
content-length: 123
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 204 match Show response
dm-eu.hybrid.ai/ Frame B085 0
238 B 15ms
15ms Script
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_hbrd2.php%3Fhbrdcookie2%3D%24%7BVID%7D

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 515
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

cookiesync_btw.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

0
253 B

19ms
18ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET

rmatch
acint.net/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_sape.php
https://www.acint.net/rmatch?dp=167&euid=c6dd1c5c-9cbe-4f2c-ae57-3690a95c8920&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=c6dd1c5c-9cbe-4f2c-ae57-3690a95c8920
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fcookiesync_sape.php%253Fsapecookie%253D$%257BUSER...
https://acint.net/rmatch?dp=14&euid=0100007F1B8634621B00757B02473D4A&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D$%7BUSER_ID%7D

0
0

GET
H2

200

cookiesync_target.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_target.php
https://match.new-programmatic.com/userbind?src=skyadvert&id=e6775b26-d375-47c7-a394-f5476ab4f611
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

0
228 B

22ms
22ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

Date: Fri, 18 Mar 2022 13:16:11 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

/ Show response
s.uuidksinc.net/match/1062/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_kadam.php
https://s.uuidksinc.net/match/1062/?remote_uid=d76ae845-b340-4d55-8e98-ef7eb0625684

74 B
240 B

15ms
15ms

Script
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.uuidksinc.net/match/1062/?remote_uid=d76ae845-b340-4d55-8e98-ef7eb0625684
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 1ee70acbd3b0edaf32c0d04341fe602fb7fd51d8924cd737287696b26f0ecae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://s.uuidksinc.net/match/1062/?remote_uid=d76ae845-b340-4d55-8e98-ef7eb0625684
date: Fri, 18 Mar 2022 13:16:11 GMT
x-movieads-country: DE
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 skyadvert Show response
sync.quantumdex.io/usersync/ Frame B085 0
0 147ms
146ms Script
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/skyadvert
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 mstream.min.js Show response
user91471.clients-cdnnow.ru/vp_dist/ Frame B085 175 KB
52 KB 28ms
27ms Script
application/javascript 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 59c10cdf6276df542a02482f83c87a9b478e953e645d09ca18e196547b5c2576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
etag: W/"6231a6e9-2bb5c"
last-modified: Wed, 16 Mar 2022 08:59:21 GMT
server: nginx
x-edge-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
x-movieads-country: RU
x-edge-ip: 172.19.25.189

GET
DATA 200
OK truncated Show response
/ Frame B085 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1400de002ed04668de976192cbf02ee5c017e6621126f9c3962b26d45ad6cd32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 18ms
17ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=prev_session&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
BLOB 200
OK 7dbe5d25-f7ae-4132-8364-adf3deaf0b9b
https://videotoday.site/ Frame B085 168 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videotoday.site/7dbe5d25-f7ae-4132-8364-adf3deaf0b9b
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9f364d09959a9d9bd4fe5c18a1f6d7350e17ac7a0a6567936bb6a8858f1115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 168
Content-Type: text/javascript

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 222F 39 KB
15 KB 149ms
65ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 13:16:11 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 222F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G4Y0Yq3THtikbNDAiIgF&r...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538&ipr=y

42 B
64 B

70ms
69ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=578294954&crd=&is_vtc=1&random=869492538&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 222F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G4Y0Yv7WHtWDbLrMqsAN&r...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400&ipr=y

42 B
64 B

49ms
49ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=601357100&crd=&is_vtc=1&random=1297490400&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 17ms
17ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=player_frame_loaded&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=1&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
H/1.1 200
OK hit
counter.yadro.ru/ Frame B085 132 B
437 B 43ms
43ms Image
image/gif 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?t44.6;rhttps%3A//www.cyberforum.ru/powershell/thread2416870.html;s1600*1200*24;uhttps%3A//videotoday.site/ovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D1103%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html%26rel%3Dtrue%26rnd%3D1647609371297%26cnt%3D1;h;0.43440746705518807

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:11 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Wed, 17 Mar 2021 21:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B085 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db130ab2261c2ff7042b56daa0e0788cad5913d46f5914ca5f054f5d8c13bada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 jmap.php Show response
code.moviead55.ru/ Frame B085 2 B
900 B 19ms
18ms XHR
application/json 193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/jmap.php?v=8d94458a2b7741a172956c4b6a86f3a7&cp.referer=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&it=1&tq=2&cp.cb=602c672a-29ce-d06b-eaa6-562bcc8457a0&session=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&position=pre&vt=%5Bvt%5D&ostream=true&b=1&isp=0&suri=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D1103%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html%26rel%3Dtrue%26rnd%3D1647609371297%26cnt%3D1&raw=yes&sid=base&sova=false&rcnt=1&vid=6d8c69170afd1cc11823bc86f8528336&fpr=null&tanc=https%3A%2F%2Fwww.cyberforum.ru
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
server: nginx
x-movieads-udt: ["Chrome Dev","desktop","Windows"]
x-movieads-udata: cache
vary: Accept-Encoding
x-movieads-referrer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1
access-control-allow-origin: https://videotoday.site
access-control-expose-headers: X-Movieads-Queue, X-Response-Id, X-Movieads-Country, X-Movieads-City
x-movieads-country: DE
x-yac-source: Yac
server-timing: Bootstrap;dur=0.05, jmap_1;dur=0.00, jmap_2;dur=0.80, jmap_3;dur=0.06, jmap_4;dur=0.10, jmap_5;dur=0.08, jmap_6;dur=1.67, LocalRedis;dur=0.28, Redis_get_queue_DE_autoplay_0_pre_8d94458a2b7741a172956c4b6a86f3a7;dur=0.19, Redis_get_db_links_222_8d94458a2b7741a172956c4b6a86f3a7_DE;dur=0.68, Redis_get_links_seq_def_1_8d94458a2b7741a172956c4b6a86f3a7_DE_new;dur=0.16
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-movieads-city: Kelsterbach

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 222F 3 KB
1 KB 107ms
56ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1647609371565&cv=9&fst=1647609371565&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0d62ac9b4c175a718931450412233d5ea7ed83152936ff2bfc664fa2e4015a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 222F 3 KB
1 KB 104ms
55ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1647609371570&cv=9&fst=1647609371570&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffc88d09d20ad928056d0db89dd0cd8eebadb17605565cefd78a348b8245c5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 222F 3 KB
1 KB 104ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1647609371573&cv=9&fst=1647609371573&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030ca09818f152c243f7c42ffe866619c2a9727d6f2356477d2c46795de59a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 222F 3 KB
1 KB 179ms
133ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1647609371574&cv=9&fst=1647609371574&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8035564286c332c1ca43013c1daa0d7372e3f42cab2c4f2df1a826b04c59029f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 222F 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1647609371570&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=3699031236&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 222F 42 B
64 B 96ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1647609371570&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=3699031236&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 222F 42 B
64 B 57ms
56ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1647609371565&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=2947110298&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 222F 42 B
64 B 92ms
50ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1647609371565&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=2947110298&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 222F 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1647609371573&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=1423045846&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 222F 42 B
64 B 94ms
51ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1647609371573&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=1423045846&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 222F 174 B
273 B 32ms
31ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A160974280651%3Ahid%3A683952734%3Az%3A0%3Ai%3A20220318131611%3Aet%3A1647609372%3Ac%3A1%3Arn%3A187732812%3Arqn%3A1%3Au%3A164760937258149953%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609369243%3Ads%3A0%2C0%2C31%2C1%2C3%2C0%2C%2C277%2C0%2C313%2C313%2C0%2C313%3Aco%3A0%3Ast%3A1647609372&t=gdpr()aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d260104ad7f2116c6b87d4df0957a2787c759f5ce2b42881f150d55a5143e16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 174
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:11 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 222F 43 B
100 B 32ms
32ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:11 GMT
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 18 Mar 2022 14:16:11 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 222F 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1647609371574&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=4088973869&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 222F 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1647609371574&cv=9&fst=1647608400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.cyberforum.ru%2F&async=1&fmt=3&is_vtc=1&random=4088973869&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 222F 357 B
494 B 32ms
31ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.cyberforum.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Agqny5kf8o1qwi6kkxr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A1%3Als%3A1643049536174%3Ahid%3A683952734%3Az%3A0%3Ai%3A20220318131611%3Aet%3A1647609372%3Ac%3A1%3Arn%3A581154618%3Arqn%3A1%3Au%3A164760937258149953%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1647609369243%3Ads%3A0%2C0%2C31%2C1%2C3%2C0%2C%2C277%2C0%2C313%2C313%2C0%2C313%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647609372%3At%3A&t=gdpr(6)lt(7700)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4bd69582a25c69ba25cafc91e389a5e859c7c272251bd1b4fcab04a4c3176a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:11 GMT
x-content-type-options: nosniff
last-modified: Fri, 18-Mar-2022 13:16:11 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Fri, 18-Mar-2022 13:16:11 GMT

GET ovp.php
videotoday.site/ Frame B085 0
0

GET
H3 200 ovp.php Show response
videotoday.site/ Frame B085 10 KB
4 KB 33ms
32ms Document
text/html 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202203181616.js?v=8d94458a2b7741a172956c4b6a86f3a7&_t=1647609368745.745
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d218d0b25e577f8f6216e6ed2f8e7bc8e21dd22211016aa4f5a5e314bcaf84a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/powershell/thread2416870.html

Response headers

date: Fri, 18 Mar 2022 13:16:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: DE
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04BiMXcihn0lLBc1rtrWSK0Iz38swPiZCip08q6VjF9X9F6Mt%2FmfA5mhUOSr76xeAbwWrEs%2BGcHDe4CVlRS0B1cAeC1QWEtCTOneNLz%2BcgHJv5KjUPHMRNymOXVhry9L43vKjg0OWkSeH3G0b%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ede3dd51aec8fd6-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 plyr.css
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 37 KB
5 KB 24ms
24ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.css

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd367f76a977afab78d96c84f6779c0cf8963fe0586d553f5e45a4cd6783c762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1139519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4660
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-9309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwuVV5cmCt2r5hrMOPMo2rTPWRIrIijH7CLK3WjC6MzLjzVFWLnobmVxYk8mMOwBGQoMgBiK1XWzN%2Bm5D5F6RO%2BVIZW9mzyyFkQgFN%2F8Eku0i4Rw%2BUjtAkG34QhG5aYYyy%2Bf993HDo4W81bTzKtH7hKb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dd55af79a12-FRA
expires: Wed, 08 Mar 2023 13:16:13 GMT

GET
H3 200 plyr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/ Frame B085 118 KB
29 KB 22ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.3/plyr.min.js

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf294fce72e402fc8912f348cf3855a5501cb955dbeedaa92eea6a47a434fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Origin: https://videotoday.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 749151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29152
timing-allow-origin: *
last-modified: Wed, 25 Nov 2020 17:52:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fbe99da-1d736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J5WINaSjINbE8fRrkrSEM1pVWiIRd%2FGeIGnX5eI4l9%2BHG9ZoDipUcODM6AItVkF5%2BGD7hp%2FnDmLvgFvaBTY5wTFJji7ux63N%2B6iXXpuLX5%2FfXKLQVkNevuC11%2BaGaivAjQSDsn%2F5mpTa9CKwOH51qLH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ede3dd55cf090dc-FRA
expires: Wed, 08 Mar 2023 13:16:13 GMT

GET
H3 200 fload.js Show response
videotoday.site/ Frame B085 6 KB
3 KB 39ms
38ms Script
application/javascript 2606:4700:3035::ac43:dac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/fload.js?v3
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b8c3d797a3c48dc6e72584f65dc87b89c2df868cd20ec1c88d60237675e9de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099
x-movieads-country: RU
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 11 Jan 2022 07:22:41 GMT
server: cloudflare
etag: W/"61dd3041-186a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlUPcg4KSKA4bkeuGSgMYqy3NAQBQfjxw5N5zZklci%2FMayoWkbxANrUxxJOn7gmoudOD3M72PfB9YDGnCTOOePUZ3%2FA2KngK80nBhhf72qc4xWrz57DCOf3U3zPMeX3965O3v%2BK89ThnJCpPOwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 6ede3dd56b5b8fd6-FRA

GET
H3 200 hls.js Show response
cdn.jsdelivr.net/npm/ Frame B085 315 KB
92 KB 30ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13014
x-jsd-version: 1.1.5
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eb29-4v2sGw7mpSOmcj8olLhMCR3UuXM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ede3dd55fd3695d-FRA

GET
H2

200

bzcookiesync.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fbzcookiesync.php%3Fbzcookie%3D%24%7BUUID%7D
https://code.moviead55.ru/bzcookiesync.php?bzcookie=e90b19af-eae1-4410-4103-67d57e2e7ff0

0
251 B

16ms
16ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/bzcookiesync.php?bzcookie=e90b19af-eae1-4410-4103-67d57e2e7ff0
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/bzcookiesync.php?bzcookie=e90b19af-eae1-4410-4103-67d57e2e7ff0
date: Fri, 18 Mar 2022 13:16:13 GMT
server: nginx
content-length: 123
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 204 match Show response
dm-eu.hybrid.ai/ Frame B085 0
238 B 15ms
15ms Script
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_hbrd2.php%3Fhbrdcookie2%3D%24%7BVID%7D

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 13:16:13 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 506
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

cookiesync_btw.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_btw.php%3Fbtwcookie%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f

0
253 B

16ms
16ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

location: https://code.moviead55.ru/cookiesync_btw.php?btwcookie=eddc8351-5af9-514d-8568-6f86e75ce99f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

cookiesync_sape.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_sape.php
https://www.acint.net/rmatch?dp=167&euid=66c3ceea-1b66-429e-a7ff-9c2fccb53ba1&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D
https://code.moviead55.ru/cookiesync_sape.php?sapecookie=0100007F1B863462400072BC02F1D72E

0
250 B

17ms
17ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_sape.php?sapecookie=0100007F1B863462400072BC02F1D72E
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

date: Fri, 18 Mar 2022 13:16:13 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://code.moviead55.ru/cookiesync_sape.php?sapecookie=0100007F1B863462400072BC02F1D72E
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

cookiesync_target.php Show response
code.moviead55.ru/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_target.php
https://match.new-programmatic.com/userbind?src=skyadvert&id=f1f9955b-118f-43e7-9dd5-3ace2ccc67b8
https://code.moviead55.ru/cookiesync_target.php?targetcookie=

0
228 B

17ms
17ms

Script
application/javascript

193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

Redirect headers

Date: Fri, 18 Mar 2022 13:16:13 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://code.moviead55.ru/cookiesync_target.php?targetcookie=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

/ Show response
s.uuidksinc.net/match/1062/ Frame B085
Redirect Chain

https://code.moviead55.ru/cookieinit_kadam.php
https://s.uuidksinc.net/match/1062/?remote_uid=b905876c-6edf-44d4-93e4-c6e8e075c4a5

74 B
240 B

16ms
16ms

Script
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.uuidksinc.net/match/1062/?remote_uid=b905876c-6edf-44d4-93e4-c6e8e075c4a5
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 1ee70acbd3b0edaf32c0d04341fe602fb7fd51d8924cd737287696b26f0ecae3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

location: https://s.uuidksinc.net/match/1062/?remote_uid=b905876c-6edf-44d4-93e4-c6e8e075c4a5
date: Fri, 18 Mar 2022 13:16:13 GMT
x-movieads-country: DE
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 skyadvert Show response
sync.quantumdex.io/usersync/ Frame B085 0
0 146ms
145ms Script
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/skyadvert
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 mstream.min.js Show response
user91471.clients-cdnnow.ru/vp_dist/ Frame B085 175 KB
52 KB 27ms
27ms Script
application/javascript 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 59c10cdf6276df542a02482f83c87a9b478e953e645d09ca18e196547b5c2576

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
etag: W/"6231a6e9-2bb5c"
last-modified: Wed, 16 Mar 2022 08:59:21 GMT
server: nginx
x-edge-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
x-movieads-country: RU
x-edge-ip: 172.19.25.189

GET
DATA 200
OK truncated Show response
/ Frame B085 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1400de002ed04668de976192cbf02ee5c017e6621126f9c3962b26d45ad6cd32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 14ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=prev_session&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
BLOB 200
OK adcdbb97-bf4b-440b-a813-b3996e039241
https://videotoday.site/ Frame B085 168 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://videotoday.site/adcdbb97-bf4b-440b-a813-b3996e039241
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef9f364d09959a9d9bd4fe5c18a1f6d7350e17ac7a0a6567936bb6a8858f1115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 168
Content-Type: text/javascript

GET
H2 200 l.php
l2.moviead55.ru/ Frame B085 70 B
197 B 14ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l2.moviead55.ru/l.php?t=player_frame_loaded&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=2&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%220%22%3A%22https%3A%2F%2Fwww.cyberforum.ru%22%7D
Requested by: Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

GET
H/1.1 200
OK hit
counter.yadro.ru/ Frame B085 132 B
437 B 43ms
43ms Image
image/gif 88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 18 Mar 2022 13:16:13 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 132
Expires: Wed, 17 Mar 2021 21:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B085 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db130ab2261c2ff7042b56daa0e0788cad5913d46f5914ca5f054f5d8c13bada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 jmap.php Show response
code.moviead55.ru/ Frame B085 2 B
900 B 21ms
21ms XHR
application/json 193.200.65.147
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/jmap.php?v=8d94458a2b7741a172956c4b6a86f3a7&cp.referer=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&it=1&tq=2&cp.cb=6dae78eb-faf6-ead9-f368-863c8b8bd547&session=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&position=pre&vt=%5Bvt%5D&ostream=true&b=1&isp=0&suri=https%3A%2F%2Fvideotoday.site%2Fovp.php%3Fver%3D1%26autoplay%3D1%26v%3D8d94458a2b7741a172956c4b6a86f3a7%26cb%3D7f8a1d7b-63a3-4756-81ee-7637a3ab630a%26fclose%3Dfalse%26sub_id%3Dbase%26tls%3Dno%26instant%3Dyes%26testad%3Dno%26nomon%3D1%26cdiv%3D1103%26r%3Dhttps%253A%252F%252Fwww.cyberforum.ru%252Fpowershell%252Fthread2416870.html%26rel%3Dtrue%26rnd%3D1647609372966%26cnt%3D2&raw=yes&sid=base&sova=false&rcnt=2&vid=6d8c69170afd1cc11823bc86f8528336&fpr=null&tanc=https%3A%2F%2Fwww.cyberforum.ru
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/mstream.min.js?v440
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.147 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
server: nginx
x-movieads-udt: ["Chrome Dev","desktop","Windows"]
x-movieads-udata: cache
vary: Accept-Encoding
x-movieads-referrer: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2
access-control-allow-origin: https://videotoday.site
access-control-expose-headers: X-Movieads-Queue, X-Response-Id, X-Movieads-Country, X-Movieads-City
x-movieads-country: DE
x-yac-source: Yac
server-timing: Bootstrap;dur=0.07, jmap_1;dur=0.01, jmap_2;dur=1.01, jmap_3;dur=0.05, jmap_4;dur=0.13, jmap_5;dur=0.16, jmap_6;dur=1.96, LocalRedis;dur=0.31, Redis_get_queue_DE_autoplay_0_pre_8d94458a2b7741a172956c4b6a86f3a7;dur=0.20, Redis_get_db_links_222_8d94458a2b7741a172956c4b6a86f3a7_DE;dur=0.92, Redis_get_links_seq_def_1_8d94458a2b7741a172956c4b6a86f3a7_DE_new;dur=0.34
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-movieads-city: Kelsterbach

GET
H2 200 logger.php
logger.moviead55.ru/ 70 B
197 B 15ms
15ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=iframe_onload&c=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&a=&m=&v=8d94458a2b7741a172956c4b6a86f3a7&o=%7B%7D
Requested by: Host: www.cyberforum.ru
URL: https://www.cyberforum.ru/powershell/thread2416870.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberforum.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 13:16:13 GMT
content-encoding: gzip
x-movieads-country: DE
server: nginx
vary: Accept-Encoding
content-type: Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.acint.net
URL: https://www.acint.net/rmatch?dp=167&euid=9bea2a59-13a1-470f-8eff-cc650172356e&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D%24%7BUSER_ID%7D

Domain: acint.net
URL: https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D

Domain: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1

Domain: acint.net
URL: https://acint.net/rmatch?dp=14&euid=0100007F1B8634621B00757B02473D4A&r=https%3A%2F%2Fcode.moviead55.ru%2Fcookiesync_sape.php%3Fsapecookie%3D$%7BUSER_ID%7D

Domain: videotoday.site
URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2

Verdicts & Comments Add Verdict or Comment

371 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 01:41:35	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 01:48:47	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 01:41:35	Name: pcs3 Value: 1
.cyberforum.ru/	1970-01-20 10:25:45	Name: __ddg1 Value: n2tTumubMDl68a4vTfMO
www.cyberforum.ru/	1969-12-31 23:59:59	Name: cfsessionhash Value: 213b25d45d92f50ecc88ed165b296813
www.cyberforum.ru/	1970-01-20 10:25:45	Name: cflastvisit Value: 1647609368
www.cyberforum.ru/	1970-01-20 10:25:45	Name: cflastactivity Value: 0
www.cyberforum.ru/	1970-01-20 01:40:12	Name: pg_buildfile Value: 220316-8ec-nc-d41d8cd98f00b204e9800998ecf8427e
www.cyberforum.ru/	1970-01-20 01:41:35	Name: pg_unq_cohort_key Value: 1:2203162201
vak345.com/	1970-01-20 10:25:45	Name: sky_uuid Value: b885d2e7-d458-4c08-a6d3-466236e70eb3
.portoteamo.com/	1970-01-20 19:11:21	Name: uuid Value: "vxZBjvDxm2TCYAGQ9O5lwg237vnqprQrh9YbYmsOWU4="
www.cyberforum.ru/	1970-01-20 01:40:12	Name: pg_session_depth Value: 1
www.cyberforum.ru/	1970-01-20 01:41:35	Name: pg_preconnecting Value: disabled
www.cyberforum.ru/	1970-01-20 01:41:35	Name: pg_geo_response_time Value: 92
www.cyberforum.ru/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"DE","region":"HE","ip":"185.213.155.176"}
www.cyberforum.ru/	1970-01-20 02:23:21	Name: pg_custom_timeout Value:
www.cyberforum.ru/	1970-01-20 02:23:21	Name: pg_ip Value: 185.213.155.176
www.cyberforum.ru/	1970-01-20 01:41:35	Name: pg_after_init_response_time Value: 41
.yadro.ru/	1970-01-20 10:24:46	Name: VID Value: 2c7dPn3yLjuH1YD8OO000Umg
.cyberforum.ru/	1970-01-20 01:40:20	Name: u_count Value: %5B0%2C0%5D
.cyberforum.ru/	1970-01-20 10:25:45	Name: _ym_uid Value: 1647609369996333601
.cyberforum.ru/	1970-01-20 10:25:45	Name: _ym_d Value: 1647609369
www.cyberforum.ru/	1970-01-20 02:23:21	Name: pg_beacon Value: 1
.cyberforum.ru/	1970-01-20 19:11:21	Name: _ga Value: GA1.2.1376453666.1647609369
.cyberforum.ru/	1970-01-20 01:41:35	Name: _gid Value: GA1.2.2066051749.1647609369
.cyberforum.ru/	1970-01-20 01:40:09	Name: _gat_gtag_UA_595018_2 Value: 1
.cyberforum.ru/	1970-01-20 01:41:21	Name: _ym_isad Value: 2
.betweendigital.com/	1970-01-20 10:25:45	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 10:25:45	Name: tuuid Value: eddc8351-5af9-514d-8568-6f86e75ce99f
.betweendigital.com/	1970-01-20 10:25:45	Name: ss Value: 1
.uuidksinc.net/	1970-01-20 10:25:45	Name: jcsuuid Value: 7IxeoKYAbi76h2oDnz8O
.quantumdex.io/	1970-01-20 01:54:33	Name: uid Value: 6035432a-f5e7-4710-8147-c5e04a09bc0c
.videotoday.site/	1970-01-20 10:25:45	Name: _ym_uid Value: 1647609370473619981
.videotoday.site/	1970-01-20 10:25:45	Name: _ym_d Value: 1647609370
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1521827051647609369
.1dmp.io/	1970-01-20 10:25:45	Name: uid Value: 939a5e80-a6bd-11ec-8677-901b0e934d81
.yandex.ru/	1970-01-23 17:16:09	Name: yandexuid Value: 7818984751647609369
.yandex.ru/	1970-01-20 19:11:21	Name: i Value: v6fwSeajpC4wq6x3SUlrH/cgHKJn41ywLS21UB9uPjtLlGtSztnozAGoeRFCKXiAggRqtvCZMXBgFFfj752ouUmInEE=
.weborama.fr/	1970-01-20 11:06:04	Name: AFFICHE_W Value: XQEBTWXo6WFd27
.mc.yandex.com/	1970-01-20 01:40:09	Name: sync_cookie_csrf Value: 2160419303fake
.sonar.semantiqo.com/	1970-01-21 22:18:33	Name: semantiqo_a Value: bd1f8c91fe0a4c9bb7d5796ba4f343e8
.sonar.semantiqo.com/	1970-01-20 10:35:50	Name: check Value: 1158f6c59bfc4f7fbe703141f5a9e367
code.moviead55.ru/	1970-01-20 10:25:45	Name: btwcookie Value: eddc8351-5af9-514d-8568-6f86e75ce99f
.1dmp.io/	1970-01-20 01:40:09	Name: ru-seq Value: null
.mc.yandex.ru/	1970-01-20 01:40:09	Name: sync_cookie_csrf Value: 1016577486fake
.aidata.io/	1970-01-20 19:11:21	Name: __upin Value: FU91tK1NRyCGAUWQHmEv1Q
.aidata.io/	1970-01-20 19:11:21	Name: __upints Value: 1647609369
.yandex.ru/	1970-01-23 17:16:09	Name: yuidss Value: 7818984751647609369
.videotoday.site/	1970-01-20 01:41:21	Name: _ym_isad Value: 2
.dmg.digitaltarget.ru/	1970-01-21 03:35:21	Name: viuserid Value: 0m1q9JSnqIG4W0-7lm9P
.adx.opera.com/	1970-01-20 02:23:21	Name: UID Value: 0630bc3a38f24698a93ff6933742398f
.yandex.com/	1970-01-27 08:52:09	Name: yandexuid Value: 7818984751647609369
.yandex.com/	1970-01-27 08:52:09	Name: yuidss Value: 7818984751647609369
.yandex.com/	1970-01-23 17:16:09	Name: yp Value: 1647695769.yu.7994240721647609369
.yandex.com/	1970-01-20 10:25:45	Name: ymex Value: 1650201369.oyu.7994240721647609369#1679145369.yrts.1647609369#1679145369.yrtsi.1647609369
.mc.yandex.com/	1970-01-20 01:41:35	Name: sync_cookie_ok Value: synced
x01.aidata.io/	1970-01-20 01:50:14	Name: yaya Value: 1
.demdex.net/	1970-01-20 05:59:21	Name: demdex Value: 36739861774862446332980671997093470533
.yandex.com/	1970-01-23 17:16:09	Name: i Value: a1G/+YIcHpupNQSjFGESSoq/5H/wKW8HFOelaB+WCOEKCNwkZt6iOtreNxi469IlvGbAZJ2j7RiHCaOMScXMF3BpVeI=
.rutarget.ru/	1970-01-20 05:59:21	Name: userId Value: ewj3wF073Lnl
.dpm.demdex.net/	1970-01-20 05:59:21	Name: dpm Value: 36739861774862446332980671997093470533
.upravel.com/	1970-01-20 01:40:09	Name: session_tptc Value: 1647609369955
.upravel.com/	1970-01-23 17:16:09	Name: user_id Value: e1ead2d8-6e92-4375-ae40-8e87cbdcd93b
.tns-counter.ru/	1970-01-20 10:25:45	Name: guid Value: 921D681A62348619X1647609369
.caltat.com/	1970-01-21 22:18:33	Name: caltat Value: 1e2b8513235e4b468473a052ff2c6749
.doubleclick.net/	1970-01-20 11:01:45	Name: IDE Value: AHWqTUkA6XkOIJOfiC0xlsuqxMDUjE3Fp-Ae5C4dBalCQ68a_3yIKwPcIVIypDQLBJg
.mts.ru/	1970-01-20 10:12:47	Name: dspid Value: 7ebe3757-739e-4436-b624-ed891d0d558c
.whiteboxdigital.ru/	1970-01-20 19:12:00	Name: MiId Value: f590139d-733f-4d9d-93ff-1f9af5c4f715
.magnitent.com/	1970-01-21 22:18:33	Name: sonar Value: bd1f8c91fe0a4c9bb7d5796ba4f343e8
.magnitent.com/	1970-01-21 22:18:33	Name: ct Value: 1e2b8513235e4b468473a052ff2c6749
.magnitent.com/	1970-01-21 22:18:33	Name: spid Value: 4B9CAB1AACCD6C18
.magnitent.com/	1970-01-20 02:24:47	Name: 3db Value: 4B9CAB1AACCD6C18
.adhigh.net/	1970-01-20 10:25:45	Name: gi_u Value: 73yJEhhZLrG.AikABlF_nSvWAA
.adhigh.net/	1970-01-20 10:25:45	Name: yandexssp_sync Value: jxR
.mts.ru/	1970-01-23 16:04:09	Name: mts_id Value: b48c11c4-6ca2-4da9-aca3-c0f183ffa121
.mts.ru/	1970-01-23 16:04:09	Name: mts_id_last_sync Value: 1647609370
.yandex.ru/	1970-01-20 19:11:21	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:11:21	Name: is_gdpr_b Value: CNDpdRCYaBgB
.acint.net/	1970-01-20 01:40:09	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWI0hhu8cgBALtfxAvpyLdN8OqUp3mnacm4tFuwcVCGF
.acint.net/	1970-01-20 02:23:21	Name: cSyncDp14v3 Value: 1647609371
.ssp-rtb.sape.ru/	1970-01-25 20:05:16	Name: sspuid Value: fwAAAWI0hht7dQAbSj1HAgbAbnaB2LPW/EXadXFYqGM0AKBO
code.moviead55.ru/	1970-01-20 10:25:45	Name: bzcookie Value: e90b19af-eae1-4410-4103-67d57e2e7ff0
.betweendigital.com/	1970-01-20 10:25:45	Name: ut Value: YjSGHQABPGiu5tK4dXCrvID-u2J77cTU9esoww==
code.moviead55.ru/	1970-01-20 10:25:45	Name: sapecookie Value: 0100007F1B863462400072BC02F1D72E

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vak345.com/cs/202203181616.js?v=8d94458a2b7741a172956c4b6a86f3a7&_t=1647609368745.745 Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=90&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html Message: Refused to execute script from 'https://s.uuidksinc.net/match/1062/?remote_uid=f36d6309-6715-4a79-b2e2-a06b12fe974a' because its MIME type ('image/png') is not executable.
security	error	URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609371297&cnt=1 Message: Refused to execute script from 'https://s.uuidksinc.net/match/1062/?remote_uid=d76ae845-b340-4d55-8e98-ef7eb0625684' because its MIME type ('image/png') is not executable.
security	error	URL: https://videotoday.site/ovp.php?ver=1&autoplay=1&v=8d94458a2b7741a172956c4b6a86f3a7&cb=7f8a1d7b-63a3-4756-81ee-7637a3ab630a&fclose=false&sub_id=base&tls=no&instant=yes&testad=no&nomon=1&cdiv=1103&r=https%3A%2F%2Fwww.cyberforum.ru%2Fpowershell%2Fthread2416870.html&rel=true&rnd=1647609372966&cnt=2 Message: Refused to execute script from 'https://s.uuidksinc.net/match/1062/?remote_uid=b905876c-6edf-44d4-93e4-c6e8e075c4a5' because its MIME type ('image/png') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
acint.net
ads.betweendigital.com
ajax.googleapis.com
an.yandex.ru
avatars.mds.yandex.net
cdn.jsdelivr.net
cdn.pubguru.com
cdn3.caltat.com
cdnjs.cloudflare.com
clients1.google.com
cm.g.doubleclick.net
cm.tns-counter.ru
code.moviead55.ru
counter.yadro.ru
cse.google.com
cyberstatic.net
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
e1ead2d8-6e92-4375-ae40-8e87cbdcd93b.sync.upravel.com
edgrmtracking.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
intelaxa.com
l2.moviead55.ru
logger.moviead55.ru
m2d.m2.ai
match.new-programmatic.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
portoteamo.com
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
s1.marketplacepro.ru
site.yandex.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp.adriver.ru
statika.mpsuadv.ru
stats.g.doubleclick.net
stats.mpsuadv.ru
sync.1dmp.io
sync.bumlam.com
sync.magnitent.com
sync.quantumdex.io
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
user91471.clients-cdnnow.ru
vak345.com
videotoday.site
www.acint.net
www.cyberforum.ru
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
acint.net
videotoday.site
www.acint.net
142.250.184.226
142.250.185.130
144.76.138.28
148.251.237.106
178.208.69.121
178.208.71.14
18.66.139.54
18.66.97.70
185.15.175.146
185.40.155.13
188.42.29.165
193.200.65.146
193.200.65.147
193.200.65.18
193.232.150.46
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.167
2600:9000:223f:7200:5:3aaa:f40:93a1
2606:4700:10::ac43:2ac9
2606:4700:3034::ac43:97ef
2606:4700:3035::6815:e1e
2606:4700:3035::ac43:dac6
2606:4700::6810:125e
2606:4700::6810:5914
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:811::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.172
31.220.27.134
35.157.180.254
35.190.16.14
37.18.103.21
37.18.16.22
45.141.78.48
45.67.59.158
45.80.71.141
46.4.114.109
52.212.153.175
78.46.100.125
80.64.106.147
80.64.106.148
81.163.17.245
81.222.128.214
82.145.213.8
88.212.201.210
89.108.119.43
91.192.149.14
94.130.13.220
95.217.109.66
95.217.86.150
0121f65b42375f25d1cf2b27339ee481af715b231881dca6acfe59d5edcbd777
0224fb2109bd94d1df164cfc48f776f5ed760fc77b2598c36f451b620a4d8606
030ca09818f152c243f7c42ffe866619c2a9727d6f2356477d2c46795de59a45
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
070ecabfdf964a7363184cd2777cf243769b4a450bad17d854025b6c040f5fb9
07ea54c38ee82bf28d6dd22d390a67ac20e0c8ecf84327509f9e50d532e33a16
0a9ecd3e86ecdc1ad5f3517d15711636edb1a9ad6dc8c7eea86f2246a5c26f9f
0d8175de9dc95ace0e44167b2895f44b27a36869f9864f4696ee4fb1e312c4ad
1315df4e2ac305398e5405bb448c433329f155afd7277b1fb4905d959a4a6c7b
1400de002ed04668de976192cbf02ee5c017e6621126f9c3962b26d45ad6cd32
187a7f45f8a6233d976c52fbb67c680381efbf6d81e06b4cab4115d1e5f4b064
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1b2113191e228a2c56eb76957a87c565f375f0fdaa5fd606a03b7723054d98cf
1b82b243f5e7f2c56730773716844b1a275f10bbc8b66d4285aad996f675bf9d
1ee70acbd3b0edaf32c0d04341fe602fb7fd51d8924cd737287696b26f0ecae3
26b455d05301acda19c24cf35fa5aec0945bf50244421d00678502a785d33393
27f28f040d744fd271be425ee09bf36026eeec1cdca6d6889b672f0050b8c988
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2c3d39b3302aa741fbbee02a47e8dc142597ebd5cb6207288ce05ca23c689124
2e91fefb7391b9e6e5e1c9cdf691630ae6f51a0006fb5a8f5b887dc896f8db5a
31dda6cdd8ad7de0d570f703b6bb4f677dab097aa3495bd276e11d988d791f54
34222bb7f979d6657019ae037337c08ff12dabb33062ca316447c55daa54c27c
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34e4be92ec5b080fa8861ec31ab78bf63baad3b2242b5975a38de8d2807857aa
3c306caffcbea9b3ac27fb5858cc6e377d78117f222e029feb1f91b2be29a9b9
3cf294fce72e402fc8912f348cf3855a5501cb955dbeedaa92eea6a47a434fe1
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
4042bee588db57497a206202da9e007d8ef52b5e85b2d968304dcc1c7ef24787
43b11149cb78981868e59be812c5dc115759b2b118a5a660f2ec2ce5e351d77b
43f67cee90d69b2ceb8944ab3d3106abda2e40a33a324ab4ce1ef828ec2ae4a3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a81fb6dc99a3b2e0e03ed11f1661f189f705ced277866f1a8b02916f27e172
46fc00671aed6bbab5a4fd7c6175fd1c8fba422b686602b29fefcbef2ca5e1aa
473989572be7cf8d9ffef442f7113355e38cc1af23571c534a7d41007c545ba7
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4bd69582a25c69ba25cafc91e389a5e859c7c272251bd1b4fcab04a4c3176a8f
4ea144e0ec3d8459529344bdd5133c2e5a8f8d5ca005311925b1e88f56598228
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53f195d73d3772db367875c72b49e33c27fba5cf221fa164118ac7c8cbfcf993
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553f8aabc850b35ffd002398ccef7666d3f015f4015cb2fdb91db41f41043bae
57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9
59c10cdf6276df542a02482f83c87a9b478e953e645d09ca18e196547b5c2576
5a0cf62cf26799a49986dd9fcc257680a237b44105c29c43424e353b7d1bb3d6
5ae986db0dcbb3131602f6be4d222a521aac9363a25666666df3ab72d61df51f
62d1c6ae49c39212f5d854dfd4d02eb0d333dbfa14c65f18a311024374b72d33
668b0d80f55925b12b8628367348264111bccff7e5aa89ab5c47c673049418b8
69dfa23fee5f8bc933a75388d335ac6aee817178bcd2bab65734f55f85c2a605
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc760ba9bac5e35e9ccead84b8596b550d2497464846ff298a1131c7437417d
6e038a09ccaa009545c02a7eb859d7a05cf83bd162a2907daab499d652cb7ccf
6f017cefff077bc561c775fa49aa23511ec674a5dfb422ef526a2e7f04980fd6
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
7aebcff4c4562292278d46ad73b1ae484931465916d2c02852b4e47b431709b6
7bfc5fb50ef2f75611eddbd29d8f155eca0f77b00cb6268841f7821dd4713542
7d03afea2ec7090265ff925262ecc05b3971477eb2aa6fa0894a4458d5d95bd6
7e0660dd3436c140cc6514982b47694b9be7cbd58103b2b6c40234e802dafe21
7e2a6e19a4be1a244d2e9577de74c7ef49e90567b554ac3b7aebabc23e5cf983
7ffd852e45f9eafb24080a731d4e8c9ffdfffd23498266f8be0e0433df747ba3
8035564286c332c1ca43013c1daa0d7372e3f42cab2c4f2df1a826b04c59029f
8333680a413d15a5a62f6ce4cc1fa2f7e7441be9be7902ad2d8694ac6adda583
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872d751d8312e0c745053ce5ef4f60a8e4c91475147341adca71f48d17d6d7b9
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c00a3c4214d1b757be553078fab14641dc4367c6b7b3c5a9b1e72cb663f4996
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
93fc2e3b0083299635ed98838dbb0811ebe6fa3565c82beba9080894f37f07bc
964709088e8bcf45e9ff2aebe7f320065836761408638f677d01590478a36551
97c19d18d31ea99bd60e9d9519d07577f70ec6aaefbb63c4de43804f1cd11249
982798c3ab58ec9ca4b0fc8ea76f491e1b81d7dc557a3f640df68975283b636e
984ed07cfb706ce8375665769acf5e06d3d4f60002b296b3662c8bc6be959c89
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9fd3f0a0784a6cc63991d154efdc06923948505a2acec24086c6fbd26f644b16
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac001e06727f90198b24207a341886a34659f000df60308faffda72ce6877f12
ac3b6b4d0377c3efbbed06d70c8c1c9bf1a6f5e48118fd4a688d1619fea13f39
b271a70ce1ba380a80c924c6435b3e77c03408cd4d4a7389928970f7658d962a
b27f8c0281546dbd8050053a7d6971ab660d7aeb0c93f00ac2b06c9a48bfa601
b4e9ccfcb7d5ca026a1262a7075b7e6e6f30446fb8fc35205fe6edfa6f5a9b5a
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
b96f9a62676d54ccb59cdc808633ee3f33cb68d600c3864a649c3f41aa4ca1c9
bf0d62ac9b4c175a718931450412233d5ea7ed83152936ff2bfc664fa2e4015a
c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d
c1922061e01300c6b8d0e9a9dbc638c2eb7b2f5cf9e7690791bf7be4dd8733d6
c25f3f18658ceca1cc19c38d7e1ce8db3a148d2b69c65c2dbda0062ce4b93d03
c2b8c3d797a3c48dc6e72584f65dc87b89c2df868cd20ec1c88d60237675e9de
c3c0674e370e514dd2d0984506c3f3b0890e673d05dc489deabd0b43b7496eb3
c685ab23ae4c8e71c3be743f96c4032d45bc03395f464103532a248300b8ff06
c7e70d434e17a158fe1bf1ff44515243cb0eb2cda8d6b72ee956a17a31505607
c840f8dcafc53324267c96f7268889f3a52f5630bcdb17ab66baa9d92e788e4e
c8b47e4a13385866c85139b480b5c9a51ad44f5b82662afbadded93f0498df05
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc61c44a97e0a7d64a8a1f791a518903f1f9f075fa802590e46b13175f51ae8d
d039a518fa774503cb72050fcb417180dc28246b07d36970f1ef419ce69e5a06
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d218d0b25e577f8f6216e6ed2f8e7bc8e21dd22211016aa4f5a5e314bcaf84a8
d260104ad7f2116c6b87d4df0957a2787c759f5ce2b42881f150d55a5143e16a
d43b46778d4426d9ccd1e7eb1b1543cdd3746a6fde5535f0a46927d4c3476a0f
d6103e6cbefbf86900a4f1fce48f124b93921e7c0ca6231e5e283b076b422827
d6888fcccacbfc6754c9fa416f78891c6e4f51a9b98a2a0689ede23038ae663b
d6ac1f3b7e918bc6cb195a1e75204ff550438e4842ee13414407214b4206be79
db130ab2261c2ff7042b56daa0e0788cad5913d46f5914ca5f054f5d8c13bada
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dd367f76a977afab78d96c84f6779c0cf8963fe0586d553f5e45a4cd6783c762
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e324f04bc076180ddb51d604021fb6f7b2b5b4f38e04f8933cac10440cef68ec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49621b25309592564baae61844a761a674d07b48292ec57ac6bfe27afa4eb49
e4f4fc8a884570ca129eba39c4a1061ffb3d6d868693f1498abe4a191eaf83d0
e75517df278bc0b8f6f6a4fb4383896558bfcd2e9db2957dda58f4a49935a7b3
e7a754dc68b051e1b18bbf37fc0f5557196bc8db1c5f1c31ce5d242ea5c95ed6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef196e5b4f7321f54b61303c88739708e0e9c5b4fb62220734634a53c6f007e0
ef9f364d09959a9d9bd4fe5c18a1f6d7350e17ac7a0a6567936bb6a8858f1115
f032a18f7c04f76defc8384f928121cfc7d50efedc2d0bf710eca5504fc5dc18
f199c05415d416ca05f569f533c86ca9cc16dfddb31751f2f4f952f8d37cbe3b
f1dd01f7c92174e4a7c827828e9b37ead5da3097e2dd82e248648cb236e32c2c
f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96
f4ad7c81a625a0702dcdd837b046d8c5950d51ccad59e12b6d729ba758b2e1a5
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fb896422aac3e6c5cc9aea5b55110efc1c3a7af4581b8c9d47e46d415253785e
fc28ebbacc4f1ec97b4d883ff5af75c3f517ff3bd2331fbe5eb30bed45ab35a0
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
ffc88d09d20ad928056d0db89dd0cd8eebadb17605565cefd78a348b8245c5fc

www.cyberforum.ru Open in urlscan Pro 178.208.71.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

233 Requests

79 %HTTPS

40 %IPv6

54 Domains

73 Subdomains

50 IPs

9 Countries

2506 kBTransfer

7328 kBSize

85 Cookies

5 Outgoing links

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberforum.ru Open in urlscan Pro
178.208.71.14 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

79 %
HTTPS

40 %
IPv6

54
Domains

73
Subdomains

50
IPs

9
Countries

2506 kB
Transfer

7328 kB
Size

85
Cookies

233 HTTP transactions
11 data transactions