ufoleaks.su Open in urlscan Pro
45.84.226.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ufoleaks.su/
Submission Tags: u l4ing su mass ru cccp h8 Search All
Submission: On February 13 via manual (February 13th 2023, 11:36:45 am UTC) from UA — Scanned from DE

Summary HTTP 163 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 39 IPs in 12 countries across 59 domains to perform 163 HTTP transactions. The main IP is 45.84.226.24, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is ufoleaks.su.

This is the only time ufoleaks.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 35	45.84.226.24 45.84.226.24	198610 (BEGET-AS) (BEGET-AS)
1	2a00:1450:400... 2a00:1450:400d:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	195.216.243.31 195.216.243.31	57724 (DDOS-GUARD) (DDOS-GUARD)
1 2	81.177.165.65 81.177.165.65	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	2606:4700:303... 2606:4700:3031::ac43:8a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	165.232.185.113 165.232.185.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	185.74.254.66 185.74.254.66	59939 (WIBO-AS) (WIBO-AS)
1	2a13:1ec0:100... 2a13:1ec0:1000::1073	201589 (EDGEAMLLC) (EDGEAMLLC)
6	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
2	95.216.10.178 95.216.10.178	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
7 23	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2 7	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
8 22	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 27	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	176.9.9.10 176.9.9.10	24940 (HETZNER-AS) (HETZNER-AS)
1 1	193.3.184.219 193.3.184.219	50214 (QWARTA) (QWARTA)
3 4	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 2	54.72.143.161 54.72.143.161	16509 (AMAZON-02) (AMAZON-02)
1 3	18.193.152.7 18.193.152.7	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2 6	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	52.16.56.245 52.16.56.245	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.8.212 168.119.8.212	24940 (HETZNER-AS) (HETZNER-AS)
2 2	80.78.249.201 80.78.249.201	197695 (AS-REG) (AS-REG)
2 2	178.170.196.176 178.170.196.176	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1 1	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.149.30 91.192.149.30	42481 (BEGUN-AS) (BEGUN-AS)
2 2	193.232.150.68 193.232.150.68	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	217.66.147.39 217.66.147.39	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
3 4	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	194.55.244.181 194.55.244.181	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	178.170.195.115 178.170.195.115	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	92.63.102.100 92.63.102.100	29182 (RU-JSCIOT) (RU-JSCIOT)
1	62.109.6.15 62.109.6.15	29182 (RU-JSCIOT) (RU-JSCIOT)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
2 3	104.87.131.237 104.87.131.237	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
163	39

35 45.84.226.24 (Russian Federation) 2 redirects

ASN198610 (BEGET-AS, RU)

ufoleaks.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.216.243.31 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s31.ucoz.net

www.neveroyatno.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.177.165.65 (Moscow, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)
PTR: srv7-h-st.jino.ru

the-day-x.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:8a5b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

othereal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

othereals.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.232.185.113 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

origlnal-diplom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.74.254.66 (Germany) 1 redirects

ASN59939 (WIBO-AS, LT)
PTR: sr19.hostlife.net

origlnaldiplomas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
orlgenaldlplos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a13:1ec0:1000::1073 (Armenia)

ASN201589 (EDGEAMLLC, AM)

ic.pics.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.114.204 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.10.178 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.10.216.95.clients.your-server.de

block.s2block.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8::1:119 (Moscow, Russian Federation) 7 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:802::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6b8:a::a (Moscow, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.9.10 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1776439.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.219 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.196.115 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.143.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-143-161.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.152.7 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-152-7.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.208.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.174 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.56.245 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-56-245.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.8.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.8.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.78.249.201 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.170.196.176 (Russian Federation) 2 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr13.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.14 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.68 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.39 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-39-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.217.109.66 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.caltat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.magnitent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.181 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.8.252 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.195.115 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr18.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.102.100 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1022.ru

cntrsync.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.6.15 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1024.ru

supraneet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.87.131.237 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-131-237.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	yandex.ru 12 redirects mc.yandex.ru — Cisco Umbrella Rank: 2228 yandex.ru — Cisco Umbrella Rank: 1194 an.yandex.ru — Cisco Umbrella Rank: 3907 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 18414	334 KB
35	ufoleaks.su 2 redirects ufoleaks.su	565 KB
17	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 7221	6 KB
10	yastatic.net yastatic.net — Cisco Umbrella Rank: 4238	250 KB
10	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 308	11 KB
7	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 5303 favicon.yandex.net — Cisco Umbrella Rank: 6636	64 KB
6	google.de www.google.de — Cisco Umbrella Rank: 3701	995 B
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 18	1 KB
6	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 122930	20 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 3487 euw-ice.360yield.com — Cisco Umbrella Rank: 12707	1 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2258	3 KB
4	yadro.ru 3 redirects counter.yadro.ru — Cisco Umbrella Rank: 5841	2 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 179	16 KB
3	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 20036 best.aliexpress.com — Cisco Umbrella Rank: 60098	2 KB
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 26553 tech.rtb.mts.ru — Cisco Umbrella Rank: 31270	2 KB
3	rutarget.ru 3 redirects solta-sync.rutarget.ru — Cisco Umbrella Rank: 65394 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 52841 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 53073	1 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 17185	1 KB
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13108	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 28414	1 KB
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 19653	402 B
2	semantiqo.com 2 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 51898	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11789	592 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 13834	813 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 26994	995 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 16557	1 KB
2	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 24922	516 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 274	2 KB
2	s2block.com block.s2block.com	12 KB
2	the-day-x.ru 1 redirects the-day-x.ru	205 B
1	click.ru af.click.ru — Cisco Umbrella Rank: 158976	1 KB
1	supraneet.ru supraneet.ru — Cisco Umbrella Rank: 166842	319 B
1	cntrsync.ru cntrsync.ru — Cisco Umbrella Rank: 168343	7 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15788	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 5967	390 B
1	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 15585	155 B
1	magnitent.com sync.magnitent.com — Cisco Umbrella Rank: 279886	676 B
1	caltat.com 1 redirects cdn3.caltat.com — Cisco Umbrella Rank: 239547	335 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10603	202 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 51086	841 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 32288	244 B
1	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 6688	371 B
1	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 25630	262 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 13831	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 51581	388 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2459	467 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 16670	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 20788	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 49422	317 B
1	exdynsrv.com a.exdynsrv.com — Cisco Umbrella Rank: 43128	40 KB
1	livejournal.com ic.pics.livejournal.com — Cisco Umbrella Rank: 152637	12 KB
1	orlgenaldlplos.com orlgenaldlplos.com — Cisco Umbrella Rank: 625475
1	origlnaldiplomas.com 1 redirects origlnaldiplomas.com	237 B
1	origlnal-diplom.com 1 redirects origlnal-diplom.com	212 B
1	othereals.ru 1 redirects othereals.ru	673 B
1	othereal.ru 1 redirects othereal.ru	680 B
1	neveroyatno.info www.neveroyatno.info	8 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 132	52 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 510	6 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
163	59

	Domain	Requested by
35	ufoleaks.su	2 redirects ufoleaks.su
27	an.yandex.ru	1 redirects yandex.ru ufoleaks.su
22	yandex.ru	8 redirects ufoleaks.su yandex.ru yastatic.net
17	mc.yandex.com	4 redirects ufoleaks.su mc.yandex.ru
10	yastatic.net	yandex.ru ufoleaks.su yastatic.net
7	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.googleadservices.com
6	www.google.de
6	www.google.com	2 redirects
6	mc.yandex.ru	3 redirects ufoleaks.su yastatic.net
6	w.uptolike.com	ufoleaks.su w.uptolike.com
4	ads.betweendigital.com	3 redirects ufoleaks.su
4	avatars.mds.yandex.net	ufoleaks.su
4	counter.yadro.ru	3 redirects ufoleaks.su
3	www.googleadservices.com	2 redirects yastatic.net
3	cm.g.doubleclick.net	ufoleaks.su
3	match.360yield.com	1 redirects ufoleaks.su
3	acint.net	3 redirects
3	favicon.yandex.net	ufoleaks.su
2	s.click.aliexpress.com	2 redirects
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	ssp.adriver.ru	ufoleaks.su
2	sonar.semantiqo.com	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	kimberlite.io	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	ufoleaks.su
2	dpm.demdex.net	1 redirects
2	block.s2block.com	ufoleaks.su
2	the-day-x.ru	1 redirects ufoleaks.su
1	best.aliexpress.com	cntrsync.ru
1	af.click.ru	w.uptolike.com
1	supraneet.ru	w.uptolike.com
1	cntrsync.ru	w.uptolike.com
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com	ufoleaks.su
1	sync.bumlam.com	ufoleaks.su
1	sync.1dmp.io	ufoleaks.su
1	sync.magnitent.com
1	cdn3.caltat.com	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	ufoleaks.su
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	1 redirects
1	match.new-programmatic.com	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	ufoleaks.su
1	im.bluevoox.com	ufoleaks.su
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	ufoleaks.su
1	a.exdynsrv.com	ufoleaks.su
1	ic.pics.livejournal.com	ufoleaks.su
1	orlgenaldlplos.com	ufoleaks.su
1	origlnaldiplomas.com	1 redirects
1	origlnal-diplom.com	1 redirects
1	othereals.ru	1 redirects
1	othereal.ru	1 redirects
1	www.neveroyatno.info	ufoleaks.su
1	pagead2.googlesyndication.com	ufoleaks.su
1	ajax.googleapis.com	ufoleaks.su
0	mitdmp.whiteboxdigital.ru Failed	ufoleaks.su
163	69

This site contains links to these domains. Also see Links.

Domain
my.ya.ru
www.livejournal.com
www.liveinternet.ru
www.neveroyatno.info
the-day-x.ru
othereal.ru
vseneobichnoe.livejournal.com

Subject Issuer	Validity	Valid
uptolike.com R3	`2022-12-22` - `2023-03-22`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-01-14` - `2023-06-15`	5 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
cntrsync.ru R3	`2023-01-23` - `2023-04-23`	3 months	crt.sh
supraneet.ru R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.click.ru R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
ae01.alicdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-13` - `2023-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://ufoleaks.su/
Frame ID: 2AAE23EFBD1B207C5C435833BAD9F28A
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 5C11C16AB6812D3B7F7CB507EF39051C
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 85D318D3A8210F242510FEE9B92891A1
Requests: 63 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 65428FA2725BC5B4271F58137B097E74
Requests: 2 HTTP requests in this frame

Frame: https://best.aliexpress.com/ru.htm?aff_fcid=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&tt=CPS_NORMAL&aff_fsk=_Dd01Otl&aff_platform=portals-promotion&sk=_Dd01Otl&aff_trace_key=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&terminal_id=fe22bf7b1344448882b7fac50e3fa765
Frame ID: 391DA600679710AF8068E65D86855EF2
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 9019688FE707CF877632412FB460033D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Информационное поле Земли - аномальные новости

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

163
Requests

51 %
HTTPS

29 %
IPv6

59
Domains

69
Subdomains

39
IPs

12
Countries

1402 kB
Transfer

3425 kB
Size

73
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://my.ya.ru/posts_add_link.xml?URL=http%3A%2F%2Fufoleaks.su%2F&title=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&body=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D0%B2%D0%B0%D1%8E%D1%89%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BE%20%D0%BF%D0%BB%D0%B0%D0%BD%D0%B5%D1%82%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D1%8F%2C%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%2C%20%D0%9D%D0%9B%D0%9E%2C%20%D0%BD%D0%B5%D0%BF%D0%BE%D0%B7%D0%BD%D0%B0%D0%BD%D0%BD%D1%8B%D1%85%20%D1%81%D0%BE%D0%B1%D1%8B%D1%82%D0%B8%D1%8F%D1%85%2C%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D1%8B%D1%85%20%D1%86%D0%B8%D0%B2%D0%B8%D0%BB%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%D1%85%2C%20%D1%87%D0%B5%D0%BB%D0%BE%D0%B2%D0%B5%D0%BA%D0%B5.

Search URL Search Domain Scan URL

URL: http://www.livejournal.com/update.bml?event=http%3A%2F%2Fufoleaks.su%2F&subject=%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.neveroyatno.info/

Search URL Search Domain Scan URL

URL: http://the-day-x.ru/

Search URL Search Domain Scan URL

URL: http://othereal.ru/

Search URL Search Domain Scan URL

URL: http://vseneobichnoe.livejournal.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://ufoleaks.su/templates/ufoleaks/js/libs.js HTTP 302
http://ufoleaks.su/404.html

Request Chain 31

http://the-day-x.ru/spec_up/dayx.gif HTTP 302
https://the-day-x.ru/spec_up/dayx.gif

Request Chain 32

http://othereal.ru/othereal.gif HTTP 301
http://othereals.ru/othereal.gif HTTP 301
http://origlnal-diplom.com/ HTTP 301
http://origlnaldiplomas.com/ HTTP 302
http://orlgenaldlplos.com/

Request Chain 39

http://counter.yadro.ru/hit?t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404 HTTP 302
https://counter.yadro.ru/hit?t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404 HTTP 302
https://counter.yadro.ru/hit?q;t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404

Request Chain 41

http://ufoleaks.su/Inform/arrows2.png HTTP 302
http://ufoleaks.su/404.html

Request Chain 43

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9913.mBLaGqR2mgZq8e6JCG2_mVby0RQaSN7ocPjnwHRFed5XSvfrJxUvQCjUXwviMJPe.ITChaJwZS7aImcU6unsutIz74VU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9913.2loMERbFPtnENY0pPFo_EWHUIFQKKKPk0Oka6Q7T8RCNy3am7RPhxFyGD7A7JA57j7zV_Rn_-_bjcpUvHQ6RlNf90QUfJlj_1CK7XdfgLrw%2C.g9x9khMNvvMVR3yvAObJfnQ3e-0%2C

Request Chain 48

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A443863906979%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A238544420%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A443863906979%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A238544420%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 49

https://mc.yandex.com/watch/46830381?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A149406592634%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A313861330%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/46830381/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A149406592634%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A313861330%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 58

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9913.gmou64j9_SbAYwI_FJpAhwz2uVu7rEzH9RL-cJaKfgV2UybkhhgsuvEI8Ygt7Szg.xX_mGv-WDeFHvKIhGU2pjgIs_ug%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.HviQe25C9MQauTvUONkL9aHlbtU2wmWZCQQ99N54zYirJRRuOw_SoX4pKylfqLCYiAsedzCBBYw1wBqM7x6QtXjnLz7nfxJtc6tG1j7FJSIgVBQm5LOCzU8ZK4tOcd7OC_7McJGNYLg5tCiY-Ujp3kP70b29sYLG6QigDFIHfs96HQAv-RHqC0BuAuJKjrnML_zpgf20kz8SEREy3YnOFQ%2C%2C.llkqk4kJOfYJ33igctiTKCIGPHU%2C

Request Chain 80

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/05b3ea8b53da829fbeea44

Request Chain 81

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2003420AC820EA631F00F5A802D7CC66&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/1CB35A9DC820EA63A003C6780297177F

Request Chain 82

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/a1535696-e344-522c-85e4-b757e60e979f

Request Chain 83

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=ABEA15CB06CA4FF8 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABEA15CB06CA4FF8

Request Chain 84

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 86

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=1E625CBF15CE82CF HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=1E625CBF15CE82CF&crf=1

Request Chain 87

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=B958219AA2B96774

Request Chain 89

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 90

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 91

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 92

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=55EB29BD39027256

Request Chain 94

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/04003b830772f32e20dfc2b7c946c9a8ff4d6d8d4eb30811de30b88d498dfdf1

Request Chain 97

https://dmg.digitaltarget.ru/1/119/i/i?i=1676288199 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1676288200169&i=1676288199 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/5UcO6YfbXqWL2b77NQM7

Request Chain 98

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/f9e65f79-2ea3-48de-bf63-bbc51eb572b7 HTTP 302
https://match.360yield.com/match?external_user_id=f9e65f79-2ea3-48de-bf63-bbc51eb572b7&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 99

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/4ddb817b-fbc6-4dba-7578-57494ffa71f5

Request Chain 100

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=f7jRpMThnHEx HTTP 307
https://an.yandex.ru/mapuid/soltadspis/Y-ogyEporTk

Request Chain 101

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 103

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/860f88e3-293d-47ff-9bdb-0775250f53a3

Request Chain 104

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 105

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/61y7RrNDxTK.AikABlGGSpAO8Q

Request Chain 106

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=572455228 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/NdO33qM.Embman9XoXjPne

Request Chain 108

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/CmhtsipAwaB29En0vdcp

Request Chain 109

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=a6004e29-f650-428f-81a2-2d3093482a78&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fa6004e29-f650-428f-81a2-2d3093482a78 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/a6004e29-f650-428f-81a2-2d3093482a78

Request Chain 110

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=e30dfec69bfb4c47b47d2f446e806380 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=089EC568695D27C4&sid=e30dfec69bfb4c47b47d2f446e806380 HTTP 302
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v= HTTP 302
https://sync.magnitent.com/fbfli/ct_sync.php?ct=6b61843d3616457ca611ebc00631fdd0&sonar=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v=

Request Chain 116

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57

Request Chain 117

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/%2BQkO4LxCbcPXw9uv3ZOPEQ?sign=2380470466

Request Chain 118

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/BsaLmGvK65sQ?sign=1268506764

Request Chain 119

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/F7Tq75mUPBgU

Request Chain 136

http://s.click.aliexpress.com/e/_Dd01Otl HTTP 301
https://s.click.aliexpress.com/e/_Dd01Otl HTTP 302
https://best.aliexpress.com/ru.htm?aff_fcid=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&tt=CPS_NORMAL&aff_fsk=_Dd01Otl&aff_platform=portals-promotion&sk=_Dd01Otl&aff_trace_key=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&terminal_id=fe22bf7b1344448882b7fac50e3fa765

Request Chain 142

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ySDqY8fiNsP5xwLbyYPABQ&random=1631105894&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290&ipr=y

Request Chain 143

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ySDqY8TkNoulxwLf74HYCA&random=407973256&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380&ipr=y

163 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ufoleaks.su/ 97 KB
16 KB 288ms
120ms Document
text/html 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6171868b8895de2685fd6cb69eeeb0daf2e39efd5afd94008b8f3f4ecd4c52e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=172800, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 13 Feb 2023 11:36:37 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK index.php Show response
ufoleaks.su/engine/classes/min/ 208 KB
63 KB 148ms
74ms Script
application/x-javascript 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/engine/classes/min/index.php?charset=utf-8&g=general&14
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c192df6f75b7bbfc2b67eeef5f3240a3945aca03721381ad800c54742d05f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "pub1510531200;gz"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000, max-age=172800, private, must-revalidate
Connection: keep-alive
Content-Length: 64161
Expires: Tue, 13 Feb 2024 11:36:37 GMT

GET
H/1.1 200
OK webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 70ms
35ms Script
text/javascript 2a00:1450:400d:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Thu, 09 Feb 2023 12:52:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 341041
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 5437
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 09 Feb 2024 12:52:36 GMT

GET
H/1.1 200
OK webfont.js Show response
ufoleaks.su/engine/editor/scripts/ 3 KB
1 KB 142ms
69ms Script
application/javascript 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/engine/editor/scripts/webfont.js
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-bcb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK default.css
ufoleaks.su/engine/editor/css/ 9 KB
2 KB 137ms
70ms Stylesheet
text/css 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/engine/editor/css/default.css
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fb94f2d531b756ac6d16c478cd4c7c5ed942e116e52aeecfdc9fa14616d3bc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-24f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK styles.css
ufoleaks.su/templates/ufoleaks/style/ 25 KB
6 KB 138ms
70ms Stylesheet
text/css 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/templates/ufoleaks/style/styles.css
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 65c308475ab486c1d1b11bb27372de9fce717c906f4d6b8aeb083271101a5326

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Jan 2018 00:00:00 GMT
Server: nginx
ETag: W/"5a691e00-64d6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1.css
ufoleaks.su/templates/ufoleaks/style/ 13 KB
3 KB 137ms
69ms Stylesheet
text/css 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/templates/ufoleaks/style/1.css
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ec3d45d438b58cd5d873626b3dd6b2d4f133445a25f4be9b504e96438336591b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-3559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

404.html Show response
ufoleaks.su/
Redirect Chain

http://ufoleaks.su/templates/ufoleaks/js/libs.js
http://ufoleaks.su/404.html

75 KB
12 KB

112ms
112ms

Script
text/html

45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/404.html
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0f539950e5f3d7f8e066a261e7333aeae32f44263df98950a3c71da29170fcee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=172800, private, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: http://ufoleaks.su/404.html
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 211
Expires: Mon, 13 Feb 2023 11:36:38 GMT

GET
H/1.1 200
OK engine.css
ufoleaks.su/templates/ufoleaks/style/ 32 KB
7 KB 141ms
70ms Stylesheet
text/css 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/templates/ufoleaks/style/engine.css
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e4e8b894d67ef574a1be8047d7469328fc0432b87cd80996a6a5edfcecfa7071

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-7fcf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo1.png
ufoleaks.su/templates/ufoleaks/images/ 9 KB
10 KB 70ms
69ms Image
image/png 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/logo1.png
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ec7cadf76a9fb694f3b112a0b21a63ce889075aa83eefd87a139da4b14d1b0ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-25a7"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9639
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK share43.js Show response
ufoleaks.su/share43/ 4 KB
2 KB 71ms
70ms Script
application/javascript 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/share43/share43.js
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e4b97661f0f5ef6e574242c3ce64663e3987dfa7575edd9baff848696d936bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-f3c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 8.gif
ufoleaks.su/templates/ufoleaks/images/ 1 KB
2 KB 73ms
70ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/8.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 676b251f9c3bf1d8d475f2796e8c0ac321f852bcf3360997d857856542f8544c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-4d2"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1234
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 10.gif
ufoleaks.su/templates/ufoleaks/images/ 616 B
921 B 72ms
69ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/10.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 46148ef1398c2506cd18f962498dbef6ec35b99dd7681834f973ac59635d70c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-268"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 616
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 14.gif
ufoleaks.su/templates/ufoleaks/images/ 157 B
461 B 71ms
68ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/14.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a7d0ece74004433cf0a98be3732051f25a2636ae88f28335399afcb419055603

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-9d"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 15.gif
ufoleaks.su/templates/ufoleaks/images/ 3 KB
3 KB 70ms
70ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/15.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3daf652c758178620be708a65e420fe2bad83e229f90d0e7294242231b28a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-ad4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2772
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 16.gif
ufoleaks.su/templates/ufoleaks/images/ 1 KB
1 KB 70ms
68ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/16.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0cab290acb4a69a632ad5ff53a7f0659d64c992df8b11db5462f50992eddde0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-470"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1136
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 15217191.jpg
ufoleaks.su/_nw/49/ 38 KB
38 KB 70ms
69ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_nw/49/15217191.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fc6c8aadfd64b5dab9a2b296b0c79089908ffb092fed9f7f53824cbca3365e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-96be"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38590
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 35047918.png
ufoleaks.su/_nw/32/ 23 KB
23 KB 69ms
69ms Image
image/png 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_nw/32/35047918.png
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 50c40a500f6842913fde72c69f1f0d2575ecf60c8498e3e0856d3183dbc89f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-5c87"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23687
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 55493753.jpg
ufoleaks.su/_nw/76/ 70 KB
71 KB 155ms
70ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_nw/76/55493753.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5feec005a4394838eaec61b77886a9dd6616c8876cf795baf605998a14b3de41

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-1191f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71967
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 21530726.jpg
ufoleaks.su/_nw/8/ 20 KB
20 KB 71ms
69ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_nw/8/21530726.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d394f4876a28a36ed57f3b601d148edb1a857f58bd222e32e39fffc2d31a215b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-4e5c"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20060
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 15060223.jpg
ufoleaks.su/_nw/39/ 37 KB
37 KB 140ms
69ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_nw/39/15060223.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d2e6b83cc2e0fcba7f7a1b3b58da414ee47125d647a420632c14086975dc2e2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-92ff"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37631
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
52 KB 117ms
82ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbcb4cf7ad63b96ac9830bafa3b820e4aaa2d5b1f2d02e7a2c67ba9c78432246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52306
X-XSS-Protection: 0
Server: cafe
ETag: 4970838163693944440
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 13 Feb 2023 11:36:38 GMT

GET
H/1.1 200
OK no_image.jpg
ufoleaks.su/templates/ufoleaks/dleimages/ 11 KB
11 KB 140ms
75ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/dleimages/no_image.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 17c53ed9d84aa158f4e406e787b1091a4ffc52b02a4dc19034707b61634f4c56

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-2c4d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11341
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 23.gif
ufoleaks.su/templates/ufoleaks/images/ 1 KB
2 KB 74ms
71ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/23.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 661b6f06cd306cbb21b77211387142d31eafaafe6325e4ed99a8480581874751

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-525"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1317
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 25.gif
ufoleaks.su/templates/ufoleaks/images/ 1 KB
2 KB 72ms
71ms Image
image/gif 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/25.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 84665c84f70d5e01ca7530d4c8400fa36aa98c26e6531f099f19945b8d80b8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-528"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1320
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1514920341_time-trap.jpg
ufoleaks.su/uploads/posts/2018-01/ 15 KB
15 KB 138ms
72ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/uploads/posts/2018-01/1514920341_time-trap.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c0f880cabcd70c40aa9bf51a246220c891610033f258448faf09cf3707c4048

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Tue, 02 Jan 2018 00:00:00 GMT
Server: nginx
ETag: "5a4acb80-3c3e"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15422
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 77825140.jpg
ufoleaks.su/_bl/31/ 14 KB
14 KB 209ms
72ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_bl/31/77825140.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b12ffe07bdd87a74e2983b4cb14e4e003b4c76769b2778378c1d47f54d65a429

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-3797"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14231
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 96188023.jpg
ufoleaks.su/_bl/31/ 26 KB
26 KB 212ms
71ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_bl/31/96188023.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a50eb9dcd1a2c5869b663fddf7f4dc54b5e4ee95e7dc54d45fed4b3aefeae99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-663a"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26170
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 27405647.jpg
ufoleaks.su/_bl/31/ 17 KB
17 KB 205ms
69ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_bl/31/27405647.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: aa52a196dd12d98413ec55bf3de15fc6ac2236b416518bbfcfe7960eb235659f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-4464"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17508
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 79797871.jpg
ufoleaks.su/_bl/31/ 23 KB
24 KB 226ms
70ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/_bl/31/79797871.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 675ac6857389414b8730a683e65c2dfd962436f57237779b4127a2402122b649

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-5de0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24032
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK scrolltop.js Show response
ufoleaks.su/js/ 2 KB
1 KB 70ms
70ms Script
application/javascript 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/js/scrolltop.js
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dd967b57fa2835b539f742e0c0db1b2bcf28d1b8122d8a860f87177cff08b38b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: W/"5a08e080-8de"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK neveroyatno.banner.gif
www.neveroyatno.info/ 7 KB
8 KB 417ms
61ms Image
image/gif 195.216.243.31
DDOS-GUARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.neveroyatno.info/neveroyatno.banner.gif

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

195.216.243.31 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

s31.ucoz.net

Software

nginx /

Resource Hash

8398c4af9b01a17b6a36dc6ff9be0becfae8f93cfd21808d13645c5a9f2cee33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:35 GMT
Last-Modified: Tue, 23 Aug 2011 17:14:36 GMT
Server: nginx
ETag: "4e53dffc-1cfb"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=1728000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 7419
Expires: Sun, 05 Mar 2023 11:36:35 GMT

GET
H2

404

dayx.gif
the-day-x.ru/spec_up/
Redirect Chain

http://the-day-x.ru/spec_up/dayx.gif
https://the-day-x.ru/spec_up/dayx.gif

0
0

179ms
57ms

Image
text/html

81.177.165.65
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://the-day-x.ru/spec_up/dayx.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Server: 81.177.165.65 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv7-h-st.jino.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: https://the-day-x.ru/spec_up/dayx.gif
Date: Mon, 13 Feb 2023 11:36:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 138
Content-Type: text/html

GET
H/1.1

200
OK

/
orlgenaldlplos.com/
Redirect Chain

http://othereal.ru/othereal.gif
http://othereals.ru/othereal.gif
http://origlnal-diplom.com/
http://origlnaldiplomas.com/
http://orlgenaldlplos.com/

0
0

490ms
110ms

Image
text/html

185.74.254.66
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://orlgenaldlplos.com/
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 185.74.254.66 , Germany, ASN59939 (WIBO-AS, LT),
Reverse DNS: sr19.hostlife.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Redirect headers

Location: http://orlgenaldlplos.com/
Date: Mon, 13 Feb 2023 11:36:39 GMT
Server: Apache/2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 210
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 5383042_original.gif
ic.pics.livejournal.com/vseneobichnoe/45536307/5383042/ 11 KB
12 KB 428ms
100ms Image
image/gif 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ic.pics.livejournal.com/vseneobichnoe/45536307/5383042/5383042_original.gif
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 2503c28569b3df2f2c2bbd52269262839e48442c313bd616b99ac02dc1fffc12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

X-Mog-Pth: http://10.27.0.63:80/dev51/0/729/567/0729567442.fid
X-ID: m9-up-gc91
Date: Mon, 13 Feb 2023 11:36:38 GMT
X-PHN-Id: kr-phwsn01
X-Cached-Since: 2023-02-12T04:39:28+00:00
Connection: keep-alive
Content-Length: 11481
Last-Modified: Wed, 15 Jul 2020 11:52:35 GMT
Server: nginx
ETag: "2cd9-5aa798f4cd305"
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Content-Type: image/gif; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Cache: HIT
Accept-Ranges: bytes
Expires: Tue, 14 Mar 2023 04:39:28 GMT

GET
H/1.1 200
OK zp.js Show response
w.uptolike.com/widgets/v1/ 44 KB
12 KB 294ms
122ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5c776ef35ed320afc07d0e110145774489373b47c5c9b3a8f08ee2bc61e9cff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31556926
Connection: keep-alive

GET
H/1.1 200
OK sys.js Show response
ufoleaks.su/ 11 KB
3 KB 72ms
70ms Script
application/javascript 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ufoleaks.su/sys.js
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b803aabef91dde63b4e22e383748625fba5aeda48de96c5f848be15acc796345

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Aug 2022 07:58:16 GMT
Server: nginx
ETag: W/"62eccd98-2d00"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK wall2.jpg
ufoleaks.su/templates/ufoleaks/images/ 117 KB
117 KB 86ms
69ms Image
image/jpeg 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/templates/ufoleaks/images/wall2.jpg
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/templates/ufoleaks/style/1.css
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6f2ca74bfa0dd185f45b7af50dd71596d97405fed0f68bfd7e15ce88b18aa8f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/templates/ufoleaks/style/1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-1d32f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119599
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 119781.js Show response
block.s2block.com/rotator-v2/ 25 KB
11 KB 571ms
68ms Script
application/javascript 95.216.10.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://block.s2block.com/rotator-v2/119781.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.10.216.95.clients.your-server.de

Software

nginx /

Resource Hash

5efd0865091d38f9a22cd387157266e762673f77230fd0d8b64ef5f6f0c354e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Last-Modified: Mon, 13 Feb 2023 11:36:38 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK icons.png
ufoleaks.su/share43/ 4 KB
5 KB 286ms
70ms Image
image/png 45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/share43/icons.png
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ca7e31761c294211b614391d091bc5787316c74d785d8c13976a3cb0872e4c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Last-Modified: Mon, 13 Nov 2017 00:00:00 GMT
Server: nginx
ETag: "5a08e080-10fd"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4349
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404
https://counter.yadro.ru/hit?t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404
https://counter.yadro.ru/hit?q;t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404

419 B
905 B

53ms
53ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

f6791a6109dbaaa103f0099c6874ca1ff5bfa9c4e118347100508154c2c55134

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 419
Expires: Sat, 12 Feb 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t54.3;r;s1600*1200*24;uhttp%3A//ufoleaks.su/;0.034884144836602404
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 12 Feb 2022 21:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 302ms
142ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e351"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58193
expires: Mon, 13 Feb 2023 12:36:38 GMT

GET
H/1.1

200
OK

404.html
ufoleaks.su/
Redirect Chain

http://ufoleaks.su/Inform/arrows2.png
http://ufoleaks.su/404.html

9 KB
9 KB

107ms
106ms

Image
text/html

45.84.226.24
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ufoleaks.su/404.html
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/templates/ufoleaks/style/styles.css
Protocol: HTTP/1.1
Server: 45.84.226.24 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/templates/ufoleaks/style/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=172800, private, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:38 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: http://ufoleaks.su/404.html
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 211
Expires: Mon, 13 Feb 2023 11:36:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 5C11 10 KB
5 KB 142ms
34ms Document
text/html 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ufoleaks.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 15:23:13 GMT
etag: 10353107486223812946
expires: Sun, 26 Feb 2023 15:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

162 KB
57 KB

74ms
74ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e351"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58193
expires: Mon, 13 Feb 2023 12:36:38 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 70ms
70ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1676288198569780
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7688cf1c8d4475e4c743bbda92e0b6ac0df1ba4ffca589bfd9c08fd48d4ad51b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Tue, 24 Jan 2023 08:31:58 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 277 KB
82 KB 229ms
81ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js?_=1676288198212

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/engine/classes/min/index.php?charset=utf-8&g=general&14

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

79bbefe62902da3a0afe66c9e8b9559bf1e0081bfb22280e8a3664f40809e6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288198822043-10486244725649480237-vla1-1928-vla-l7-balancer-8080-BAL-80
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 13 Feb 2023 12:36:38 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9913.mBLaGqR2mgZq8e6JCG2_mVby0RQaSN7ocPjnwHRFed5XSvfrJxUvQCjUXwviMJPe.ITChaJwZS7aImcU6unsutIz74VU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9913.2loMERbFPtnENY0pPFo_EWHUIFQKKKPk0Oka6Q7T8RCNy3am7RPhxFyGD7A7JA57j7zV_Rn_-_bjcpUvHQ6RlNf90QUfJlj_1CK7XdfgLrw%2C.g9x9khMNvvMVR3yvAObJfnQ3e-0%2C

43 B
67 B

73ms
73ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9913.2loMERbFPtnENY0pPFo_EWHUIFQKKKPk0Oka6Q7T8RCNy3am7RPhxFyGD7A7JA57j7zV_Rn_-_bjcpUvHQ6RlNf90QUfJlj_1CK7XdfgLrw%2C.g9x9khMNvvMVR3yvAObJfnQ3e-0%2C

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9913.2loMERbFPtnENY0pPFo_EWHUIFQKKKPk0Oka6Q7T8RCNy3am7RPhxFyGD7A7JA57j7zV_Rn_-_bjcpUvHQ6RlNf90QUfJlj_1CK7XdfgLrw%2C.g9x9khMNvvMVR3yvAObJfnQ3e-0%2C
date: Mon, 13 Feb 2023 11:36:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 72ms
71ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:38 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Feb 2023 12:36:38 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

435 B
527 B

78ms
78ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A443863906979%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A238544420%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bb88dfe87b19e80453c1f453a2b3e0f9b719f0e2491a323fad133bb1e8c1513b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A443863906979%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A238544420%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/46830381/
Redirect Chain

https://mc.yandex.com/watch/46830381?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.com/watch/46830381/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

454 B
490 B

79ms
78ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46830381/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A149406592634%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A313861330%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

95e3704f84ee03228bfe9d2a88a3c96d4f4169444a3855e4cfb23ebd143e1e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/46830381/1?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A149406592634%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113638%3Aet%3A1676288199%3Ac%3A1%3Arn%3A313861330%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288199%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/721202/ 14 KB
5 KB 307ms
139ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/721202/1c0942547d39e10f5f56.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

79d1ac7253e19bbbf2368169ee6b3dad0595aa4bdd65b11d6b28dc318c412202

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4801
last-modified: Fri, 10 Feb 2023 17:58:23 GMT
server: nginx/1.17.9
etag: "cd51050f884e39b11c6f14ed08e4426c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:08:29 GMT

GET
H2 200 f25979a098b233a9a7f3.js Show response
yastatic.net/partner-code-bundles/721202/ 109 KB
24 KB 334ms
167ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/721202/f25979a098b233a9a7f3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1a0f7f8cfb2ab6c19c37dae6a2ff452b2f36c5c440dcd796118a5afb229452a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23697
last-modified: Fri, 10 Feb 2023 17:58:23 GMT
server: nginx/1.17.9
etag: "5021571bd1a6f04b4fe2641ab3b7e180"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:08:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 352ms
185ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:11:08 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 276ms
112ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 4d792b31f773b46d
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Feb 2024 17:24:20 GMT

GET
H2 200 1782592 Show response
yandex.ru/ads/meta/ 139 KB
37 KB 286ms
285ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1782592?target-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C84%3B718860%2C0%2C23%3B685681%2C0%2C79%3B720093%2C0%2C17%3B719192%2C0%2C27%3B717058%2C0%2C96%3B720947%2C0%2C30%3B720933%2C0%2C54%3B720774%2C0%2C44%3B721202%2C0%2C45%3B716125%2C0%2C64&pcode-flags-map=eJytWG2P0zgQ%2FiunfkZcXp2Eb07itFbzdrbTpSBkFSi7Pe3LaelyeyD%2B%2B43jtE3SrssCCMFSOo%2FHM8%2FMPONvEzotK0ZkQTknqUyxwLLGDBdcZhWTC5qSStJSJlURV5NXb79NvqyuH9aTV5P14z%2BTF5Pt%2BvOWfoR%2F%2BpHl%2Bf7k%2B7sXkwXmkpG%2FGsKFXBS4lhmrColTPrAXrCF9AGQHTmi1AKTEcU5Gh8MPGS2pIOBfMuezSsgLKmZVIyQG3wU3eYd8H4Xus8F%2FBzLOc1mzKm0SwY%2BPeR40Achn5qUHovICZ15AKmSOY5K3UAAS47IkzJwd5Lpe0PelJBeSz8EafivACqeEyTrHyxHU2KHQd6Jo7xAtazwlkguazJcypVyBp23UYpXaNKtew8eMJEJykucDaPK6HkIHtnOAbvjQyxKXdWO%2BZWQHlrcHEDMG0SKMqTBlkjdsQZYQckjiVFIuS6DJAuc0PQPqID%2Fcg%2BJURX%2BpeNshiUqXSVczRrDACrwwOIDlOXhYlflS1k2c00TimrZphZRwAZVtRrNty7d7RVtUCyKrHGzpG7JvBKp8f9xD2w09a0i4Pf%2BrEkAhL2cQIs8Njni%2FB8kpNBbI57jQWGHiHaD67qFBcaGLlTBOq3JgGNhhiMKBrWNZgb5Tx1A4sykFBKSjJi1xXZtv5Vie57QYTUm7cmkzVQwMt%2FcP656Z54RupI9WfOa8rdiRzfiuPSPFA0JKWcWcAH1HpXm7en%2B9Hli6yIl07DP6GsZCKWeETmdClsJ8pOe7kabSEpcpeS1ZI9OqwLQ0jg0rcFy0Py9m1RychbPklI3qamxpB36ITh6o2ohgNDaaO7aFdKm%2FIaUjswY6zgVNoenTAjqS0dazvW5UtbY7TsQVU0llOKUN%2F%2BMHEZZY%2Ba0dhnq%2BwEvjvPGhNLo4p5mqSF5XJRBD0IJATxmYAmutoa1nufrOdVKlisRgWhqHkO%2F5ANNRSfViRhR3d%2BdJ1YKN5l4QOMfm0E7hzwtViMDOn0HYOQANuBlky7VOW%2BcEs1IWSu0sMKN4dG9ncKhvWV2Ua0YrRsVSxkvoOOSirpg5YChA0bBXdD0i4cbB6MPwCXuMhAGTYJg9MASTBLLEDV3Cj1zftge2LYv5XiPVMHdoOTWDeH7XudvuBlQWy5pI1%2Bw1zCO%2Fl56CJRAnTmOaQ9TMx0UBetJSzYoEJtr8zOk7jKLJBdVKRkKDzSioCKoukeHEXM1R6ARBz48ORI8XGM5ANiVrYpBsqmIEq%2FL8jMaxHM%2FVrJsyHDvm7wJFrcN329HbN%2FBtxzJ9%2F0Tl2%2F4TFjtyzEg7fmB8EQ4bgNE%2F23eQtlZiipEMes4M9N6UJma70O0abKtzWKEqiJFyN%2FdqRmJzi0fQox17UEowAxnwGkZvMiOQD9W2ecLUhOPc2ImQHdmeNwCbUdF60gOBeMxFZQZyA8cZyPKkLmQBSgBLAMGCLto5bcaI3OGyk9TJL2OMBFFKMgxF8cylw%2FMthAZh4gVmQoLya4gCPxdnHyF00FlaQ48805K6Uqq81c%2BS52e8CuygK6hErQZV2REJZ6pN0QyEKtE7iJlRQRihaK%2BmMkYBBsSztlfCqjZfbmgfz4%2Bq9cgCRW5Hu57Fc7drFESeFexRYJSlCsEoeBEKPWSPT9YkM5%2FlOJaOda8wlBz7oeoIkWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiON88jvCB0j28hpuY7QJrCg9Wha3NZw0SA4QjbxIIU47E6%2BfRZbu8ePlyNtkIrdMa7r%2B6cJ%2FLYvRycSQ4shV3x6vKCJbWWgrUz5tzUQxEsSN2KNTw6yyu9%2B2lHz4CEXUk9BdIydRiezaO8WT3Kq%2FXm8mr7BFy7C8k5iXEsQdQblzIL1MOgrnVruJgB5XrsU5u23pYbmFntywBIKgJd0ljugW15nThhTOrxJRpQgbpttIFuO1QznZ1dlD1d9zl%2Bs2w7jWw1dN%2Fs2%2BTTevvhqljdX25uuyl8c%2Fd%2Bc73mH1bXm9vLySvn%2BwDVB%2BnRI4HusSCpZZwrJqhNt3%2FA28nNanP98v4BfPtvdftx%2FQg%2F%2F7m5WV2uPw8%2BulzdtJ98%2FLq%2B1V9ffdls7%2FSPNy97%2F%2Fh4u%2Bk%2BVch7BPjgfvX1%2Bu7rVfffX%2B%2F13w%2F3q5e3638%2FH33h79XdzaY1fXf6iv3yPaTWnD604%2FnAWPETn0k8WNqnyL0bigoQdASoiXwgOrs1WULnwoJMl%2BZTIg%2B5J0voQN3ffRDM1EWNqXEBgl%2FDl4cAHV55Ol37k9bqOhjKcaa2A1rASnEQx%2B17EYHKMm6wI8C4yTLAIkUNUckB8YRP%2Fi871Osez%2FetHVq%2FErD2zUt1LVGVTyxHJ1pOGKLDO1o3edqNhsM2SavDm043N3rsUvONcPWydebRPfR3cxKnPJ2PH4jUw1fkjp%2FCouP5rkTebptQg36A8v5hu727HRHajnTf50Tsi7J9Ci6bIjZrAhCDVvei2vchqbjKPMzfPAUE0HbDy3%2FYXo9uEnVP2qdQllhCT54TcQ7D1dFQCmeXDiBzDkV9jmlB7y3mOPK2UmEDC1vrsu%2F%2FA5s1jgc%3D&pcode-icookie=6BJ7e%2B0fZjWlb%2FOOiYl32DDvrkJ0Rn6mVeH5Y3HbLu%2Bj5ZhSuayaQpLHxxgl6osRpSbS6oFY0jvO9chtZF8%2Brnrmc0g%3D&duid=MTY3NjI4ODE5OTI3NTcyOTkxNQ%3D%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=168225279049730&ad-session-id=5767261676288199069&target-id=81908393&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fufoleaks.su&top-ancestor-undetermined=0&pcode-version=721202&pcodever=721202&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A210%2C%22h%22%3A0%2C%22width%22%3A210%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A801%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=4708&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MzB9ChqkpJDkKO6BCFDHH6z0z0UlcZw366P7gpTkyxdMvqaT0qdp-26OEsiuTdPmbVKliu48dlCWFVj91KE76kaj_gb6RABXzCAzpmFaqUmzVsv93ne3EWE0Y8aMBhkdtQvDFTnwXc-hdn03dOC5geu5ogXQc2XZxVtw8YAGwZUtBLEbZNCzGx7K8nDFDsmyIB3uA1e5FKscKjdAz-5CXyiSpVKWly6lK3OoHNLsKpcP4RIaLjCSYRtm1PnEUC_DkCUvM6JlKl8-5zn74uclyA0cit134QXLQbasBoChYFkDt2QQzPb5y80is_fy8ZbhkOpQ7ML-d_F38-yQLx2z1HGdXfmxezqhn-VuE-NwlnYJl6rB-nKG6qiWM-GXFyWs5IHrUC4t39IhHnJdCIsJit0rGLLFAy9IrE-VaEhfTB4-5XJeNkvlrj_kQlnWsBcq6eB1l3CIv0ywQxruC1q6mHZgLa2DbcVMX1EUBTOtnBA975o2YUszbIcqu9IZ_SDBDES1pMt2HJIPHa8pdwOWXtw7Rn2HclFyF6uJLAHHTqHXsFYM4rv4S6PkaOgQL2dSV3KKIb9vvcHdjrhxsMAWdZoo0akl7S6UD6zBADmqAbl4X0Jh425d60IObBYhbgS5HWVlQ9kyx3t_baNl9KxI1YgZ9KxItTomPauaUc2g1QOAC52Vq6lgRaxV6zK9DrEWpZFJq0FGw0irZqSjN2ZkdPRqLb0apRFHApYufAtdPcGjlHThBTOqnSbcrmO8oxHVLJsHQfF2p1lMNmO3F3CIDeYbTK8RL43i1DAOxfKE5gLvQjXk198MXjqIGbfOa590sFTsF_EPS3Is12qDNsMD3vcJ3s3SxlezfEuKq-4WYbmNXNZJItEiAAQdDZMmGqZ1KBbsDk3xDq--aOaLrwUzxekgx1DayL4tIntOFxmmY6egjtiGXGVEcoLwjqETtMlUtUSoDN1XQyS8meyTnRsaOlcuXa_nmXA3zmwkjVE42ol0gShOwxQ71TN--KmoPsrOtOEwtAzOYDYON5gZcXUDMNMxIdjS1zEzaDMyBp1Gg9KoQcpEw45cbVw4BYlmeQxgK2g1E7YZDlcNrY7ewldDy27Ub4qfXNODJ3g62x6i3AxOsgjso8qsXMNsSGNqepkYERVgejpGeiYtwoUoBHnoBSgxBxQdDeIFVuADm6vx3utxHf8RZCxhyibGdD1-CMDyuiBuUmRg1LPq9EBDdgH23lV2R7Ny6Za6gWhDIJpunTq2Zk5cPCeWbHt6257wp0U3e_sOqTk3gEzoWio7MxNOfeHiCmggAJZBq0OimUw1CRtuCgnm9MF6hyjMNgXu5Thxz_uN3xArWLbmbKGcl2yefpSuZS6-hY8g0_rOQ9FELMEOMicY2jIn-0uOk8LZmPOBmgJnI-vT98MUiZAP1yATn80qwMm8p7AJtxgIdqMJLPCVkLVpQGJk0gKRgQ4ZkqxRI0DOyXZwZgYkyGlBZGYQaA-7_pezmo3NGBcfsz67EHdoUHCj0iZpZpsfztTHRRlx50RjNMFe4qumo9Uh0rFHe-s69-3GwC9qkNufae7j_NvnDcnDc1hZZUPwBHXKL-TnB-FQGGOmURqUavjZLahoigiWZNXr8FcDvZ21dN_5zYtTG_ODR4iT7V-xwTzCjlQTUkUVbnuL_xt_QZHPag9s-HZ7nNUcAJVdOQFvN4BS50cy41JmwKEACUWu87__6fsq56pKH3i2jv6W5qwN2u_5oTJYSiQY1BZezGVFOAi3MOG2fyx9dfjCO8pDbP1jzkuWfIf4PE2epBhkS2nJRtggQdlmW7z9cjukPF1m_MoDQF49ohyE3VlBnLs6b-Bl0oPoihhgB5_Ewg2We5nneDZOcCd5NTvaaAfTBC3kjsOEMSHxYS0jguGhm9_FiAUHaEaB8zsLoTWCPwyDP8xuzyNl1_NnNt_Hwl79mshMu2oBr9VodIDU7qa0C4X24CkQbtnJ2uFvP3_8fbntDvj5zo2XUoU_bsd2wCRn0q_ewO_9UU30p_yyX87LTwC-oXwW3JgVj9ewb7vcI_mTfRmwVa_k4CbsTjw7fz95Pd69ddEpGgpumC4QhGPFXmrIEqQJkrbV3b8b29VDPdeAO68T5Ccz9Y3KcHqRHFuJK6OOvV018bvn6glRe-BwR6-EthK51QdfRw4UOrXGqOfm5rZddEH-NAgAs34uCoYpUJ3ehdCG6p6WvPPah9loUgm7wHGjAijrPjEyLHl5GvVRQ9Gx0iFeB3kpwH1LMtdhwKyQ4fX3SRlQ9UvfVlElqsyOFn1U4NjJR5ZuADvrIx9Nkdygm9eV4xa9kcpEuZkFaMiFSqJqTrltwyTJFU6DT75OfXsmdevDWyRvJ_UeL6U7vYkwDxRhRUzvNfM_HiwwUdu0y6aIlyquq7RRo0zi21VQZ_xCk51nHXBjedpu_0NRKKnrIHl9BoULkdU8aznB9-_Hz3-5EDa2HbK2espTWLFnLbAOBix-NjZML37MNNbwU-LAxDSAXqkvVyabLhZ28_09qm136rIfhd1F4S09N_zOexHWudAc1S-rd-n4TVFtVrmrYvo8WWmNRDxZwJDfRpL2yst4OSkEYrz4YythX5ecmuL1SNx1XsbUapRt-wrC6xg_5VP_fPnl_EM-4k9lBS9C-QPRbR9diB0C860zhYbP229k-Vs1TKX9GU_pYrzyZsf08ganXpufPoD260o8F3p7OTvwF7eij863Vdx9-UW_7Xdh39vlMojO60F_jvXOISyryQKSpTacSXekfnNueb79rISLHdjvMkV7hvJkY5oOnIwj6m6SPoJOyiAeWP48yo9Ych_i7zOfXMojfSfsp4pkJcX_z_UciqTqFaYLIcO-uveVp2rkNxJJKrTPBY6rc2AYzvHTTR7VAwqG7Ad0mN0PvFYF8lPKpQ1NWnhpbHIvtz3S6k8eu21W8Ywwp5qsGy9Smw9I_NTHR-n65FfU7_e2bf9ELrAuCO18y_It_tRJN9emfkrLra5mEkwKCeJWKID6sfaMVOWct0n0frPs0Ze8udZEHhcrojZuWi3uGU5mu-IkhrQgdWzmmWLd_N_aZU_A5ooByxkNJ6aXM1Y0KGBb8kJXIbLrW3yUH-hfnHvR66DPYR6FSdgJI-wu9n6YCSrHBAXv5108Stao5nuRPiJB-zFzlKlTzG6dWx3aoWyJIhZ6xB1y8cpsah_iR8i9hQ6sec0Ny3bH700rHjDlHYwnLLcKM7Iw-jn5Ovdw_PW7i82DeLz_Am5XPjLjjD_od4cek-3NKndzCI2W48divAMLKmYfWCxKmvMT12E-3kYECaOoTUwXWHxcrJ5LdFtEdmYbqJJJMXD2TcK__pzqKhlbyP--azkJynoP_xN_D6L3Y_nFpuQl3bb_jNC53W6KDllCe73SjkJTqe2W9NtVJknt8XK33G9E7RDU3wnu9kjxqbsamzw67xPWE8WAPYAWc8M8FuR1-Sl_gIOfKlO_vkK6X_FU9ag53fJeIxDKNJ_6rmJlm06jyC9K5qPRuMu4tw0B2lE84UWWYm3V4U_k_IL2nD_uNgAR2Opwb7pbWcZg_GqGjc8WAeZwOiNSycruVLT9kWBifhLhVvzSJgno1g8LTvTxEOP1ARpM7wOeiz_yU-dEN0d0N91txkmbZNsBBtNj-23TpqitnzsyvEjL4rdP9NQUltir4sf2ZSCzZv92lcJkHYomisM4R7Z0srat4Z56G6updMqmmQkxXZ6u8i74UWUHBD1ZOymzUG0f2T2DmH8c5tpQKxNQauOX-S_fnZPectfOqUOB8dwPDkx8s9iVFOOn-MdQPBfd9mYamVTtw-BM5NwBQdsvXtHuP27PawTymeGd2fxSuI2c20dkVyx6Fwz3_jQu9wak9phiBYlXFqkpQkU1IrnFBCAu00v5pp1SNgN4L54wWdgfHQl_g1WXT8suJDMJpyRud7OLzFz5fvwunsepJhmpfSIXmJxINGRbpSvCcLEcHWpwNEK8MDKdGuRtM81IwzNH89VzJMzr9OwlUM9WYOgKDG2BoSkw0AoMdYGBWmAcnAcdTYpehwi5FqH6gxCSy8HJjto6OmZB5YMgPnELw4FLZh2Myn5a7P43HimT9ByYlPqEXhLTVBUnZeVgErT87cOqLf053WGbGTuqCNriJ6s7cN5eF-Dk5q2gMazX2wgdm8nkjIpslANdmZdMg1JGDa-EJxckdzYu2k7OImkxyLt3Ers-93wYeYthSEJjUksA9L_-dpDK0iCeO0mYNDa8XPPOyYVikwIal5ks-NQOl6yNqQ48h3QzAsy-0q2e3x4mikQ4JkvwFOdQd4z-DeCjWS-AyR5ujroRajaAsY0Pz97xgtSqkmmaiwlWawHVxElt2ZPn1GnJlqAP9xaBwXRah1MVeVfSX-GtF1S2fSE-C4bbHdqjl14h04d83P8-0SS2t-SQsPC2-SCUiuJP-NORvPvqr_N0cxPtbOT6tt3mVT9KhPY0eZmQrZbBFtgJWp5Ynt6nuH3h8Eos_4rQja8svJSbig21fTdkrS99JudAyKxVt271PUj9QxiU1StJdoVJCtMFsAvs0gbDhcQClBfqMrmaOKRA7IsC4JJY4zBiT0IAR4APbYWos87LAg6WAK8ZN-QCdoAjCMA%3D&uniformat=true&callback=Ya%5B2394522745148%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fc827828dfd78bf6cbbf1e68a59086ab71567ebe3925ecf32f48b32b8a0ba6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1676288199129473-8331659360358420333-vla1-1928-vla-l7-balancer-8080-BAL-6206
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/721202/ 23 KB
8 KB 306ms
194ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/721202/07cea2bf8567304efc16.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7efac484c93389f1680df8779fced6aace7a93d6fc90c31fc2de50eb453b7839

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7926
last-modified: Fri, 10 Feb 2023 17:58:23 GMT
server: nginx/1.17.9
etag: "ea04064ba58f430ad496099654b55097"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:08:29 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/721202/ 7 KB
3 KB 305ms
194ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/721202/2ec9a88e40a26b53acde.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bb11fdd2e80d651eb2608465db2d5b5b99ec3bcf5a59e7f81c9aab3778c6595e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Fri, 10 Feb 2023 17:58:23 GMT
server: nginx/1.17.9
etag: "4c372f2d0c403cce015577da5163e3c9"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:08:29 GMT

GET
H2 200 0724a843d596456de358.js Show response
yastatic.net/partner-code-bundles/721202/ 563 KB
107 KB 82ms
82ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/721202/0724a843d596456de358.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bde0efec7ec863a3ba94d401cef30d62ddef7082393fb0c61edeff1aafeded44

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Origin: http://ufoleaks.su
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 109397
last-modified: Fri, 10 Feb 2023 17:58:23 GMT
server: nginx/1.17.9
etag: "205f408d5de1c9dc8611ba56ee3247f5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Feb 2053 18:08:29 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9913.gmou64j9_SbAYwI_FJpAhwz2uVu7rEzH9RL-cJaKfgV2UybkhhgsuvEI8Ygt7Szg.xX_mGv-WDeFHvKIhGU2pjgIs_ug%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.HviQe25C9MQauTvUONkL9aHlbtU2wmWZCQQ99N54zYirJRRuOw_SoX4pKylfqLCYiAsedzCBBYw1wBqM7x6QtXjnLz7nfxJtc6tG1j7FJSIgVBQm5LOCzU8ZK4tOcd7OC...

43 B
106 B

74ms
74ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.HviQe25C9MQauTvUONkL9aHlbtU2wmWZCQQ99N54zYirJRRuOw_SoX4pKylfqLCYiAsedzCBBYw1wBqM7x6QtXjnLz7nfxJtc6tG1j7FJSIgVBQm5LOCzU8ZK4tOcd7OC_7McJGNYLg5tCiY-Ujp3kP70b29sYLG6QigDFIHfs96HQAv-RHqC0BuAuJKjrnML_zpgf20kz8SEREy3YnOFQ%2C%2C.llkqk4kJOfYJ33igctiTKCIGPHU%2C

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9913.HviQe25C9MQauTvUONkL9aHlbtU2wmWZCQQ99N54zYirJRRuOw_SoX4pKylfqLCYiAsedzCBBYw1wBqM7x6QtXjnLz7nfxJtc6tG1j7FJSIgVBQm5LOCzU8ZK4tOcd7OC_7McJGNYLg5tCiY-Ujp3kP70b29sYLG6QigDFIHfs96HQAv-RHqC0BuAuJKjrnML_zpgf20kz8SEREy3YnOFQ%2C%2C.llkqk4kJOfYJ33igctiTKCIGPHU%2C
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 1 Show response
mc.yandex.com/watch/46830381/ 43 B
74 B 74ms
74ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46830381/1?page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&hittoken=1676288199_2011feff94c19f7e1be5bd9e142d76f4bfc7c9f816c117d3d7faaa56f65f3394&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A149406592634%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113639%3Aet%3A1676288199%3Ac%3A1%3Arn%3A617328684%3Arqn%3A2%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Ast%3A1676288199&t=gdpr(14)mc(p-2)clc(0-0-0)rqnt(2)lt(6400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/23414332/ 43 B
108 B 71ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&hittoken=1676288199_142f61cbe575aabc1f0373e5d8a7447cb58398b096c46474dc1c84bda739b916&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A443863906979%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113639%3Aet%3A1676288199%3Ac%3A1%3Arn%3A313716625%3Arqn%3A2%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Ast%3A1676288199&t=gdpr(14)mc(p-2)clc(0-0-0)rqnt(2)lt(6400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 205ms
67ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ufoleaks.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ufoleaks.su
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Feb 2023 11:36:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
391 B 208ms
70ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2 200 1782592 Show response
mc.yandex.com/watch/ 435 B
581 B 78ms
78ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1782592?wmode=7&page-url=http%3A%2F%2Fufoleaks.su%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A156294874171%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113639%3Aet%3A1676288199%3Ac%3A1%3Arn%3A32026552%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288200%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr(14)mc(p-2)clc(0-0-0)lt(6400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6187fa9c0a3cffaf83cff8dc4219f40306562dd17711f05766aa0dc8c72ad3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

GET
H2 200 1782592 Show response
yandex.ru/ads/meta/ 511 B
551 B 196ms
196ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1782592?target-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C84%3B718860%2C0%2C23%3B685681%2C0%2C79%3B720093%2C0%2C17%3B719192%2C0%2C27%3B717058%2C0%2C96%3B720947%2C0%2C30%3B720933%2C0%2C54%3B720774%2C0%2C44%3B721202%2C0%2C45%3B716125%2C0%2C64&pcode-flags-map=eJytWG2P0zgQ%2FiunfkZcXp2Eb07itFbzdrbTpSBkFSi7Pe3LaelyeyD%2B%2B43jtE3SrssCCMFSOo%2FHM8%2FMPONvEzotK0ZkQTknqUyxwLLGDBdcZhWTC5qSStJSJlURV5NXb79NvqyuH9aTV5P14z%2BTF5Pt%2BvOWfoR%2F%2BpHl%2Bf7k%2B7sXkwXmkpG%2FGsKFXBS4lhmrColTPrAXrCF9AGQHTmi1AKTEcU5Gh8MPGS2pIOBfMuezSsgLKmZVIyQG3wU3eYd8H4Xus8F%2FBzLOc1mzKm0SwY%2BPeR40Achn5qUHovICZ15AKmSOY5K3UAAS47IkzJwd5Lpe0PelJBeSz8EafivACqeEyTrHyxHU2KHQd6Jo7xAtazwlkguazJcypVyBp23UYpXaNKtew8eMJEJykucDaPK6HkIHtnOAbvjQyxKXdWO%2BZWQHlrcHEDMG0SKMqTBlkjdsQZYQckjiVFIuS6DJAuc0PQPqID%2Fcg%2BJURX%2BpeNshiUqXSVczRrDACrwwOIDlOXhYlflS1k2c00TimrZphZRwAZVtRrNty7d7RVtUCyKrHGzpG7JvBKp8f9xD2w09a0i4Pf%2BrEkAhL2cQIs8Njni%2FB8kpNBbI57jQWGHiHaD67qFBcaGLlTBOq3JgGNhhiMKBrWNZgb5Tx1A4sykFBKSjJi1xXZtv5Vie57QYTUm7cmkzVQwMt%2FcP656Z54RupI9WfOa8rdiRzfiuPSPFA0JKWcWcAH1HpXm7en%2B9Hli6yIl07DP6GsZCKWeETmdClsJ8pOe7kabSEpcpeS1ZI9OqwLQ0jg0rcFy0Py9m1RychbPklI3qamxpB36ITh6o2ohgNDaaO7aFdKm%2FIaUjswY6zgVNoenTAjqS0dazvW5UtbY7TsQVU0llOKUN%2F%2BMHEZZY%2Ba0dhnq%2BwEvjvPGhNLo4p5mqSF5XJRBD0IJATxmYAmutoa1nufrOdVKlisRgWhqHkO%2F5ANNRSfViRhR3d%2BdJ1YKN5l4QOMfm0E7hzwtViMDOn0HYOQANuBlky7VOW%2BcEs1IWSu0sMKN4dG9ncKhvWV2Ua0YrRsVSxkvoOOSirpg5YChA0bBXdD0i4cbB6MPwCXuMhAGTYJg9MASTBLLEDV3Cj1zftge2LYv5XiPVMHdoOTWDeH7XudvuBlQWy5pI1%2Bw1zCO%2Fl56CJRAnTmOaQ9TMx0UBetJSzYoEJtr8zOk7jKLJBdVKRkKDzSioCKoukeHEXM1R6ARBz48ORI8XGM5ANiVrYpBsqmIEq%2FL8jMaxHM%2FVrJsyHDvm7wJFrcN329HbN%2FBtxzJ9%2F0Tl2%2F4TFjtyzEg7fmB8EQ4bgNE%2F23eQtlZiipEMes4M9N6UJma70O0abKtzWKEqiJFyN%2FdqRmJzi0fQox17UEowAxnwGkZvMiOQD9W2ecLUhOPc2ImQHdmeNwCbUdF60gOBeMxFZQZyA8cZyPKkLmQBSgBLAMGCLto5bcaI3OGyk9TJL2OMBFFKMgxF8cylw%2FMthAZh4gVmQoLya4gCPxdnHyF00FlaQ48805K6Uqq81c%2BS52e8CuygK6hErQZV2REJZ6pN0QyEKtE7iJlRQRihaK%2BmMkYBBsSztlfCqjZfbmgfz4%2Bq9cgCRW5Hu57Fc7drFESeFexRYJSlCsEoeBEKPWSPT9YkM5%2FlOJaOda8wlBz7oeoIkWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiON88jvCB0j28hpuY7QJrCg9Wha3NZw0SA4QjbxIIU47E6%2BfRZbu8ePlyNtkIrdMa7r%2B6cJ%2FLYvRycSQ4shV3x6vKCJbWWgrUz5tzUQxEsSN2KNTw6yyu9%2B2lHz4CEXUk9BdIydRiezaO8WT3Kq%2FXm8mr7BFy7C8k5iXEsQdQblzIL1MOgrnVruJgB5XrsU5u23pYbmFntywBIKgJd0ljugW15nThhTOrxJRpQgbpttIFuO1QznZ1dlD1d9zl%2Bs2w7jWw1dN%2Fs2%2BTTevvhqljdX25uuyl8c%2Fd%2Bc73mH1bXm9vLySvn%2BwDVB%2BnRI4HusSCpZZwrJqhNt3%2FA28nNanP98v4BfPtvdftx%2FQg%2F%2F7m5WV2uPw8%2BulzdtJ98%2FLq%2B1V9ffdls7%2FSPNy97%2F%2Fh4u%2Bk%2BVch7BPjgfvX1%2Bu7rVfffX%2B%2F13w%2F3q5e3638%2FH33h79XdzaY1fXf6iv3yPaTWnD604%2FnAWPETn0k8WNqnyL0bigoQdASoiXwgOrs1WULnwoJMl%2BZTIg%2B5J0voQN3ffRDM1EWNqXEBgl%2FDl4cAHV55Ol37k9bqOhjKcaa2A1rASnEQx%2B17EYHKMm6wI8C4yTLAIkUNUckB8YRP%2Fi871Osez%2FetHVq%2FErD2zUt1LVGVTyxHJ1pOGKLDO1o3edqNhsM2SavDm043N3rsUvONcPWydebRPfR3cxKnPJ2PH4jUw1fkjp%2FCouP5rkTebptQg36A8v5hu727HRHajnTf50Tsi7J9Ci6bIjZrAhCDVvei2vchqbjKPMzfPAUE0HbDy3%2FYXo9uEnVP2qdQllhCT54TcQ7D1dFQCmeXDiBzDkV9jmlB7y3mOPK2UmEDC1vrsu%2F%2FA5s1jgc%3D&pcode-icookie=6BJ7e%2B0fZjWlb%2FOOiYl32DDvrkJ0Rn6mVeH5Y3HbLu%2Bj5ZhSuayaQpLHxxgl6osRpSbS6oFY0jvO9chtZF8%2Brnrmc0g%3D&duid=MTY3NjI4ODE5OTI3NTcyOTkxNQ%3D%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=168225279049730&ad-session-id=5767261676288199069&target-id=11404969&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fufoleaks.su&top-ancestor-undetermined=0&pcode-version=721202&pcodever=721202&flash-ver=0&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDcyMTQ2NzA3MjMKNzIwNTc2MDcyNTE0OTcyODU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1078%2C%22h%22%3A0%2C%22width%22%3A1078%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A261%2C%22top%22%3A260%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=4708&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MzB9ChqkpJDkKO6BCFDHH6z0z0UlcZw366P7gpTkyxdMvqaT0qdp-26OEsiuTdPmbVKliu48dlCWFVj91KE76kaj_gb6RABXzCAzpmFaqUmzVsv93ne3EWE0Y8aMBhkdtQvDFTnwXc-hdn03dOC5geu5ogXQc2XZxVtw8YAGwZUtBLEbZNCzGx7K8nDFDsmyIB3uA1e5FKscKjdAz-5CXyiSpVKWly6lK3OoHNLsKpcP4RIaLjCSYRtm1PnEUC_DkCUvM6JlKl8-5zn74uclyA0cit134QXLQbasBoChYFkDt2QQzPb5y80is_fy8ZbhkOpQ7ML-d_F38-yQLx2z1HGdXfmxezqhn-VuE-NwlnYJl6rB-nKG6qiWM-GXFyWs5IHrUC4t39IhHnJdCIsJit0rGLLFAy9IrE-VaEhfTB4-5XJeNkvlrj_kQlnWsBcq6eB1l3CIv0ywQxruC1q6mHZgLa2DbcVMX1EUBTOtnBA975o2YUszbIcqu9IZ_SDBDES1pMt2HJIPHa8pdwOWXtw7Rn2HclFyF6uJLAHHTqHXsFYM4rv4S6PkaOgQL2dSV3KKIb9vvcHdjrhxsMAWdZoo0akl7S6UD6zBADmqAbl4X0Jh425d60IObBYhbgS5HWVlQ9kyx3t_baNl9KxI1YgZ9KxItTomPauaUc2g1QOAC52Vq6lgRaxV6zK9DrEWpZFJq0FGw0irZqSjN2ZkdPRqLb0apRFHApYufAtdPcGjlHThBTOqnSbcrmO8oxHVLJsHQfF2p1lMNmO3F3CIDeYbTK8RL43i1DAOxfKE5gLvQjXk198MXjqIGbfOa590sFTsF_EPS3Is12qDNsMD3vcJ3s3SxlezfEuKq-4WYbmNXNZJItEiAAQdDZMmGqZ1KBbsDk3xDq--aOaLrwUzxekgx1DayL4tIntOFxmmY6egjtiGXGVEcoLwjqETtMlUtUSoDN1XQyS8meyTnRsaOlcuXa_nmXA3zmwkjVE42ol0gShOwxQ71TN--KmoPsrOtOEwtAzOYDYON5gZcXUDMNMxIdjS1zEzaDMyBp1Gg9KoQcpEw45cbVw4BYlmeQxgK2g1E7YZDlcNrY7ewldDy27Ub4qfXNODJ3g62x6i3AxOsgjso8qsXMNsSGNqepkYERVgejpGeiYtwoUoBHnoBSgxBxQdDeIFVuADm6vx3utxHf8RZCxhyibGdD1-CMDyuiBuUmRg1LPq9EBDdgH23lV2R7Ny6Za6gWhDIJpunTq2Zk5cPCeWbHt6257wp0U3e_sOqTk3gEzoWio7MxNOfeHiCmggAJZBq0OimUw1CRtuCgnm9MF6hyjMNgXu5Thxz_uN3xArWLbmbKGcl2yefpSuZS6-hY8g0_rOQ9FELMEOMicY2jIn-0uOk8LZmPOBmgJnI-vT98MUiZAP1yATn80qwMm8p7AJtxgIdqMJLPCVkLVpQGJk0gKRgQ4ZkqxRI0DOyXZwZgYkyGlBZGYQaA-7_pezmo3NGBcfsz67EHdoUHCj0iZpZpsfztTHRRlx50RjNMFe4qumo9Uh0rFHe-s69-3GwC9qkNufae7j_NvnDcnDc1hZZUPwBHXKL-TnB-FQGGOmURqUavjZLahoigiWZNXr8FcDvZ21dN_5zYtTG_ODR4iT7V-xwTzCjlQTUkUVbnuL_xt_QZHPag9s-HZ7nNUcAJVdOQFvN4BS50cy41JmwKEACUWu87__6fsq56pKH3i2jv6W5qwN2u_5oTJYSiQY1BZezGVFOAi3MOG2fyx9dfjCO8pDbP1jzkuWfIf4PE2epBhkS2nJRtggQdlmW7z9cjukPF1m_MoDQF49ohyE3VlBnLs6b-Bl0oPoihhgB5_Ewg2We5nneDZOcCd5NTvaaAfTBC3kjsOEMSHxYS0jguGhm9_FiAUHaEaB8zsLoTWCPwyDP8xuzyNl1_NnNt_Hwl79mshMu2oBr9VodIDU7qa0C4X24CkQbtnJ2uFvP3_8fbntDvj5zo2XUoU_bsd2wCRn0q_ewO_9UU30p_yyX87LTwC-oXwW3JgVj9ewb7vcI_mTfRmwVa_k4CbsTjw7fz95Pd69ddEpGgpumC4QhGPFXmrIEqQJkrbV3b8b29VDPdeAO68T5Ccz9Y3KcHqRHFuJK6OOvV018bvn6glRe-BwR6-EthK51QdfRw4UOrXGqOfm5rZddEH-NAgAs34uCoYpUJ3ehdCG6p6WvPPah9loUgm7wHGjAijrPjEyLHl5GvVRQ9Gx0iFeB3kpwH1LMtdhwKyQ4fX3SRlQ9UvfVlElqsyOFn1U4NjJR5ZuADvrIx9Nkdygm9eV4xa9kcpEuZkFaMiFSqJqTrltwyTJFU6DT75OfXsmdevDWyRvJ_UeL6U7vYkwDxRhRUzvNfM_HiwwUdu0y6aIlyquq7RRo0zi21VQZ_xCk51nHXBjedpu_0NRKKnrIHl9BoULkdU8aznB9-_Hz3-5EDa2HbK2espTWLFnLbAOBix-NjZML37MNNbwU-LAxDSAXqkvVyabLhZ28_09qm136rIfhd1F4S09N_zOexHWudAc1S-rd-n4TVFtVrmrYvo8WWmNRDxZwJDfRpL2yst4OSkEYrz4YythX5ecmuL1SNx1XsbUapRt-wrC6xg_5VP_fPnl_EM-4k9lBS9C-QPRbR9diB0C860zhYbP229k-Vs1TKX9GU_pYrzyZsf08ganXpufPoD260o8F3p7OTvwF7eij863Vdx9-UW_7Xdh39vlMojO60F_jvXOISyryQKSpTacSXekfnNueb79rISLHdjvMkV7hvJkY5oOnIwj6m6SPoJOyiAeWP48yo9Ych_i7zOfXMojfSfsp4pkJcX_z_UciqTqFaYLIcO-uveVp2rkNxJJKrTPBY6rc2AYzvHTTR7VAwqG7Ad0mN0PvFYF8lPKpQ1NWnhpbHIvtz3S6k8eu21W8Ywwp5qsGy9Smw9I_NTHR-n65FfU7_e2bf9ELrAuCO18y_It_tRJN9emfkrLra5mEkwKCeJWKID6sfaMVOWct0n0frPs0Ze8udZEHhcrojZuWi3uGU5mu-IkhrQgdWzmmWLd_N_aZU_A5ooByxkNJ6aXM1Y0KGBb8kJXIbLrW3yUH-hfnHvR66DPYR6FSdgJI-wu9n6YCSrHBAXv5108Stao5nuRPiJB-zFzlKlTzG6dWx3aoWyJIhZ6xB1y8cpsah_iR8i9hQ6sec0Ny3bH700rHjDlHYwnLLcKM7Iw-jn5Ovdw_PW7i82DeLz_Am5XPjLjjD_od4cek-3NKndzCI2W48divAMLKmYfWCxKmvMT12E-3kYECaOoTUwXWHxcrJ5LdFtEdmYbqJJJMXD2TcK__pzqKhlbyP--azkJynoP_xN_D6L3Y_nFpuQl3bb_jNC53W6KDllCe73SjkJTqe2W9NtVJknt8XK33G9E7RDU3wnu9kjxqbsamzw67xPWE8WAPYAWc8M8FuR1-Sl_gIOfKlO_vkK6X_FU9ag53fJeIxDKNJ_6rmJlm06jyC9K5qPRuMu4tw0B2lE84UWWYm3V4U_k_IL2nD_uNgAR2Opwb7pbWcZg_GqGjc8WAeZwOiNSycruVLT9kWBifhLhVvzSJgno1g8LTvTxEOP1ARpM7wOeiz_yU-dEN0d0N91txkmbZNsBBtNj-23TpqitnzsyvEjL4rdP9NQUltir4sf2ZSCzZv92lcJkHYomisM4R7Z0srat4Z56G6updMqmmQkxXZ6u8i74UWUHBD1ZOymzUG0f2T2DmH8c5tpQKxNQauOX-S_fnZPectfOqUOB8dwPDkx8s9iVFOOn-MdQPBfd9mYamVTtw-BM5NwBQdsvXtHuP27PawTymeGd2fxSuI2c20dkVyx6Fwz3_jQu9wak9phiBYlXFqkpQkU1IrnFBCAu00v5pp1SNgN4L54wWdgfHQl_g1WXT8suJDMJpyRud7OLzFz5fvwunsepJhmpfSIXmJxINGRbpSvCcLEcHWpwNEK8MDKdGuRtM81IwzNH89VzJMzr9OwlUM9WYOgKDG2BoSkw0AoMdYGBWmAcnAcdTYpehwi5FqH6gxCSy8HJjto6OmZB5YMgPnELw4FLZh2Myn5a7P43HimT9ByYlPqEXhLTVBUnZeVgErT87cOqLf053WGbGTuqCNriJ6s7cN5eF-Dk5q2gMazX2wgdm8nkjIpslANdmZdMg1JGDa-EJxckdzYu2k7OImkxyLt3Ers-93wYeYthSEJjUksA9L_-dpDK0iCeO0mYNDa8XPPOyYVikwIal5ks-NQOl6yNqQ48h3QzAsy-0q2e3x4mikQ4JkvwFOdQd4z-DeCjWS-AyR5ujroRajaAsY0Pz97xgtSqkmmaiwlWawHVxElt2ZPn1GnJlqAP9xaBwXRah1MVeVfSX-GtF1S2fSE-C4bbHdqjl14h04d83P8-0SS2t-SQsPC2-SCUiuJP-NORvPvqr_N0cxPtbOT6tt3mVT9KhPY0eZmQrZbBFtgJWp5Ynt6nuH3h8Eos_4rQja8svJSbig21fTdkrS99JudAyKxVt271PUj9QxiU1StJdoVJCtMFsAvs0gbDhcQClBfqMrmaOKRA7IsC4JJY4zBiT0IAR4APbYWos87LAg6WAK8ZN-QCdoAjCMA%3D&uniformat=true&callback=Ya%5B3889573480446%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d2d3aaa4c950ab4fb2d5c2156ee874da2712920f256aeccfbf0c64370c7c2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288199540565-10723005773230525978-vla1-1928-vla-l7-balancer-8080-BAL-6594
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/ 14 KB
14 KB 332ms
122ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y300
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
last-modified: Wed, 11 Aug 2021 14:15:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 13838
x-request-id: eb654db9e7bf0c59

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 239ms
124ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 9deef39818690727
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Feb 2023 23:33:26 GMT

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/4387582/TMrs1dYZns2PiibYJd6utA/ 9 KB
9 KB 390ms
181ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4387582/TMrs1dYZns2PiibYJd6utA/wy150
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a67898ee2e8bd21203b79e8ffc2f50ab486bcc59e26358244c277443c6a29ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
last-modified: Mon, 05 Dec 2022 22:23:07 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 9218
x-request-id: f049d635747ab6f4

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4737663/8qsZWwRCZYfG33qGpvqOuQ/ 22 KB
22 KB 331ms
122ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4737663/8qsZWwRCZYfG33qGpvqOuQ/y300
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: bdba1794137fda32b72cf509f374764bf89059ea78785a4128db3276305053bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
last-modified: Fri, 11 Nov 2022 09:57:39 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 22080
x-request-id: f41f8530ca8a31bb

GET
H/1.1 200
Ok proxyelite.biz
favicon.yandex.net/favicon/ 4 KB
4 KB 206ms
65ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/proxyelite.biz?size=120&stub=2

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7caaae98b7094606cc30c6b7fac93a7df26f69ec64ec9ab26b95660397fec76d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 85D3 24 KB
7 KB 158ms
57ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://ufoleaks.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Mon, 13 Feb 2023 11:36:39 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 12 Feb 2053 18:08:49 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H/1.1 200
OK popunder1000.js Show response
a.exdynsrv.com/ 94 KB
40 KB 106ms
21ms Script
application/javascript 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://a.exdynsrv.com/popunder1000.js
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 394e2eff54c931c4def55131d8c46a20775bc1b49d96a6af5b25906942f64b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:39 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"2ca7f70f5b8e8b292b24e1040ee"
X-HW: 1676288199.dop219.fr8.t,1676288199.cds103.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 40934

GET
H/1.1 200
OK =U2NxADMiNTN3EmYhdTMlJ2NxgDMiljYiJ2Y1QTZxEGNdx3WvU3cuM3ahVGbvZWdv8iOwRHdo1FfbhTOxgDOyYzN2ETX8tFM10FfbJDMxAjN0QTX8t1N1ITX8t1MwQjMxMTM2ETX8tFNzETX8t1N
block.s2block.com/pxl/ 0
437 B 49ms
49ms Image
image/png 95.216.10.178
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://block.s2block.com/pxl/=U2NxADMiNTN3EmYhdTMlJ2NxgDMiljYiJ2Y1QTZxEGNdx3WvU3cuM3ahVGbvZWdv8iOwRHdo1FfbhTOxgDOyYzN2ETX8tFM10FfbJDMxAjN0QTX8t1N1ITX8t1MwQjMxMTM2ETX8tFNzETX8t1N

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Server

95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.178.10.216.95.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:39 GMT
Strict-Transport-Security: max-age=15768000
Last-Modified: Mon, 13 Feb 2023 11:36:39 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1782592/ 43 B
74 B 75ms
74ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1782592/1?page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&cnt-class=1&hittoken=1676288199_e9537a7f156b905472243dd9ffc900746400c60d29815d0bee073fc19e06eb06&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A653%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A156294874171%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113639%3Aet%3A1676288200%3Ac%3A1%3Arn%3A598500747%3Arqn%3A1%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A98%2C70%2C120%2C70%2C%2C0%2C%2C367%2C5%2C%2C%2C%2C726%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Ast%3A1676288200&t=gdpr(14)mc(p-3-h-1)clc(0-0-0)rqnt(1)lt(13800)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

GET
H2 200 1782592 Show response
mc.yandex.com/watch/ 43 B
74 B 72ms
72ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1782592?page-url=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&cnt-class=1&hittoken=1676288199_e9537a7f156b905472243dd9ffc900746400c60d29815d0bee073fc19e06eb06&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A3%3Adp%3A0%3Als%3A156294874171%3Ahid%3A1068644856%3Az%3A0%3Ai%3A20230213113639%3Aet%3A1676288200%3Ac%3A1%3Arn%3A730960977%3Arqn%3A2%3Au%3A1676288199275729915%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1676288197590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288200%3At%3A%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B5%20%D0%BF%D0%BE%D0%BB%D0%B5%20%D0%97%D0%B5%D0%BC%D0%BB%D0%B8%20-%20%D0%B0%D0%BD%D0%BE%D0%BC%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8&t=gdpr(14)mc(p-3-h-1)clc(0-0-0)rqnt(2)lt(13800)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: http://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 13-Feb-2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:39 GMT

GET
H2 200 1I3qdXoi0G4200000000U9nJF6uIjld3qhs6XZll_lXLAhU9tVAumgja1Y3mX8c4Bhb_LItMmLYQ8PKHA9wvy-wLro3nKcOWhtOZa6XbJ02IdI1P861YcCduMnZ2NiYuXmd2Midu1y9WsCley8k7uIYOVvOHPCXLHf3MkumCCWmCVnbd0NNCPGA9B6LQ02JNCaK0H... Show response
yandex.ru/an/rtbcount/ 43 B
387 B 76ms
75ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1I3qdXoi0G4200000000U9nJF6uIjld3qhs6XZll_lXLAhU9tVAumgja1Y3mX8c4Bhb_LItMmLYQ8PKHA9wvy-wLro3nKcOWhtOZa6XbJ02IdI1P861YcCduMnZ2NiYuXmd2Midu1y9WsCley8k7uIYOVvOHPCXLHf3MkumCCWmCVnbd0NNCPGA9B6LQ02JNCaK0HSuo_GU2Lqm2Ng-pYdRUPM08lhdCQV8NLeQ_J2mW9p2p0ibUPaKWEPKPf7akCyZcbK1I0MGhoqRckISVcdx8vGmuoNoCvVA4bD3pRLV1Ak-2oP_C3axy44UpbCe-0hDMiFnMty3o7mOOTo2n3o2nBx3yNjuvuzZpwml5Rx90VFd1_Y7BuvRzRTl-NxD_omBowm9MtfEiVtzmWQKli3OqDB3SP3rsPDExHq5UTLzPGGPri3Mmp62xSZXu0TkJvvtTExwiVP2taWrcp04sZnDip8_OU4ETdAp2VHrDawkgqinVii4i_0bdJMINJilNMBB_ZVqiTZPp8qCZ0wCDx4mxs7bEi8i_OEz-UUxZcxq_VqVzOES10F5Cl6y0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288199709877-544598839347474709-vla1-1928-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:39 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 146ms
73ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 71ms
71ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ufoleaks.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ufoleaks.su
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Feb 2023 11:36:39 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 1782592 Show response
yandex.ru/ads/meta/ 511 B
1 KB 240ms
240ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1782592?target-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C84%3B718860%2C0%2C23%3B685681%2C0%2C79%3B720093%2C0%2C17%3B719192%2C0%2C27%3B717058%2C0%2C96%3B720947%2C0%2C30%3B720933%2C0%2C54%3B720774%2C0%2C44%3B721202%2C0%2C45%3B716125%2C0%2C64&pcode-flags-map=eJytWG2P0zgQ%2FiunfkZcXp2Eb07itFbzdrbTpSBkFSi7Pe3LaelyeyD%2B%2B43jtE3SrssCCMFSOo%2FHM8%2FMPONvEzotK0ZkQTknqUyxwLLGDBdcZhWTC5qSStJSJlURV5NXb79NvqyuH9aTV5P14z%2BTF5Pt%2BvOWfoR%2F%2BpHl%2Bf7k%2B7sXkwXmkpG%2FGsKFXBS4lhmrColTPrAXrCF9AGQHTmi1AKTEcU5Gh8MPGS2pIOBfMuezSsgLKmZVIyQG3wU3eYd8H4Xus8F%2FBzLOc1mzKm0SwY%2BPeR40Achn5qUHovICZ15AKmSOY5K3UAAS47IkzJwd5Lpe0PelJBeSz8EafivACqeEyTrHyxHU2KHQd6Jo7xAtazwlkguazJcypVyBp23UYpXaNKtew8eMJEJykucDaPK6HkIHtnOAbvjQyxKXdWO%2BZWQHlrcHEDMG0SKMqTBlkjdsQZYQckjiVFIuS6DJAuc0PQPqID%2Fcg%2BJURX%2BpeNshiUqXSVczRrDACrwwOIDlOXhYlflS1k2c00TimrZphZRwAZVtRrNty7d7RVtUCyKrHGzpG7JvBKp8f9xD2w09a0i4Pf%2BrEkAhL2cQIs8Njni%2FB8kpNBbI57jQWGHiHaD67qFBcaGLlTBOq3JgGNhhiMKBrWNZgb5Tx1A4sykFBKSjJi1xXZtv5Vie57QYTUm7cmkzVQwMt%2FcP656Z54RupI9WfOa8rdiRzfiuPSPFA0JKWcWcAH1HpXm7en%2B9Hli6yIl07DP6GsZCKWeETmdClsJ8pOe7kabSEpcpeS1ZI9OqwLQ0jg0rcFy0Py9m1RychbPklI3qamxpB36ITh6o2ohgNDaaO7aFdKm%2FIaUjswY6zgVNoenTAjqS0dazvW5UtbY7TsQVU0llOKUN%2F%2BMHEZZY%2Ba0dhnq%2BwEvjvPGhNLo4p5mqSF5XJRBD0IJATxmYAmutoa1nufrOdVKlisRgWhqHkO%2F5ANNRSfViRhR3d%2BdJ1YKN5l4QOMfm0E7hzwtViMDOn0HYOQANuBlky7VOW%2BcEs1IWSu0sMKN4dG9ncKhvWV2Ua0YrRsVSxkvoOOSirpg5YChA0bBXdD0i4cbB6MPwCXuMhAGTYJg9MASTBLLEDV3Cj1zftge2LYv5XiPVMHdoOTWDeH7XudvuBlQWy5pI1%2Bw1zCO%2Fl56CJRAnTmOaQ9TMx0UBetJSzYoEJtr8zOk7jKLJBdVKRkKDzSioCKoukeHEXM1R6ARBz48ORI8XGM5ANiVrYpBsqmIEq%2FL8jMaxHM%2FVrJsyHDvm7wJFrcN329HbN%2FBtxzJ9%2F0Tl2%2F4TFjtyzEg7fmB8EQ4bgNE%2F23eQtlZiipEMes4M9N6UJma70O0abKtzWKEqiJFyN%2FdqRmJzi0fQox17UEowAxnwGkZvMiOQD9W2ecLUhOPc2ImQHdmeNwCbUdF60gOBeMxFZQZyA8cZyPKkLmQBSgBLAMGCLto5bcaI3OGyk9TJL2OMBFFKMgxF8cylw%2FMthAZh4gVmQoLya4gCPxdnHyF00FlaQ48805K6Uqq81c%2BS52e8CuygK6hErQZV2REJZ6pN0QyEKtE7iJlRQRihaK%2BmMkYBBsSztlfCqjZfbmgfz4%2Bq9cgCRW5Hu57Fc7drFESeFexRYJSlCsEoeBEKPWSPT9YkM5%2FlOJaOda8wlBz7oeoIkWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiON88jvCB0j28hpuY7QJrCg9Wha3NZw0SA4QjbxIIU47E6%2BfRZbu8ePlyNtkIrdMa7r%2B6cJ%2FLYvRycSQ4shV3x6vKCJbWWgrUz5tzUQxEsSN2KNTw6yyu9%2B2lHz4CEXUk9BdIydRiezaO8WT3Kq%2FXm8mr7BFy7C8k5iXEsQdQblzIL1MOgrnVruJgB5XrsU5u23pYbmFntywBIKgJd0ljugW15nThhTOrxJRpQgbpttIFuO1QznZ1dlD1d9zl%2Bs2w7jWw1dN%2Fs2%2BTTevvhqljdX25uuyl8c%2Fd%2Bc73mH1bXm9vLySvn%2BwDVB%2BnRI4HusSCpZZwrJqhNt3%2FA28nNanP98v4BfPtvdftx%2FQg%2F%2F7m5WV2uPw8%2BulzdtJ98%2FLq%2B1V9ffdls7%2FSPNy97%2F%2Fh4u%2Bk%2BVch7BPjgfvX1%2Bu7rVfffX%2B%2F13w%2F3q5e3638%2FH33h79XdzaY1fXf6iv3yPaTWnD604%2FnAWPETn0k8WNqnyL0bigoQdASoiXwgOrs1WULnwoJMl%2BZTIg%2B5J0voQN3ffRDM1EWNqXEBgl%2FDl4cAHV55Ol37k9bqOhjKcaa2A1rASnEQx%2B17EYHKMm6wI8C4yTLAIkUNUckB8YRP%2Fi871Osez%2FetHVq%2FErD2zUt1LVGVTyxHJ1pOGKLDO1o3edqNhsM2SavDm043N3rsUvONcPWydebRPfR3cxKnPJ2PH4jUw1fkjp%2FCouP5rkTebptQg36A8v5hu727HRHajnTf50Tsi7J9Ci6bIjZrAhCDVvei2vchqbjKPMzfPAUE0HbDy3%2FYXo9uEnVP2qdQllhCT54TcQ7D1dFQCmeXDiBzDkV9jmlB7y3mOPK2UmEDC1vrsu%2F%2FA5s1jgc%3D&pcode-icookie=6BJ7e%2B0fZjWlb%2FOOiYl32DDvrkJ0Rn6mVeH5Y3HbLu%2Bj5ZhSuayaQpLHxxgl6osRpSbS6oFY0jvO9chtZF8%2Brnrmc0g%3D&duid=MTY3NjI4ODE5OTI3NTcyOTkxNQ%3D%3D&imp-id=5&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=168225279049730&ad-session-id=5767261676288199069&target-id=17824427&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fufoleaks.su&top-ancestor-undetermined=0&pcode-version=721202&pcodever=721202&flash-ver=0&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDcyMTQ2NzA3MjMKNzIwNTc2MDcyNTE0OTcyODU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1078%2C%22h%22%3A0%2C%22width%22%3A1078%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A261%2C%22top%22%3A551%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=4708&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MzB9ChqkpJDkKO6BCFDHH6z0z0UlcZw366P7gpTkyxdMvqaT0qdp-26OEsiuTdPmbVKliu48dlCWFVj91KE76kaj_gb6RABXzCAzpmFaqUmzVsv93ne3EWE0Y8aMBhkdtQvDFTnwXc-hdn03dOC5geu5ogXQc2XZxVtw8YAGwZUtBLEbZNCzGx7K8nDFDsmyIB3uA1e5FKscKjdAz-5CXyiSpVKWly6lK3OoHNLsKpcP4RIaLjCSYRtm1PnEUC_DkCUvM6JlKl8-5zn74uclyA0cit134QXLQbasBoChYFkDt2QQzPb5y80is_fy8ZbhkOpQ7ML-d_F38-yQLx2z1HGdXfmxezqhn-VuE-NwlnYJl6rB-nKG6qiWM-GXFyWs5IHrUC4t39IhHnJdCIsJit0rGLLFAy9IrE-VaEhfTB4-5XJeNkvlrj_kQlnWsBcq6eB1l3CIv0ywQxruC1q6mHZgLa2DbcVMX1EUBTOtnBA975o2YUszbIcqu9IZ_SDBDES1pMt2HJIPHa8pdwOWXtw7Rn2HclFyF6uJLAHHTqHXsFYM4rv4S6PkaOgQL2dSV3KKIb9vvcHdjrhxsMAWdZoo0akl7S6UD6zBADmqAbl4X0Jh425d60IObBYhbgS5HWVlQ9kyx3t_baNl9KxI1YgZ9KxItTomPauaUc2g1QOAC52Vq6lgRaxV6zK9DrEWpZFJq0FGw0irZqSjN2ZkdPRqLb0apRFHApYufAtdPcGjlHThBTOqnSbcrmO8oxHVLJsHQfF2p1lMNmO3F3CIDeYbTK8RL43i1DAOxfKE5gLvQjXk198MXjqIGbfOa590sFTsF_EPS3Is12qDNsMD3vcJ3s3SxlezfEuKq-4WYbmNXNZJItEiAAQdDZMmGqZ1KBbsDk3xDq--aOaLrwUzxekgx1DayL4tIntOFxmmY6egjtiGXGVEcoLwjqETtMlUtUSoDN1XQyS8meyTnRsaOlcuXa_nmXA3zmwkjVE42ol0gShOwxQ71TN--KmoPsrOtOEwtAzOYDYON5gZcXUDMNMxIdjS1zEzaDMyBp1Gg9KoQcpEw45cbVw4BYlmeQxgK2g1E7YZDlcNrY7ewldDy27Ub4qfXNODJ3g62x6i3AxOsgjso8qsXMNsSGNqepkYERVgejpGeiYtwoUoBHnoBSgxBxQdDeIFVuADm6vx3utxHf8RZCxhyibGdD1-CMDyuiBuUmRg1LPq9EBDdgH23lV2R7Ny6Za6gWhDIJpunTq2Zk5cPCeWbHt6257wp0U3e_sOqTk3gEzoWio7MxNOfeHiCmggAJZBq0OimUw1CRtuCgnm9MF6hyjMNgXu5Thxz_uN3xArWLbmbKGcl2yefpSuZS6-hY8g0_rOQ9FELMEOMicY2jIn-0uOk8LZmPOBmgJnI-vT98MUiZAP1yATn80qwMm8p7AJtxgIdqMJLPCVkLVpQGJk0gKRgQ4ZkqxRI0DOyXZwZgYkyGlBZGYQaA-7_pezmo3NGBcfsz67EHdoUHCj0iZpZpsfztTHRRlx50RjNMFe4qumo9Uh0rFHe-s69-3GwC9qkNufae7j_NvnDcnDc1hZZUPwBHXKL-TnB-FQGGOmURqUavjZLahoigiWZNXr8FcDvZ21dN_5zYtTG_ODR4iT7V-xwTzCjlQTUkUVbnuL_xt_QZHPag9s-HZ7nNUcAJVdOQFvN4BS50cy41JmwKEACUWu87__6fsq56pKH3i2jv6W5qwN2u_5oTJYSiQY1BZezGVFOAi3MOG2fyx9dfjCO8pDbP1jzkuWfIf4PE2epBhkS2nJRtggQdlmW7z9cjukPF1m_MoDQF49ohyE3VlBnLs6b-Bl0oPoihhgB5_Ewg2We5nneDZOcCd5NTvaaAfTBC3kjsOEMSHxYS0jguGhm9_FiAUHaEaB8zsLoTWCPwyDP8xuzyNl1_NnNt_Hwl79mshMu2oBr9VodIDU7qa0C4X24CkQbtnJ2uFvP3_8fbntDvj5zo2XUoU_bsd2wCRn0q_ewO_9UU30p_yyX87LTwC-oXwW3JgVj9ewb7vcI_mTfRmwVa_k4CbsTjw7fz95Pd69ddEpGgpumC4QhGPFXmrIEqQJkrbV3b8b29VDPdeAO68T5Ccz9Y3KcHqRHFuJK6OOvV018bvn6glRe-BwR6-EthK51QdfRw4UOrXGqOfm5rZddEH-NAgAs34uCoYpUJ3ehdCG6p6WvPPah9loUgm7wHGjAijrPjEyLHl5GvVRQ9Gx0iFeB3kpwH1LMtdhwKyQ4fX3SRlQ9UvfVlElqsyOFn1U4NjJR5ZuADvrIx9Nkdygm9eV4xa9kcpEuZkFaMiFSqJqTrltwyTJFU6DT75OfXsmdevDWyRvJ_UeL6U7vYkwDxRhRUzvNfM_HiwwUdu0y6aIlyquq7RRo0zi21VQZ_xCk51nHXBjedpu_0NRKKnrIHl9BoULkdU8aznB9-_Hz3-5EDa2HbK2espTWLFnLbAOBix-NjZML37MNNbwU-LAxDSAXqkvVyabLhZ28_09qm136rIfhd1F4S09N_zOexHWudAc1S-rd-n4TVFtVrmrYvo8WWmNRDxZwJDfRpL2yst4OSkEYrz4YythX5ecmuL1SNx1XsbUapRt-wrC6xg_5VP_fPnl_EM-4k9lBS9C-QPRbR9diB0C860zhYbP229k-Vs1TKX9GU_pYrzyZsf08ganXpufPoD260o8F3p7OTvwF7eij863Vdx9-UW_7Xdh39vlMojO60F_jvXOISyryQKSpTacSXekfnNueb79rISLHdjvMkV7hvJkY5oOnIwj6m6SPoJOyiAeWP48yo9Ych_i7zOfXMojfSfsp4pkJcX_z_UciqTqFaYLIcO-uveVp2rkNxJJKrTPBY6rc2AYzvHTTR7VAwqG7Ad0mN0PvFYF8lPKpQ1NWnhpbHIvtz3S6k8eu21W8Ywwp5qsGy9Smw9I_NTHR-n65FfU7_e2bf9ELrAuCO18y_It_tRJN9emfkrLra5mEkwKCeJWKID6sfaMVOWct0n0frPs0Ze8udZEHhcrojZuWi3uGU5mu-IkhrQgdWzmmWLd_N_aZU_A5ooByxkNJ6aXM1Y0KGBb8kJXIbLrW3yUH-hfnHvR66DPYR6FSdgJI-wu9n6YCSrHBAXv5108Stao5nuRPiJB-zFzlKlTzG6dWx3aoWyJIhZ6xB1y8cpsah_iR8i9hQ6sec0Ny3bH700rHjDlHYwnLLcKM7Iw-jn5Ovdw_PW7i82DeLz_Am5XPjLjjD_od4cek-3NKndzCI2W48divAMLKmYfWCxKmvMT12E-3kYECaOoTUwXWHxcrJ5LdFtEdmYbqJJJMXD2TcK__pzqKhlbyP--azkJynoP_xN_D6L3Y_nFpuQl3bb_jNC53W6KDllCe73SjkJTqe2W9NtVJknt8XK33G9E7RDU3wnu9kjxqbsamzw67xPWE8WAPYAWc8M8FuR1-Sl_gIOfKlO_vkK6X_FU9ag53fJeIxDKNJ_6rmJlm06jyC9K5qPRuMu4tw0B2lE84UWWYm3V4U_k_IL2nD_uNgAR2Opwb7pbWcZg_GqGjc8WAeZwOiNSycruVLT9kWBifhLhVvzSJgno1g8LTvTxEOP1ARpM7wOeiz_yU-dEN0d0N91txkmbZNsBBtNj-23TpqitnzsyvEjL4rdP9NQUltir4sf2ZSCzZv92lcJkHYomisM4R7Z0srat4Z56G6updMqmmQkxXZ6u8i74UWUHBD1ZOymzUG0f2T2DmH8c5tpQKxNQauOX-S_fnZPectfOqUOB8dwPDkx8s9iVFOOn-MdQPBfd9mYamVTtw-BM5NwBQdsvXtHuP27PawTymeGd2fxSuI2c20dkVyx6Fwz3_jQu9wak9phiBYlXFqkpQkU1IrnFBCAu00v5pp1SNgN4L54wWdgfHQl_g1WXT8suJDMJpyRud7OLzFz5fvwunsepJhmpfSIXmJxINGRbpSvCcLEcHWpwNEK8MDKdGuRtM81IwzNH89VzJMzr9OwlUM9WYOgKDG2BoSkw0AoMdYGBWmAcnAcdTYpehwi5FqH6gxCSy8HJjto6OmZB5YMgPnELw4FLZh2Myn5a7P43HimT9ByYlPqEXhLTVBUnZeVgErT87cOqLf053WGbGTuqCNriJ6s7cN5eF-Dk5q2gMazX2wgdm8nkjIpslANdmZdMg1JGDa-EJxckdzYu2k7OImkxyLt3Ers-93wYeYthSEJjUksA9L_-dpDK0iCeO0mYNDa8XPPOyYVikwIal5ks-NQOl6yNqQ48h3QzAsy-0q2e3x4mikQ4JkvwFOdQd4z-DeCjWS-AyR5ujroRajaAsY0Pz97xgtSqkmmaiwlWawHVxElt2ZPn1GnJlqAP9xaBwXRah1MVeVfSX-GtF1S2fSE-C4bbHdqjl14h04d83P8-0SS2t-SQsPC2-SCUiuJP-NORvPvqr_N0cxPtbOT6tt3mVT9KhPY0eZmQrZbBFtgJWp5Ynt6nuH3h8Eos_4rQja8svJSbig21fTdkrS99JudAyKxVt271PUj9QxiU1StJdoVJCtMFsAvs0gbDhcQClBfqMrmaOKRA7IsC4JJY4zBiT0IAR4APbYWos87LAg6WAK8ZN-QCdoAjCMA%3D&uniformat=true&callback=Ya%5B2274079552544%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aaec534fbb994fedeb1eb2f9f38aad5e97596e57010f04f992205c9ad0f7a43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288199741116-13834998146633915675-vla1-1928-vla-l7-balancer-8080-BAL-3289
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 85D3 95 B
400 B 459ms
71ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 14 Feb 2023 11:36:40 GMT

GET
H2

200

05b3ea8b53da829fbeea44
an.yandex.ru/mapuid/arcspireis/ Frame 85D3
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/05b3ea8b53da829fbeea44

43 B
82 B

74ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/05b3ea8b53da829fbeea44

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/05b3ea8b53da829fbeea44
date: Mon, 13 Feb 2023 11:36:39 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

1CB35A9DC820EA63A003C6780297177F
an.yandex.ru/mapuid/sapeis/ Frame 85D3
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=2003420AC820EA631F00F5A802D7CC66&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/1CB35A9DC820EA63A003C6780297177F

43 B
80 B

75ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/1CB35A9DC820EA63A003C6780297177F

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

date: Mon, 13 Feb 2023 11:36:40 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/1CB35A9DC820EA63A003C6780297177F
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

a1535696-e344-522c-85e4-b757e60e979f
an.yandex.ru/mapuid/betweendigitalis/ Frame 85D3
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/a1535696-e344-522c-85e4-b757e60e979f

43 B
82 B

75ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/a1535696-e344-522c-85e4-b757e60e979f

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/a1535696-e344-522c-85e4-b757e60e979f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=ABEA15CB06CA4FF8
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABEA15CB06CA4FF8

42 B
942 B

45ms
45ms

Image
image/gif

54.72.143.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABEA15CB06CA4FF8

Protocol

HTTP/1.1

Server

54.72.143.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-143-161.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-023a5908f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: e5Kke7IfTHY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-04ea58e04.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ZwXalG5JRmE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=ABEA15CB06CA4FF8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

23ms
23ms

Image
image/gif

18.193.152.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Server: 18.193.152.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-152-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Feb 2023 11:36:40 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=123F80D0132738A8&publisher_dsp_id=429&publisher_call_type=redirect
date: Mon, 13 Feb 2023 11:36:40 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame 85D3 0
0 83ms
75ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=1E625CBF15CE82CF
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=1E625CBF15CE82CF&crf=1

68 B
607 B

33ms
32ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=1E625CBF15CE82CF&crf=1
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=161&external_user_id=1E625CBF15CE82CF&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=B958219AA2B96774

0
241 B

410ms
112ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=B958219AA2B96774
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Connection: close
Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199794366-5468841257495540891-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=B958219AA2B96774
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame 85D3 0
0 81ms
74ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

350ms
56ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199794998-11105850232373958773-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

341ms
56ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199805663-10027653762633093394-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

342ms
55ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199805894-4104103314210016985-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=2F4C7B3C8E11226D&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame 85D3
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=55EB29BD39027256

35 B
467 B

338ms
46ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=55EB29BD39027256
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199806181-17179238784711637512-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=55EB29BD39027256
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2 200 /
yandex.ru/an/mapuid/xapadsssp/ Frame 85D3 43 B
321 B 90ms
84ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/xapadsssp/

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288199806395-7648448706401613792-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2

200

04003b830772f32e20dfc2b7c946c9a8ff4d6d8d4eb30811de30b88d498dfdf1
an.yandex.ru/mapuid/mediascope/ Frame 85D3
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/04003b830772f32e20dfc2b7c946c9a8ff4d6d8d4eb30811de30b88d498dfdf1

43 B
82 B

76ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/04003b830772f32e20dfc2b7c946c9a8ff4d6d8d4eb30811de30b88d498dfdf1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: ms-counter-3.5.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/04003b830772f32e20dfc2b7c946c9a8ff4d6d8d4eb30811de30b88d498dfdf1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame 85D3 0
278 B 445ms
62ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 102
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame 85D3 0
238 B 445ms
62ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 125
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

5UcO6YfbXqWL2b77NQM7
an.yandex.ru/mapuid/dmpamberdata/ Frame 85D3
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1676288199
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1676288200169&i=1676288199
https://an.yandex.ru/mapuid/dmpamberdata/5UcO6YfbXqWL2b77NQM7

43 B
80 B

74ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/5UcO6YfbXqWL2b77NQM7

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 10
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/5UcO6YfbXqWL2b77NQM7
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame 85D3
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/f9e65f79-2ea3-48de-bf63-bbc51eb572b7
https://match.360yield.com/match?external_user_id=f9e65f79-2ea3-48de-bf63-bbc51eb572b7&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

22ms
22ms

Image
image/gif

18.193.152.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=f9e65f79-2ea3-48de-bf63-bbc51eb572b7&publisher_dsp_id=429&publisher_call_type=redirect
Protocol: H2
Server: 18.193.152.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-152-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Feb 2023 11:36:40 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=f9e65f79-2ea3-48de-bf63-bbc51eb572b7&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

GET
H2

200

4ddb817b-fbc6-4dba-7578-57494ffa71f5
an.yandex.ru/mapuid/buzzooladspis/ Frame 85D3
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/4ddb817b-fbc6-4dba-7578-57494ffa71f5

43 B
365 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/4ddb817b-fbc6-4dba-7578-57494ffa71f5

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/4ddb817b-fbc6-4dba-7578-57494ffa71f5
date: Mon, 13 Feb 2023 11:36:40 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

Y-ogyEporTk
an.yandex.ru/mapuid/soltadspis/ Frame 85D3
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=f7jRpMThnHEx
https://an.yandex.ru/mapuid/soltadspis/Y-ogyEporTk

43 B
80 B

75ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/soltadspis/Y-ogyEporTk

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/soltadspis/Y-ogyEporTk
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=3;dur=0.0001
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame 85D3
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

81ms
79ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame 85D3 0
0

GET
H2

200

860f88e3-293d-47ff-9bdb-0775250f53a3
an.yandex.ru/mapuid/hyperdspis/ Frame 85D3
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/860f88e3-293d-47ff-9bdb-0775250f53a3

43 B
80 B

76ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/860f88e3-293d-47ff-9bdb-0775250f53a3

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/860f88e3-293d-47ff-9bdb-0775250f53a3
Date: Mon, 13 Feb 2023 11:36:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 85D3
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

75ms
74ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

date: Mon, 13 Feb 2023 11:36:40 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal2
content-length: 0

GET
H2

200

61y7RrNDxTK.AikABlGGSpAO8Q
an.yandex.ru/mapuid/getintentis/ Frame 85D3
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/61y7RrNDxTK.AikABlGGSpAO8Q

43 B
80 B

79ms
78ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/61y7RrNDxTK.AikABlGGSpAO8Q

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
server: nginx
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/61y7RrNDxTK.AikABlGGSpAO8Q
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

NdO33qM.Embman9XoXjPne
an.yandex.ru/mapuid/dmpweborama/ Frame 85D3
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=572455228
https://an.yandex.ru/mapuid/dmpweborama/NdO33qM.Embman9XoXjPne

43 B
80 B

74ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/NdO33qM.Embman9XoXjPne

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
via: 1.1 google
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/NdO33qM.Embman9XoXjPne
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame 85D3 68 B
841 B 108ms
51ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FzozEstlqqbDCc%2BKtuE%2BcfHxPyHaezPz2uGEl8xYnh0Lz5hbm3viov4pU7FF%2FEEab%2FZfb1AwvSriWMgilQIotrirj1GacgybqKWjbidjnM78sWR3Y4MDQD0DDNhxO8arLOb08qmTt4%2FllFUfHxPqqXP6z%2BC"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 798d4484997d35e7-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

CmhtsipAwaB29En0vdcp
an.yandex.ru/mapuid/kadamis/ Frame 85D3
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/CmhtsipAwaB29En0vdcp

43 B
80 B

73ms
72ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/CmhtsipAwaB29En0vdcp

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/CmhtsipAwaB29En0vdcp
date: Mon, 13 Feb 2023 11:36:40 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

a6004e29-f650-428f-81a2-2d3093482a78
an.yandex.ru/mapuid/mtsdspis/ Frame 85D3
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=a6004e29-f650-428f-81a2-2d3093482a78&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fa6004e29-f650-428f-81a2-2d3093482a78
https://an.yandex.ru/mapuid/mtsdspis/a6004e29-f650-428f-81a2-2d3093482a78

43 B
80 B

76ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/a6004e29-f650-428f-81a2-2d3093482a78

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/a6004e29-f650-428f-81a2-2d3093482a78
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

ct_sync.php
sync.magnitent.com/fbfli/ Frame 85D3
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=e30dfec69bfb4c47b47d2f446e806380
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=089EC568695D27C4&sid=e30dfec69bfb4c47b47d2f446e806380
https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v=
https://sync.magnitent.com/fbfli/ct_sync.php?ct=6b61843d3616457ca611ebc00631fdd0&sonar=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v=

0
676 B

137ms
47ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.magnitent.com/fbfli/ct_sync.php?ct=6b61843d3616457ca611ebc00631fdd0&sonar=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v=
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *, *
date: Mon, 13 Feb 2023 11:36:40 GMT
mode: no-cors, no-cors
cache-control: no-cache, no-cache
content-encoding: gzip
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

Redirect headers

location: https://sync.magnitent.com/fbfli/ct_sync.php?ct=6b61843d3616457ca611ebc00631fdd0&sonar=e30dfec69bfb4c47b47d2f446e806380&spid=089EC568695D27C4&v=
access-control-allow-origin: *
date: Mon, 13 Feb 2023 11:36:40 GMT
mode: no-cors
server: nginx/1.20.1
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 85D3 42 B
201 B 332ms
82ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 85D3 42 B
201 B 327ms
84ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 85D3 12 B
155 B 185ms
61ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 85D3 43 B
390 B 83ms
19ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 13 Feb 2023 11:36:40 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame 85D3 0
69 B 184ms
59ms Image
text/plain 194.55.244.181
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: ufoleaks.su
URL: http://ufoleaks.su/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Feb 2023 11:36:40 GMT
server: nginx/1.23.2

GET
H2

200

d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57
an.yandex.ru/mapuid/upravelis/ Frame 85D3
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57

43 B
80 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

date: Mon, 13 Feb 2023 11:36:40 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

%2BQkO4LxCbcPXw9uv3ZOPEQ
an.yandex.ru/mapuid/dmpaidatame/ Frame 85D3
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/%2BQkO4LxCbcPXw9uv3ZOPEQ?sign=2380470466

43 B
80 B

75ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/%2BQkO4LxCbcPXw9uv3ZOPEQ?sign=2380470466

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
last-modified: Mon, 13 Feb 2023 11:36:39 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/%2BQkO4LxCbcPXw9uv3ZOPEQ?sign=2380470466
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 13 Feb 2023 11:36:39 GMT

GET
H2

200

BsaLmGvK65sQ
an.yandex.ru/mapuid/dmpsegmento/ Frame 85D3
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/BsaLmGvK65sQ?sign=1268506764

43 B
80 B

75ms
75ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/BsaLmGvK65sQ?sign=1268506764

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/BsaLmGvK65sQ?sign=1268506764
Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

F7Tq75mUPBgU
an.yandex.ru/mapuid/rutargetis/ Frame 85D3
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/F7Tq75mUPBgU

43 B
80 B

73ms
73ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/F7Tq75mUPBgU

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/F7Tq75mUPBgU
Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 1782592 Show response
yandex.ru/ads/meta/ 107 KB
32 KB 330ms
329ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1782592?target-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C84%3B718860%2C0%2C23%3B685681%2C0%2C79%3B720093%2C0%2C17%3B719192%2C0%2C27%3B717058%2C0%2C96%3B720947%2C0%2C30%3B720933%2C0%2C54%3B720774%2C0%2C44%3B721202%2C0%2C45%3B716125%2C0%2C64&pcode-flags-map=eJytWG2P0zgQ%2FiunfkZcXp2Eb07itFbzdrbTpSBkFSi7Pe3LaelyeyD%2B%2B43jtE3SrssCCMFSOo%2FHM8%2FMPONvEzotK0ZkQTknqUyxwLLGDBdcZhWTC5qSStJSJlURV5NXb79NvqyuH9aTV5P14z%2BTF5Pt%2BvOWfoR%2F%2BpHl%2Bf7k%2B7sXkwXmkpG%2FGsKFXBS4lhmrColTPrAXrCF9AGQHTmi1AKTEcU5Gh8MPGS2pIOBfMuezSsgLKmZVIyQG3wU3eYd8H4Xus8F%2FBzLOc1mzKm0SwY%2BPeR40Achn5qUHovICZ15AKmSOY5K3UAAS47IkzJwd5Lpe0PelJBeSz8EafivACqeEyTrHyxHU2KHQd6Jo7xAtazwlkguazJcypVyBp23UYpXaNKtew8eMJEJykucDaPK6HkIHtnOAbvjQyxKXdWO%2BZWQHlrcHEDMG0SKMqTBlkjdsQZYQckjiVFIuS6DJAuc0PQPqID%2Fcg%2BJURX%2BpeNshiUqXSVczRrDACrwwOIDlOXhYlflS1k2c00TimrZphZRwAZVtRrNty7d7RVtUCyKrHGzpG7JvBKp8f9xD2w09a0i4Pf%2BrEkAhL2cQIs8Njni%2FB8kpNBbI57jQWGHiHaD67qFBcaGLlTBOq3JgGNhhiMKBrWNZgb5Tx1A4sykFBKSjJi1xXZtv5Vie57QYTUm7cmkzVQwMt%2FcP656Z54RupI9WfOa8rdiRzfiuPSPFA0JKWcWcAH1HpXm7en%2B9Hli6yIl07DP6GsZCKWeETmdClsJ8pOe7kabSEpcpeS1ZI9OqwLQ0jg0rcFy0Py9m1RychbPklI3qamxpB36ITh6o2ohgNDaaO7aFdKm%2FIaUjswY6zgVNoenTAjqS0dazvW5UtbY7TsQVU0llOKUN%2F%2BMHEZZY%2Ba0dhnq%2BwEvjvPGhNLo4p5mqSF5XJRBD0IJATxmYAmutoa1nufrOdVKlisRgWhqHkO%2F5ANNRSfViRhR3d%2BdJ1YKN5l4QOMfm0E7hzwtViMDOn0HYOQANuBlky7VOW%2BcEs1IWSu0sMKN4dG9ncKhvWV2Ua0YrRsVSxkvoOOSirpg5YChA0bBXdD0i4cbB6MPwCXuMhAGTYJg9MASTBLLEDV3Cj1zftge2LYv5XiPVMHdoOTWDeH7XudvuBlQWy5pI1%2Bw1zCO%2Fl56CJRAnTmOaQ9TMx0UBetJSzYoEJtr8zOk7jKLJBdVKRkKDzSioCKoukeHEXM1R6ARBz48ORI8XGM5ANiVrYpBsqmIEq%2FL8jMaxHM%2FVrJsyHDvm7wJFrcN329HbN%2FBtxzJ9%2F0Tl2%2F4TFjtyzEg7fmB8EQ4bgNE%2F23eQtlZiipEMes4M9N6UJma70O0abKtzWKEqiJFyN%2FdqRmJzi0fQox17UEowAxnwGkZvMiOQD9W2ecLUhOPc2ImQHdmeNwCbUdF60gOBeMxFZQZyA8cZyPKkLmQBSgBLAMGCLto5bcaI3OGyk9TJL2OMBFFKMgxF8cylw%2FMthAZh4gVmQoLya4gCPxdnHyF00FlaQ48805K6Uqq81c%2BS52e8CuygK6hErQZV2REJZ6pN0QyEKtE7iJlRQRihaK%2BmMkYBBsSztlfCqjZfbmgfz4%2Bq9cgCRW5Hu57Fc7drFESeFexRYJSlCsEoeBEKPWSPT9YkM5%2FlOJaOda8wlBz7oeoIkWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiON88jvCB0j28hpuY7QJrCg9Wha3NZw0SA4QjbxIIU47E6%2BfRZbu8ePlyNtkIrdMa7r%2B6cJ%2FLYvRycSQ4shV3x6vKCJbWWgrUz5tzUQxEsSN2KNTw6yyu9%2B2lHz4CEXUk9BdIydRiezaO8WT3Kq%2FXm8mr7BFy7C8k5iXEsQdQblzIL1MOgrnVruJgB5XrsU5u23pYbmFntywBIKgJd0ljugW15nThhTOrxJRpQgbpttIFuO1QznZ1dlD1d9zl%2Bs2w7jWw1dN%2Fs2%2BTTevvhqljdX25uuyl8c%2Fd%2Bc73mH1bXm9vLySvn%2BwDVB%2BnRI4HusSCpZZwrJqhNt3%2FA28nNanP98v4BfPtvdftx%2FQg%2F%2F7m5WV2uPw8%2BulzdtJ98%2FLq%2B1V9ffdls7%2FSPNy97%2F%2Fh4u%2Bk%2BVch7BPjgfvX1%2Bu7rVfffX%2B%2F13w%2F3q5e3638%2FH33h79XdzaY1fXf6iv3yPaTWnD604%2FnAWPETn0k8WNqnyL0bigoQdASoiXwgOrs1WULnwoJMl%2BZTIg%2B5J0voQN3ffRDM1EWNqXEBgl%2FDl4cAHV55Ol37k9bqOhjKcaa2A1rASnEQx%2B17EYHKMm6wI8C4yTLAIkUNUckB8YRP%2Fi871Osez%2FetHVq%2FErD2zUt1LVGVTyxHJ1pOGKLDO1o3edqNhsM2SavDm043N3rsUvONcPWydebRPfR3cxKnPJ2PH4jUw1fkjp%2FCouP5rkTebptQg36A8v5hu727HRHajnTf50Tsi7J9Ci6bIjZrAhCDVvei2vchqbjKPMzfPAUE0HbDy3%2FYXo9uEnVP2qdQllhCT54TcQ7D1dFQCmeXDiBzDkV9jmlB7y3mOPK2UmEDC1vrsu%2F%2FA5s1jgc%3D&pcode-icookie=6BJ7e%2B0fZjWlb%2FOOiYl32DDvrkJ0Rn6mVeH5Y3HbLu%2Bj5ZhSuayaQpLHxxgl6osRpSbS6oFY0jvO9chtZF8%2Brnrmc0g%3D&duid=MTY3NjI4ODE5OTI3NTcyOTkxNQ%3D%3D&imp-id=11&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=168225279049730&ad-session-id=5767261676288199069&target-id=88120438&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fufoleaks.su&top-ancestor-undetermined=0&pcode-version=721202&pcodever=721202&flash-ver=0&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDcyMTQ2NzA3MjMKNzIwNTc2MDcyNTE0OTcyODU%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A1158%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%7D&grab-orig-len=4708&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MzB9ChqkpJDkKO6BCFDHH6z0z0UlcZw366P7gpTkyxdMvqaT0qdp-26OEsiuTdPmbVKliu48dlCWFVj91KE76kaj_gb6RABXzCAzpmFaqUmzVsv93ne3EWE0Y8aMBhkdtQvDFTnwXc-hdn03dOC5geu5ogXQc2XZxVtw8YAGwZUtBLEbZNCzGx7K8nDFDsmyIB3uA1e5FKscKjdAz-5CXyiSpVKWly6lK3OoHNLsKpcP4RIaLjCSYRtm1PnEUC_DkCUvM6JlKl8-5zn74uclyA0cit134QXLQbasBoChYFkDt2QQzPb5y80is_fy8ZbhkOpQ7ML-d_F38-yQLx2z1HGdXfmxezqhn-VuE-NwlnYJl6rB-nKG6qiWM-GXFyWs5IHrUC4t39IhHnJdCIsJit0rGLLFAy9IrE-VaEhfTB4-5XJeNkvlrj_kQlnWsBcq6eB1l3CIv0ywQxruC1q6mHZgLa2DbcVMX1EUBTOtnBA975o2YUszbIcqu9IZ_SDBDES1pMt2HJIPHa8pdwOWXtw7Rn2HclFyF6uJLAHHTqHXsFYM4rv4S6PkaOgQL2dSV3KKIb9vvcHdjrhxsMAWdZoo0akl7S6UD6zBADmqAbl4X0Jh425d60IObBYhbgS5HWVlQ9kyx3t_baNl9KxI1YgZ9KxItTomPauaUc2g1QOAC52Vq6lgRaxV6zK9DrEWpZFJq0FGw0irZqSjN2ZkdPRqLb0apRFHApYufAtdPcGjlHThBTOqnSbcrmO8oxHVLJsHQfF2p1lMNmO3F3CIDeYbTK8RL43i1DAOxfKE5gLvQjXk198MXjqIGbfOa590sFTsF_EPS3Is12qDNsMD3vcJ3s3SxlezfEuKq-4WYbmNXNZJItEiAAQdDZMmGqZ1KBbsDk3xDq--aOaLrwUzxekgx1DayL4tIntOFxmmY6egjtiGXGVEcoLwjqETtMlUtUSoDN1XQyS8meyTnRsaOlcuXa_nmXA3zmwkjVE42ol0gShOwxQ71TN--KmoPsrOtOEwtAzOYDYON5gZcXUDMNMxIdjS1zEzaDMyBp1Gg9KoQcpEw45cbVw4BYlmeQxgK2g1E7YZDlcNrY7ewldDy27Ub4qfXNODJ3g62x6i3AxOsgjso8qsXMNsSGNqepkYERVgejpGeiYtwoUoBHnoBSgxBxQdDeIFVuADm6vx3utxHf8RZCxhyibGdD1-CMDyuiBuUmRg1LPq9EBDdgH23lV2R7Ny6Za6gWhDIJpunTq2Zk5cPCeWbHt6257wp0U3e_sOqTk3gEzoWio7MxNOfeHiCmggAJZBq0OimUw1CRtuCgnm9MF6hyjMNgXu5Thxz_uN3xArWLbmbKGcl2yefpSuZS6-hY8g0_rOQ9FELMEOMicY2jIn-0uOk8LZmPOBmgJnI-vT98MUiZAP1yATn80qwMm8p7AJtxgIdqMJLPCVkLVpQGJk0gKRgQ4ZkqxRI0DOyXZwZgYkyGlBZGYQaA-7_pezmo3NGBcfsz67EHdoUHCj0iZpZpsfztTHRRlx50RjNMFe4qumo9Uh0rFHe-s69-3GwC9qkNufae7j_NvnDcnDc1hZZUPwBHXKL-TnB-FQGGOmURqUavjZLahoigiWZNXr8FcDvZ21dN_5zYtTG_ODR4iT7V-xwTzCjlQTUkUVbnuL_xt_QZHPag9s-HZ7nNUcAJVdOQFvN4BS50cy41JmwKEACUWu87__6fsq56pKH3i2jv6W5qwN2u_5oTJYSiQY1BZezGVFOAi3MOG2fyx9dfjCO8pDbP1jzkuWfIf4PE2epBhkS2nJRtggQdlmW7z9cjukPF1m_MoDQF49ohyE3VlBnLs6b-Bl0oPoihhgB5_Ewg2We5nneDZOcCd5NTvaaAfTBC3kjsOEMSHxYS0jguGhm9_FiAUHaEaB8zsLoTWCPwyDP8xuzyNl1_NnNt_Hwl79mshMu2oBr9VodIDU7qa0C4X24CkQbtnJ2uFvP3_8fbntDvj5zo2XUoU_bsd2wCRn0q_ewO_9UU30p_yyX87LTwC-oXwW3JgVj9ewb7vcI_mTfRmwVa_k4CbsTjw7fz95Pd69ddEpGgpumC4QhGPFXmrIEqQJkrbV3b8b29VDPdeAO68T5Ccz9Y3KcHqRHFuJK6OOvV018bvn6glRe-BwR6-EthK51QdfRw4UOrXGqOfm5rZddEH-NAgAs34uCoYpUJ3ehdCG6p6WvPPah9loUgm7wHGjAijrPjEyLHl5GvVRQ9Gx0iFeB3kpwH1LMtdhwKyQ4fX3SRlQ9UvfVlElqsyOFn1U4NjJR5ZuADvrIx9Nkdygm9eV4xa9kcpEuZkFaMiFSqJqTrltwyTJFU6DT75OfXsmdevDWyRvJ_UeL6U7vYkwDxRhRUzvNfM_HiwwUdu0y6aIlyquq7RRo0zi21VQZ_xCk51nHXBjedpu_0NRKKnrIHl9BoULkdU8aznB9-_Hz3-5EDa2HbK2espTWLFnLbAOBix-NjZML37MNNbwU-LAxDSAXqkvVyabLhZ28_09qm136rIfhd1F4S09N_zOexHWudAc1S-rd-n4TVFtVrmrYvo8WWmNRDxZwJDfRpL2yst4OSkEYrz4YythX5ecmuL1SNx1XsbUapRt-wrC6xg_5VP_fPnl_EM-4k9lBS9C-QPRbR9diB0C860zhYbP229k-Vs1TKX9GU_pYrzyZsf08ganXpufPoD260o8F3p7OTvwF7eij863Vdx9-UW_7Xdh39vlMojO60F_jvXOISyryQKSpTacSXekfnNueb79rISLHdjvMkV7hvJkY5oOnIwj6m6SPoJOyiAeWP48yo9Ych_i7zOfXMojfSfsp4pkJcX_z_UciqTqFaYLIcO-uveVp2rkNxJJKrTPBY6rc2AYzvHTTR7VAwqG7Ad0mN0PvFYF8lPKpQ1NWnhpbHIvtz3S6k8eu21W8Ywwp5qsGy9Smw9I_NTHR-n65FfU7_e2bf9ELrAuCO18y_It_tRJN9emfkrLra5mEkwKCeJWKID6sfaMVOWct0n0frPs0Ze8udZEHhcrojZuWi3uGU5mu-IkhrQgdWzmmWLd_N_aZU_A5ooByxkNJ6aXM1Y0KGBb8kJXIbLrW3yUH-hfnHvR66DPYR6FSdgJI-wu9n6YCSrHBAXv5108Stao5nuRPiJB-zFzlKlTzG6dWx3aoWyJIhZ6xB1y8cpsah_iR8i9hQ6sec0Ny3bH700rHjDlHYwnLLcKM7Iw-jn5Ovdw_PW7i82DeLz_Am5XPjLjjD_od4cek-3NKndzCI2W48divAMLKmYfWCxKmvMT12E-3kYECaOoTUwXWHxcrJ5LdFtEdmYbqJJJMXD2TcK__pzqKhlbyP--azkJynoP_xN_D6L3Y_nFpuQl3bb_jNC53W6KDllCe73SjkJTqe2W9NtVJknt8XK33G9E7RDU3wnu9kjxqbsamzw67xPWE8WAPYAWc8M8FuR1-Sl_gIOfKlO_vkK6X_FU9ag53fJeIxDKNJ_6rmJlm06jyC9K5qPRuMu4tw0B2lE84UWWYm3V4U_k_IL2nD_uNgAR2Opwb7pbWcZg_GqGjc8WAeZwOiNSycruVLT9kWBifhLhVvzSJgno1g8LTvTxEOP1ARpM7wOeiz_yU-dEN0d0N91txkmbZNsBBtNj-23TpqitnzsyvEjL4rdP9NQUltir4sf2ZSCzZv92lcJkHYomisM4R7Z0srat4Z56G6updMqmmQkxXZ6u8i74UWUHBD1ZOymzUG0f2T2DmH8c5tpQKxNQauOX-S_fnZPectfOqUOB8dwPDkx8s9iVFOOn-MdQPBfd9mYamVTtw-BM5NwBQdsvXtHuP27PawTymeGd2fxSuI2c20dkVyx6Fwz3_jQu9wak9phiBYlXFqkpQkU1IrnFBCAu00v5pp1SNgN4L54wWdgfHQl_g1WXT8suJDMJpyRud7OLzFz5fvwunsepJhmpfSIXmJxINGRbpSvCcLEcHWpwNEK8MDKdGuRtM81IwzNH89VzJMzr9OwlUM9WYOgKDG2BoSkw0AoMdYGBWmAcnAcdTYpehwi5FqH6gxCSy8HJjto6OmZB5YMgPnELw4FLZh2Myn5a7P43HimT9ByYlPqEXhLTVBUnZeVgErT87cOqLf053WGbGTuqCNriJ6s7cN5eF-Dk5q2gMazX2wgdm8nkjIpslANdmZdMg1JGDa-EJxckdzYu2k7OImkxyLt3Ers-93wYeYthSEJjUksA9L_-dpDK0iCeO0mYNDa8XPPOyYVikwIal5ks-NQOl6yNqQ48h3QzAsy-0q2e3x4mikQ4JkvwFOdQd4z-DeCjWS-AyR5ujroRajaAsY0Pz97xgtSqkmmaiwlWawHVxElt2ZPn1GnJlqAP9xaBwXRah1MVeVfSX-GtF1S2fSE-C4bbHdqjl14h04d83P8-0SS2t-SQsPC2-SCUiuJP-NORvPvqr_N0cxPtbOT6tt3mVT9KhPY0eZmQrZbBFtgJWp5Ynt6nuH3h8Eos_4rQja8svJSbig21fTdkrS99JudAyKxVt271PUj9QxiU1StJdoVJCtMFsAvs0gbDhcQClBfqMrmaOKRA7IsC4JJY4zBiT0IAR4APbYWos87LAg6WAK8ZN-QCdoAjCMA%3D&uniformat=true&callback=Ya%5B4535366063722%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

16dd525e2d45bd646524e59888886e507a27452515a21850ad244a6be21c3131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1676288199984956-746653922884787177-vla1-1928-vla-l7-balancer-8080-BAL-2568
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:40 GMT

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 6542 1023 B
914 B 126ms
61ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://ufoleaks.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 13 Feb 2023 11:36:40 GMT
Expires: Mon, 13 Feb 2023 12:06:40 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 63ms
63ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.8298257968679659
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3c40e08badf9b270fa5b32603ffc2bbd24e00b26bd2bafd3737cbd88120418b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Feb 2023 11:36:40 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Tue, 24 Jan 2023 08:31:58 GMT

GET
H/1.1 200
OK alt.js Show response
cntrsync.ru/ 78 KB
7 KB 243ms
114ms Script
application/javascript 92.63.102.100
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://cntrsync.ru/alt.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.8298257968679659

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.102.100 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1022.ru

Software

nginx/1.13.12 /

Resource Hash

611aebf8ef939abe70339ca753827220aaf80b5a23a03e20297f452554a6c803

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Content-Encoding: gzip
Last-Modified: Monday, 13-Feb-2023 11:36:40 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK / Show response
supraneet.ru/minus/ 0
319 B 195ms
66ms Script
application/javascript 62.109.6.15
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://supraneet.ru/minus/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.8298257968679659

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.6.15 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1024.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Last-Modified: Monday, 13-Feb-2023 11:36:40 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 208ms
64ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.8298257968679659
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Mon, 13 Feb 2023 11:36:40 GMT
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Server: nginx
ETag: "63775557-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 71ms
71ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ufoleaks.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ufoleaks.su
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 73ms
72ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/ 5 KB
5 KB 72ms
71ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy150
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0a68fa3877c10a6098635ed295b34819ca1aa45006ae4d9804b0884a7975eddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
last-modified: Fri, 11 Jan 2019 09:30:35 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 5026
x-request-id: 6b41962c935321d7

GET
H/1.1 200
Ok ridero.eu
favicon.yandex.net/favicon/ 1 KB
1 KB 67ms
66ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/ridero.eu?size=120&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H/1.1 200
Ok efesusstone.com
favicon.yandex.net/favicon/ 8 KB
9 KB 144ms
67ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/efesusstone.com?size=120&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b5fb195844036d511cbc48bb7a0bf6569eb9b63e47ab399193309bdcd527c465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ufoleaks.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 1782592 Show response
yandex.ru/ads/meta/ 559 B
452 B 162ms
162ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1782592?target-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C84%3B718860%2C0%2C23%3B685681%2C0%2C79%3B720093%2C0%2C17%3B719192%2C0%2C27%3B717058%2C0%2C96%3B720947%2C0%2C30%3B720933%2C0%2C54%3B720774%2C0%2C44%3B721202%2C0%2C45%3B716125%2C0%2C64&pcode-flags-map=eJytWG2P0zgQ%2FiunfkZcXp2Eb07itFbzdrbTpSBkFSi7Pe3LaelyeyD%2B%2B43jtE3SrssCCMFSOo%2FHM8%2FMPONvEzotK0ZkQTknqUyxwLLGDBdcZhWTC5qSStJSJlURV5NXb79NvqyuH9aTV5P14z%2BTF5Pt%2BvOWfoR%2F%2BpHl%2Bf7k%2B7sXkwXmkpG%2FGsKFXBS4lhmrColTPrAXrCF9AGQHTmi1AKTEcU5Gh8MPGS2pIOBfMuezSsgLKmZVIyQG3wU3eYd8H4Xus8F%2FBzLOc1mzKm0SwY%2BPeR40Achn5qUHovICZ15AKmSOY5K3UAAS47IkzJwd5Lpe0PelJBeSz8EafivACqeEyTrHyxHU2KHQd6Jo7xAtazwlkguazJcypVyBp23UYpXaNKtew8eMJEJykucDaPK6HkIHtnOAbvjQyxKXdWO%2BZWQHlrcHEDMG0SKMqTBlkjdsQZYQckjiVFIuS6DJAuc0PQPqID%2Fcg%2BJURX%2BpeNshiUqXSVczRrDACrwwOIDlOXhYlflS1k2c00TimrZphZRwAZVtRrNty7d7RVtUCyKrHGzpG7JvBKp8f9xD2w09a0i4Pf%2BrEkAhL2cQIs8Njni%2FB8kpNBbI57jQWGHiHaD67qFBcaGLlTBOq3JgGNhhiMKBrWNZgb5Tx1A4sykFBKSjJi1xXZtv5Vie57QYTUm7cmkzVQwMt%2FcP656Z54RupI9WfOa8rdiRzfiuPSPFA0JKWcWcAH1HpXm7en%2B9Hli6yIl07DP6GsZCKWeETmdClsJ8pOe7kabSEpcpeS1ZI9OqwLQ0jg0rcFy0Py9m1RychbPklI3qamxpB36ITh6o2ohgNDaaO7aFdKm%2FIaUjswY6zgVNoenTAjqS0dazvW5UtbY7TsQVU0llOKUN%2F%2BMHEZZY%2Ba0dhnq%2BwEvjvPGhNLo4p5mqSF5XJRBD0IJATxmYAmutoa1nufrOdVKlisRgWhqHkO%2F5ANNRSfViRhR3d%2BdJ1YKN5l4QOMfm0E7hzwtViMDOn0HYOQANuBlky7VOW%2BcEs1IWSu0sMKN4dG9ncKhvWV2Ua0YrRsVSxkvoOOSirpg5YChA0bBXdD0i4cbB6MPwCXuMhAGTYJg9MASTBLLEDV3Cj1zftge2LYv5XiPVMHdoOTWDeH7XudvuBlQWy5pI1%2Bw1zCO%2Fl56CJRAnTmOaQ9TMx0UBetJSzYoEJtr8zOk7jKLJBdVKRkKDzSioCKoukeHEXM1R6ARBz48ORI8XGM5ANiVrYpBsqmIEq%2FL8jMaxHM%2FVrJsyHDvm7wJFrcN329HbN%2FBtxzJ9%2F0Tl2%2F4TFjtyzEg7fmB8EQ4bgNE%2F23eQtlZiipEMes4M9N6UJma70O0abKtzWKEqiJFyN%2FdqRmJzi0fQox17UEowAxnwGkZvMiOQD9W2ecLUhOPc2ImQHdmeNwCbUdF60gOBeMxFZQZyA8cZyPKkLmQBSgBLAMGCLto5bcaI3OGyk9TJL2OMBFFKMgxF8cylw%2FMthAZh4gVmQoLya4gCPxdnHyF00FlaQ48805K6Uqq81c%2BS52e8CuygK6hErQZV2REJZ6pN0QyEKtE7iJlRQRihaK%2BmMkYBBsSztlfCqjZfbmgfz4%2Bq9cgCRW5Hu57Fc7drFESeFexRYJSlCsEoeBEKPWSPT9YkM5%2FlOJaOda8wlBz7oeoIkWe7u7IHVQOSHa4KpJGuY2mZ1bZ1rZiON88jvCB0j28hpuY7QJrCg9Wha3NZw0SA4QjbxIIU47E6%2BfRZbu8ePlyNtkIrdMa7r%2B6cJ%2FLYvRycSQ4shV3x6vKCJbWWgrUz5tzUQxEsSN2KNTw6yyu9%2B2lHz4CEXUk9BdIydRiezaO8WT3Kq%2FXm8mr7BFy7C8k5iXEsQdQblzIL1MOgrnVruJgB5XrsU5u23pYbmFntywBIKgJd0ljugW15nThhTOrxJRpQgbpttIFuO1QznZ1dlD1d9zl%2Bs2w7jWw1dN%2Fs2%2BTTevvhqljdX25uuyl8c%2Fd%2Bc73mH1bXm9vLySvn%2BwDVB%2BnRI4HusSCpZZwrJqhNt3%2FA28nNanP98v4BfPtvdftx%2FQg%2F%2F7m5WV2uPw8%2BulzdtJ98%2FLq%2B1V9ffdls7%2FSPNy97%2F%2Fh4u%2Bk%2BVch7BPjgfvX1%2Bu7rVfffX%2B%2F13w%2F3q5e3638%2FH33h79XdzaY1fXf6iv3yPaTWnD604%2FnAWPETn0k8WNqnyL0bigoQdASoiXwgOrs1WULnwoJMl%2BZTIg%2B5J0voQN3ffRDM1EWNqXEBgl%2FDl4cAHV55Ol37k9bqOhjKcaa2A1rASnEQx%2B17EYHKMm6wI8C4yTLAIkUNUckB8YRP%2Fi871Osez%2FetHVq%2FErD2zUt1LVGVTyxHJ1pOGKLDO1o3edqNhsM2SavDm043N3rsUvONcPWydebRPfR3cxKnPJ2PH4jUw1fkjp%2FCouP5rkTebptQg36A8v5hu727HRHajnTf50Tsi7J9Ci6bIjZrAhCDVvei2vchqbjKPMzfPAUE0HbDy3%2FYXo9uEnVP2qdQllhCT54TcQ7D1dFQCmeXDiBzDkV9jmlB7y3mOPK2UmEDC1vrsu%2F%2FA5s1jgc%3D&pcode-icookie=6BJ7e%2B0fZjWlb%2FOOiYl32DDvrkJ0Rn6mVeH5Y3HbLu%2Bj5ZhSuayaQpLHxxgl6osRpSbS6oFY0jvO9chtZF8%2Brnrmc0g%3D&duid=MTY3NjI4ODE5OTI3NTcyOTkxNQ%3D%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=168225279049730&ad-session-id=5767261676288199069&target-id=80476190&tga-with-creatives=1&top-ancestor=http%3A%2F%2Fufoleaks.su&top-ancestor-undetermined=0&pcode-version=721202&pcodever=721202&flash-ver=0&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDcyMTQ2NzA3MjMKNzIwNTc2MDcyNTE0OTcyODUKNzIwNTc2MDUzODE3MDI1NDgKNzIwNTc2MDQyNTM1MjUxNjg%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1078%2C%22h%22%3A0%2C%22width%22%3A1078%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A261%2C%22top%22%3A2514%2C%22ad_no%22%3A5%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%7D&grab-orig-len=4708&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MzB9ChqkpJDkKO6BCFDHH6z0z0UlcZw366P7gpTkyxdMvqaT0qdp-26OEsiuTdPmbVKliu48dlCWFVj91KE76kaj_gb6RABXzCAzpmFaqUmzVsv93ne3EWE0Y8aMBhkdtQvDFTnwXc-hdn03dOC5geu5ogXQc2XZxVtw8YAGwZUtBLEbZNCzGx7K8nDFDsmyIB3uA1e5FKscKjdAz-5CXyiSpVKWly6lK3OoHNLsKpcP4RIaLjCSYRtm1PnEUC_DkCUvM6JlKl8-5zn74uclyA0cit134QXLQbasBoChYFkDt2QQzPb5y80is_fy8ZbhkOpQ7ML-d_F38-yQLx2z1HGdXfmxezqhn-VuE-NwlnYJl6rB-nKG6qiWM-GXFyWs5IHrUC4t39IhHnJdCIsJit0rGLLFAy9IrE-VaEhfTB4-5XJeNkvlrj_kQlnWsBcq6eB1l3CIv0ywQxruC1q6mHZgLa2DbcVMX1EUBTOtnBA975o2YUszbIcqu9IZ_SDBDES1pMt2HJIPHa8pdwOWXtw7Rn2HclFyF6uJLAHHTqHXsFYM4rv4S6PkaOgQL2dSV3KKIb9vvcHdjrhxsMAWdZoo0akl7S6UD6zBADmqAbl4X0Jh425d60IObBYhbgS5HWVlQ9kyx3t_baNl9KxI1YgZ9KxItTomPauaUc2g1QOAC52Vq6lgRaxV6zK9DrEWpZFJq0FGw0irZqSjN2ZkdPRqLb0apRFHApYufAtdPcGjlHThBTOqnSbcrmO8oxHVLJsHQfF2p1lMNmO3F3CIDeYbTK8RL43i1DAOxfKE5gLvQjXk198MXjqIGbfOa590sFTsF_EPS3Is12qDNsMD3vcJ3s3SxlezfEuKq-4WYbmNXNZJItEiAAQdDZMmGqZ1KBbsDk3xDq--aOaLrwUzxekgx1DayL4tIntOFxmmY6egjtiGXGVEcoLwjqETtMlUtUSoDN1XQyS8meyTnRsaOlcuXa_nmXA3zmwkjVE42ol0gShOwxQ71TN--KmoPsrOtOEwtAzOYDYON5gZcXUDMNMxIdjS1zEzaDMyBp1Gg9KoQcpEw45cbVw4BYlmeQxgK2g1E7YZDlcNrY7ewldDy27Ub4qfXNODJ3g62x6i3AxOsgjso8qsXMNsSGNqepkYERVgejpGeiYtwoUoBHnoBSgxBxQdDeIFVuADm6vx3utxHf8RZCxhyibGdD1-CMDyuiBuUmRg1LPq9EBDdgH23lV2R7Ny6Za6gWhDIJpunTq2Zk5cPCeWbHt6257wp0U3e_sOqTk3gEzoWio7MxNOfeHiCmggAJZBq0OimUw1CRtuCgnm9MF6hyjMNgXu5Thxz_uN3xArWLbmbKGcl2yefpSuZS6-hY8g0_rOQ9FELMEOMicY2jIn-0uOk8LZmPOBmgJnI-vT98MUiZAP1yATn80qwMm8p7AJtxgIdqMJLPCVkLVpQGJk0gKRgQ4ZkqxRI0DOyXZwZgYkyGlBZGYQaA-7_pezmo3NGBcfsz67EHdoUHCj0iZpZpsfztTHRRlx50RjNMFe4qumo9Uh0rFHe-s69-3GwC9qkNufae7j_NvnDcnDc1hZZUPwBHXKL-TnB-FQGGOmURqUavjZLahoigiWZNXr8FcDvZ21dN_5zYtTG_ODR4iT7V-xwTzCjlQTUkUVbnuL_xt_QZHPag9s-HZ7nNUcAJVdOQFvN4BS50cy41JmwKEACUWu87__6fsq56pKH3i2jv6W5qwN2u_5oTJYSiQY1BZezGVFOAi3MOG2fyx9dfjCO8pDbP1jzkuWfIf4PE2epBhkS2nJRtggQdlmW7z9cjukPF1m_MoDQF49ohyE3VlBnLs6b-Bl0oPoihhgB5_Ewg2We5nneDZOcCd5NTvaaAfTBC3kjsOEMSHxYS0jguGhm9_FiAUHaEaB8zsLoTWCPwyDP8xuzyNl1_NnNt_Hwl79mshMu2oBr9VodIDU7qa0C4X24CkQbtnJ2uFvP3_8fbntDvj5zo2XUoU_bsd2wCRn0q_ewO_9UU30p_yyX87LTwC-oXwW3JgVj9ewb7vcI_mTfRmwVa_k4CbsTjw7fz95Pd69ddEpGgpumC4QhGPFXmrIEqQJkrbV3b8b29VDPdeAO68T5Ccz9Y3KcHqRHFuJK6OOvV018bvn6glRe-BwR6-EthK51QdfRw4UOrXGqOfm5rZddEH-NAgAs34uCoYpUJ3ehdCG6p6WvPPah9loUgm7wHGjAijrPjEyLHl5GvVRQ9Gx0iFeB3kpwH1LMtdhwKyQ4fX3SRlQ9UvfVlElqsyOFn1U4NjJR5ZuADvrIx9Nkdygm9eV4xa9kcpEuZkFaMiFSqJqTrltwyTJFU6DT75OfXsmdevDWyRvJ_UeL6U7vYkwDxRhRUzvNfM_HiwwUdu0y6aIlyquq7RRo0zi21VQZ_xCk51nHXBjedpu_0NRKKnrIHl9BoULkdU8aznB9-_Hz3-5EDa2HbK2espTWLFnLbAOBix-NjZML37MNNbwU-LAxDSAXqkvVyabLhZ28_09qm136rIfhd1F4S09N_zOexHWudAc1S-rd-n4TVFtVrmrYvo8WWmNRDxZwJDfRpL2yst4OSkEYrz4YythX5ecmuL1SNx1XsbUapRt-wrC6xg_5VP_fPnl_EM-4k9lBS9C-QPRbR9diB0C860zhYbP229k-Vs1TKX9GU_pYrzyZsf08ganXpufPoD260o8F3p7OTvwF7eij863Vdx9-UW_7Xdh39vlMojO60F_jvXOISyryQKSpTacSXekfnNueb79rISLHdjvMkV7hvJkY5oOnIwj6m6SPoJOyiAeWP48yo9Ych_i7zOfXMojfSfsp4pkJcX_z_UciqTqFaYLIcO-uveVp2rkNxJJKrTPBY6rc2AYzvHTTR7VAwqG7Ad0mN0PvFYF8lPKpQ1NWnhpbHIvtz3S6k8eu21W8Ywwp5qsGy9Smw9I_NTHR-n65FfU7_e2bf9ELrAuCO18y_It_tRJN9emfkrLra5mEkwKCeJWKID6sfaMVOWct0n0frPs0Ze8udZEHhcrojZuWi3uGU5mu-IkhrQgdWzmmWLd_N_aZU_A5ooByxkNJ6aXM1Y0KGBb8kJXIbLrW3yUH-hfnHvR66DPYR6FSdgJI-wu9n6YCSrHBAXv5108Stao5nuRPiJB-zFzlKlTzG6dWx3aoWyJIhZ6xB1y8cpsah_iR8i9hQ6sec0Ny3bH700rHjDlHYwnLLcKM7Iw-jn5Ovdw_PW7i82DeLz_Am5XPjLjjD_od4cek-3NKndzCI2W48divAMLKmYfWCxKmvMT12E-3kYECaOoTUwXWHxcrJ5LdFtEdmYbqJJJMXD2TcK__pzqKhlbyP--azkJynoP_xN_D6L3Y_nFpuQl3bb_jNC53W6KDllCe73SjkJTqe2W9NtVJknt8XK33G9E7RDU3wnu9kjxqbsamzw67xPWE8WAPYAWc8M8FuR1-Sl_gIOfKlO_vkK6X_FU9ag53fJeIxDKNJ_6rmJlm06jyC9K5qPRuMu4tw0B2lE84UWWYm3V4U_k_IL2nD_uNgAR2Opwb7pbWcZg_GqGjc8WAeZwOiNSycruVLT9kWBifhLhVvzSJgno1g8LTvTxEOP1ARpM7wOeiz_yU-dEN0d0N91txkmbZNsBBtNj-23TpqitnzsyvEjL4rdP9NQUltir4sf2ZSCzZv92lcJkHYomisM4R7Z0srat4Z56G6updMqmmQkxXZ6u8i74UWUHBD1ZOymzUG0f2T2DmH8c5tpQKxNQauOX-S_fnZPectfOqUOB8dwPDkx8s9iVFOOn-MdQPBfd9mYamVTtw-BM5NwBQdsvXtHuP27PawTymeGd2fxSuI2c20dkVyx6Fwz3_jQu9wak9phiBYlXFqkpQkU1IrnFBCAu00v5pp1SNgN4L54wWdgfHQl_g1WXT8suJDMJpyRud7OLzFz5fvwunsepJhmpfSIXmJxINGRbpSvCcLEcHWpwNEK8MDKdGuRtM81IwzNH89VzJMzr9OwlUM9WYOgKDG2BoSkw0AoMdYGBWmAcnAcdTYpehwi5FqH6gxCSy8HJjto6OmZB5YMgPnELw4FLZh2Myn5a7P43HimT9ByYlPqEXhLTVBUnZeVgErT87cOqLf053WGbGTuqCNriJ6s7cN5eF-Dk5q2gMazX2wgdm8nkjIpslANdmZdMg1JGDa-EJxckdzYu2k7OImkxyLt3Ers-93wYeYthSEJjUksA9L_-dpDK0iCeO0mYNDa8XPPOyYVikwIal5ks-NQOl6yNqQ48h3QzAsy-0q2e3x4mikQ4JkvwFOdQd4z-DeCjWS-AyR5ujroRajaAsY0Pz97xgtSqkmmaiwlWawHVxElt2ZPn1GnJlqAP9xaBwXRah1MVeVfSX-GtF1S2fSE-C4bbHdqjl14h04d83P8-0SS2t-SQsPC2-SCUiuJP-NORvPvqr_N0cxPtbOT6tt3mVT9KhPY0eZmQrZbBFtgJWp5Ynt6nuH3h8Eos_4rQja8svJSbig21fTdkrS99JudAyKxVt271PUj9QxiU1StJdoVJCtMFsAvs0gbDhcQClBfqMrmaOKRA7IsC4JJY4zBiT0IAR4APbYWos87LAg6WAK8ZN-QCdoAjCMA%3D&uniformat=true&callback=Ya%5B2580389142426%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

975832fca88e1d3b5535b39142447c7b4a0fadc10cf78dfb16e19d5ccd3a2724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288200358274-9985955556122688669-vla1-1928-vla-l7-balancer-8080-BAL-6398
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:40 GMT

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/zp/ Frame 6542 0
154 B 73ms
73ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/zp/imp?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73&fl=false&sw=1600&sh=1200&vw=1600&vh=1200&vp=a10ded2d-ce74-45a6-9d3b-eae4051bbfb0&ttl=JUQwJTk4JUQwJUJEJUQxJTg0JUQwJUJFJUQxJTgwJUQwJUJDJUQwJUIwJUQxJTg2JUQwJUI4JUQwJUJFJUQwJUJEJUQwJUJEJUQwJUJFJUQwJUI1JTIwJUQwJUJGJUQwJUJFJUQwJUJCJUQwJUI1JTIwJUQwJTk3JUQwJUI1JUQwJUJDJUQwJUJCJUQwJUI4JTIwLSUyMCVEMCVCMCVEMCVCRCVEMCVCRSVEMCVCQyVEMCVCMCVEMCVCQiVEMSU4QyVEMCVCRCVEMSU4QiVEMCVCNSUyMCVEMCVCRCVEMCVCRSVEMCVCMiVEMCVCRSVEMSU4MSVEMSU4MiVEMCVCOA%3D%3D&url=http%3A%2F%2Fufoleaks.su%2F&rnd=0.5310261719862726
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 13 Feb 2023 11:36:40 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 75ms
74ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Feb 2023 11:36:40 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 76ms
76ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ufoleaks.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://ufoleaks.su
access-control-max-age: 1728000
content-encoding: gzip
date: Mon, 13 Feb 2023 11:36:40 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 1GmTgcAx0HK200000000U9nJFEvn_c3Vsx_oXevdhZ2jbDl4RdbSuLKo0n1umaH20tcDZM8TZAKPKXc1ufcEPpwyNm4KB-K6ycet0ebMnWGWsGcI1G8cXfcCCo5CXeMC5L3MIaPjA6ilu_pTl0n7mVopZCn0yYeZIEjTHWOP1eQ_ZBEO61ZcCe54bZ9z099hcIO0E... Show response
yandex.ru/an/rtbcount/ 43 B
298 B 77ms
76ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1GmTgcAx0HK200000000U9nJFEvn_c3Vsx_oXevdhZ2jbDl4RdbSuLKo0n1umaH20tcDZM8TZAKPKXc1ufcEPpwyNm4KB-K6ycet0ebMnWGWsGcI1G8cXfcCCo5CXeMC5L3MIaPjA6ilu_pTl0n7mVopZCn0yYeZIEjTHWOP1eQ_ZBEO61ZcCe54bZ9z099hcIO0EMUP_WF1AoQ1_PL6cntFC32qpDhiDFaBAyDV9XQG4vXPWMGlioAGdCeCqZoNcGbaBP1K0DdAif5vxic7fXzoEGDECiDyVHMiyYwO_CdiuCGFSJJBPjb7ODOAbfcC6rZ-mm3Z3YJs0IJs1PRVopjd77j-VQ7uJHQ8Bp_OFsHvtBA_RTl_Q_PlMK1-NS3AUPBL_3eNMFe2QyE21fQRhCUER7htACYhxYihoA0EjWQM2Mp79-xjUxFnzp_v6MnN3WSlO7lolBDxnvUr3_9Mii5CFC3cSOAD-H4Rhv-XerLfNff5SbLLclbBDfZTF-6iYUpIQVaQI_Q_iP_5pcPkP6XaOBI0dN45E-C6zgQ61fOTx3mdsCKVi1z_sVx_wl79qx9_iFC002_llea0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288200473404-5033858525082914447-vla1-1928-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:40 GMT

GET
H2

200

ru.htm
best.aliexpress.com/ Frame 391D
Redirect Chain

http://s.click.aliexpress.com/e/_Dd01Otl
https://s.click.aliexpress.com/e/_Dd01Otl
https://best.aliexpress.com/ru.htm?aff_fcid=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&tt=CPS_NORMAL&aff_fsk=_Dd01Otl&aff_platform=portals-promotion&sk=_Dd01Otl&aff_trace_key=5d7...

0
0

825ms
218ms

Document
text/html

104.87.131.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/ru.htm?aff_fcid=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&tt=CPS_NORMAL&aff_fsk=_Dd01Otl&aff_platform=portals-promotion&sk=_Dd01Otl&aff_trace_key=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&terminal_id=fe22bf7b1344448882b7fac50e3fa765

Requested by

Host: cntrsync.ru
URL: https://cntrsync.ru/alt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.87.131.237 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-131-237.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: de-DE
content-length: 13816
content-type: text/html;charset=UTF-8
date: Mon, 13 Feb 2023 11:36:41 GMT
eagleeye-traceid: 2101f4a016762882016995368e1410
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-akamai-fwd-auth-data: 1602496948, 2.18.78.31, 1676288201, 217.114.218.21
x-akamai-fwd-auth-sha: 2AC582F291E376592773E4DE799D3CC5FF2B8D0B412D2B12861D9DD975763A55
x-akamai-fwd-auth-sign: sHhitc7pJgGiSWlyQTOMMckx5Wfbj1C/JXMpawbSYJ51jg+5HWRiqq5nrzCBe59m3AZKqFzApGQRSG9VlT6QtRnm74VWsa05jelCQL7DuhM=
x-application-context: ae-traffic-affiliateweb-f:prod,us:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Mon, 13 Feb 2023 11:36:41 GMT
eagleeye-traceid: 2101d8f416762882009508900e1419
expires: 0
location: https://best.aliexpress.com/ru.htm?aff_fcid=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&tt=CPS_NORMAL&aff_fsk=_Dd01Otl&aff_platform=portals-promotion&sk=_Dd01Otl&aff_trace_key=5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl&terminal_id=fe22bf7b1344448882b7fac50e3fa765
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 38482381, 2.18.78.31, 1676288201, 217.114.218.21
x-akamai-fwd-auth-sha: FAA595A3D159A488C89BFBB1462CA0EEF234F2495251EBC2A26259290DA3F9FD
x-akamai-fwd-auth-sign: 20QnSZUvQVsROUktPyfNV/m5PrZHCvX5uEvuG1STq0HVgmzrX5VH7RpysfoaW+YOrTbAsu9mC0iYIu3X113NVkwlZHnBklK380fAZPc+LTc=
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 9019 14 KB
4 KB 64ms
63ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/zp.js?pid=tlde2c9f9a2919f1199e2c85aeeabd1cf30d2cde73
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://ufoleaks.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 13 Feb 2023 11:36:41 GMT
Expires: Mon, 13 Feb 2023 12:06:41 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 85D3 105 KB
37 KB 74ms
73ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: ufoleaks.su
URL: http://ufoleaks.su/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 0ebef8cfb57b3351
timing-allow-origin: *
expires: Wed, 15 Feb 2023 23:32:55 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 85D3 162 KB
57 KB 142ms
141ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e351"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58193
expires: Mon, 13 Feb 2023 12:36:41 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 85D3 403 B
732 B 108ms
107ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fufoleaks.su%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e23e09e5470ded7223443d3f46b823c3ea4117f9adee5380deee9b12d4fad82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-yandex-req-id: 1676288201653070-4143681169994301301-vla1-1928-vla-l7-balancer-8080-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 85D3 41 KB
15 KB 207ms
187ms Script
text/javascript 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

29566211c0742a044398ba7ae7fe728cd72c94c9ac0e1a114424ae21daf74a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15164
x-xss-protection: 0
server: cafe
etag: 10376002428160754156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:41 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 85D3
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ySDqY8fiNsP5xwLbyYPABQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290&ipr=y

42 B
108 B

62ms
61ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290&ipr=y

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1631105894&crd=&is_vtc=1&random=1930053290&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 85D3
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ySDqY8TkNoulxwLf74HYCA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380&ipr=y

42 B
108 B

58ms
57ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380&ipr=y

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=407973256&crd=&is_vtc=1&random=2473510380&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 85D3 256 B
438 B 73ms
72ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1467372827520%3Ahid%3A38152606%3Az%3A0%3Ai%3A20230213113641%3Aet%3A1676288202%3Ac%3A1%3Arn%3A719752599%3Arqn%3A1%3Au%3A1676288202230786568%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C100%2C57%2C5%2C0%2C0%2C%2C19%2C1%2C183%2C183%2C0%2C182%3Aco%3A0%3Acpf%3A1%3Ans%3A1676288199569%3Ast%3A1676288202&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

862b41adf613e5a21d9163d8621ee1e0b5982613149f22386336f6ef83a3df47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:36:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:41 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 85D3 43 B
101 B 72ms
72ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 11:36:41 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 13 Feb 2023 12:36:41 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 85D3 439 B
475 B 78ms
77ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fufoleaks.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1267164191167%3Ahid%3A38152606%3Aphid%3A1068644856%3Az%3A0%3Ai%3A20230213113641%3Aet%3A1676288202%3Ac%3A1%3Arn%3A180003954%3Arqn%3A1%3Au%3A1676288202230786568%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C100%2C57%2C5%2C0%2C0%2C%2C19%2C1%2C183%2C183%2C0%2C182%3Aco%3A0%3Acpf%3A1%3Ans%3A1676288199569%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676288202%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

988a5f8c42df203b1be0bd0ca8ce4c518a45576aececc1f0d9dbaea0b5f95e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 13-Feb-2023 11:36:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Mon, 13-Feb-2023 11:36:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 85D3 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1676288201957&cv=9&fst=1676288201957&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af818ba9216a2010432b73e0fc606833a588119c400a59396dbed1dbaa852638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 85D3 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1676288201961&cv=9&fst=1676288201961&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce50b4c3bcff24729fbe5431e76d44adb2e79bb547b91541b0050c71698a3f72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 85D3 3 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1676288201965&cv=9&fst=1676288201965&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

706ad3fd8f6be44514eb6f80dfd52fd95f2cfed1149a3a7a5c7eb423940675bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 85D3 3 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1676288201967&cv=9&fst=1676288201967&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e622428b67d0895d3065ad19f709b343b7363908724954dc9f3084d4a28f74e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1053
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 85D3 42 B
108 B 125ms
62ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1676288201957&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=4289354521&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 85D3 42 B
455 B 160ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1676288201957&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=4289354521&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 85D3 42 B
108 B 123ms
61ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1676288201961&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=547423690&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 85D3 42 B
108 B 161ms
63ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1676288201961&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=547423690&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 85D3 42 B
108 B 120ms
60ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1676288201965&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=1436424333&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 85D3 42 B
108 B 156ms
62ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1676288201965&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=1436424333&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 85D3 42 B
108 B 117ms
63ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1676288201967&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=4057012143&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 85D3 42 B
108 B 62ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1676288201967&cv=9&fst=1676286000000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fufoleaks.su%2F&async=1&fmt=3&is_vtc=1&random=4057012143&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Feb 2023 11:36:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1KIiHTEv0HK200000000U9nJFEvn_c3Vsx_oXevdhZ2jbDl4RdbSuLKo0n1umaH20tcDZM8TZAKPKXc1ufcEPpwyNm4KB-K6ycet0ebMnWGWsGcI1G8cXfcCCo5CXeMC5L3MIaPjA6ilu_pTl0n7mVopZ21DLy7aNKO66GQ6luopc1WOvZA1H9OoVG2IQvac03bdc... Show response
yandex.ru/an/rtbcount/ 43 B
300 B 75ms
74ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1KIiHTEv0HK200000000U9nJFEvn_c3Vsx_oXevdhZ2jbDl4RdbSuLKo0n1umaH20tcDZM8TZAKPKXc1ufcEPpwyNm4KB-K6ycet0ebMnWGWsGcI1G8cXfcCCo5CXeMC5L3MIaPjA6ilu_pTl0n7mVopZ21DLy7aNKO66GQ6luopc1WOvZA1H9OoVG2IQvac03bdcVu3mIicWVsLHfiTpp0mjCpQx3Jv2ol3NoOMa1EOMO5aBxCYa9pA3D8ybva9P2sGL03PohAHUUx9XwOVSZa3JZB3V7qLhF8kcFp9xE343t4qosRPHs3M2fQPZ1jO_iC0umuazW4azWMMtyixPnnxVdsX-4qMY2y_s3zaUToolstR_slsRrb0Vbt0odcIrVmw5rZw0cl3WWQMcwp7ZcnwzoZ8g-uhAyYW3hO6bWbinoVkxNkpyVS_-HbiLmu7Bs1xyhopUyUNjG_oLhB1J3p0vd62ZVaH6w-VeQDLQLwQHN9LLPhvIpQOtJ_Xh8diqcdv6alslx6VnSvcRcHeP62qW9rn1JlZ1lQcXWQM7Umy9zZ57x0VVzd-_-hnoTEoVx3p000ioRw7?confirmTime=2100000&confirmRatio=1000000&test-tag=168225279049730&format-type=118&actual-format=13&rnd=5514153675840&pcode-active-testids=717058%2C0%2C96&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjI0MHgxOTciLCI3MjA1NzYwNDI1MzUyNTE2OCI6IjI0MHgxOTcifQ%3D%3D&width=300&height=400

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288202573330-9318052452426682435-vla1-1928-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:42 GMT

GET
H2 200 WOyejI_zODy0BGm0X1GoCmrHzLRlbWK0tm4GW8200J778EfZ000003Y0pTa1Y08BkG8x7V9W7eQ0OV02p9xdmGkW9l050Q06uWAu1i01oGR7IC_1Zktz7wa7GSpmxwWUiWVu1m7G21Qg2n2_UJApGSm008IQiqAJzF0B1k0DWe20WO20W8W4c0x7aRsExB7x_X-e3... Show response
yandex.ru/an/count/ 43 B
222 B 82ms
82ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOyejI_zODy0BGm0X1GoCmrHzLRlbWK0tm4GW8200J778EfZ000003Y0pTa1Y08BkG8x7V9W7eQ0OV02p9xdmGkW9l050Q06uWAu1i01oGR7IC_1Zktz7wa7GSpmxwWUiWVu1m7G21Qg2n2_UJApGSm008IQiqAJzF0B1k0DWe20WO20W8W4c0x7aRsExB7x_X-e3y6OqvQGrOVP1v0Gq_2Ut-J_tvP_o160w8UqGl0I2F0LmOhsxAEFlFnZe1QGz-sU1iaMy3_O5e4Ng1S9q1WX-1YellQO-joSrGU06OaPDzUm6RWPm1d6YSlrhjoKfNxI6H9vOM9pNtDbSdPbSYzoDpWtBJ7e6Qm2y1c0mWEO6jJ3Kx0RIBWR0u8S3KunGJfrRcOuOtfwPZVf780T_t_m7m7u7m6088A0W0I880pG8V___m7L8l__V_-18m0000000F0_4W1tHjWmDyFn9CQnySeABjj15g447D8qN39KOk2_yW5QU0Xwerh0Rs55ecYrSwo-hkMbaZG66KHaS0y0~1=WOGejI_zOBG0rGi0H1KxYcn3j06ux8UJulRAhlK1W07seSY-jiBlcQm1Y07RfPMiWG6G0QYEeiBKW8200fW1d8wYmbIu0PAykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPi0C2emI81UwC0P05xem1i0Ne8xW5w2F01SAj1CW5tuq1q0Mf3gW6uWAf1q7CyE-e7h87k0Uq1WRW28hVn0pe2GU02W7u2e2r6EWCamAO3SlHCy2maeAe4_kdYPZ6vzUX5u0KWA201D0Kzyp3Q-WKZ0AW5f3txPu6oHRG5iR7thu1c1U8azSPk1S1m1UrrW6W6S01k1d___y1-1cbtOOUWHh__v-aRjdDFw0QejVPiV2Iw_h20QWUlt2m7m787_oEqq-f8EPk16JPbCy_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8-cUzRd0jAdkK9WZhjdgyf3mclv22W0472GklSRW444en72mJ789UNN9mJjhIpBd31X5O3d1DW47~1=WL0ejI_zO8y0DGe0L16jWz7nZm6wuCsPb9BpWgG1W041Y07vtUMcO901u9AjZio0W802c07WagsEJBW1v8BEa27O0SgtnPS1u06ofDeVw06m1A02iFcQ6A031B03eGI81QH7a0MaHx05tDJjrG6V1wW6uWAf1q7CyE-e7h87k0Uq1j075k07wWw2W0RW2DYyZGpe2GU02W7e39C2c0tBqJEW8gWJ-wU9cCRdrw4NW1I0e804w1IC0g0MaFVjdWR95j0MtexUlW6O5yUAZocu5m705xNM0Q0Pm06u6VWPsjwI8e4Q__ydWeoqlr-m7mB87-NRuaku8DxTATKY__z__u4ZYIEQcPcPcPdPFv0ZzRRXywRn_OCsc2E3yR3kpytAeCy13G2s0dbttUCGY7-7uFjWE00GqyDmKZbMsD4Ebq_CkRXaubEZKjfv7uSQ7Gm6Yo80~1?stat-id=11&test-tag=2420025092790817&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjI0MHgxOTciLCI3MjA1NzYwNDI1MzUyNTE2OCI6IjI0MHgxOTcifQ%3D%3D&format-type=118&actual-format=13&pcodever=721202&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkiLCI3MjA1NzYwNDI1MzUyNTE2OCI6IjE1NTY5OCJ9&pcode-active-testids=717058%2C0%2C96&width=300&height=400&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js?_=1676288198212

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ufoleaks.su/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Feb 2023 11:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1676288202772312-3195260002353009543-vla1-1928-vla-l7-balancer-8080-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 13 Feb 2023 11:36:42 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: http://ufoleaks.su
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 13 Feb 2023 11:36:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 09:39:34	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 09:46:46	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 09:39:34	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 09:38:08	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FY-ogyEporTk
kimberlite.io/rtb/sync	1970-01-20 09:38:08	Name: n Value: 1
.ufoleaks.su/	1969-12-31 23:59:59	Name: PHPSESSID Value: 19e9f7230dfe734d783a1944bc723c90
.w.uptolike.com/	1970-01-20 19:14:08	Name: utl_id2 Value: 30661302401
.w.uptolike.com/	1970-01-20 19:14:08	Name: utl_dat Value: "CMGOwNTkMBAAIMHfit3kMCjB34rd5DAwAOSw2MupTl+StOslBpx3ZBw="
.yadro.ru/	1970-01-20 18:22:51	Name: FTID Value: 1ZwY362MBjeV1ZwY36003FoW
.yadro.ru/	1970-01-20 18:22:51	Name: VID Value: 0Mp-952T7BOV1ZwY36003FpC
ufoleaks.su/	1970-01-20 19:14:08	Name: PHPSESSHD Value: 60077fa9e1cb24e5c478489f9dd149a3
.ufoleaks.su/	1970-01-20 18:23:44	Name: _ym_uid Value: 1676288199275729915
.ufoleaks.su/	1970-01-20 18:23:44	Name: _ym_d Value: 1676288199
.mc.yandex.com/	1970-01-20 09:38:08	Name: sync_cookie_csrf Value: 3638445968fake
.ufoleaks.su/	1970-01-20 09:39:20	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 18:23:44	Name: yashr Value: 8052829891676288198
.mc.yandex.ru/	1970-01-20 09:38:08	Name: sync_cookie_csrf Value: 1139527980fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1320457671676288199
.yandex.com/	1970-01-20 19:14:08	Name: i Value: Fh2yz9siQ35UxRLKQinneDdb+w9CaVCiayQHMxdRtVmM46GKgg4Fh4a91ECLknlaC+U5aTi+ySze4WTt9wfneWoxCR4=
.yandex.com/	1970-01-20 18:23:44	Name: yandexuid Value: 9185699311676288199
.yandex.com/	1970-01-20 18:23:44	Name: yuidss Value: 9185699311676288199
.ufoleaks.su/	1970-01-20 09:38:09	Name: _ym_visorc Value: w
.yandex.com/	1970-01-20 18:23:44	Name: ymex Value: 1707824199.yrts.1676288199#1707824199.yrtsi.1676288199
.yandex.ru/	1970-01-20 19:14:08	Name: yandexuid Value: 2305259781676288199
.yandex.ru/	1970-01-20 19:14:08	Name: i Value: Y4R2uPwv5XuP4kitJYaJxmfSertfsBGuRpqwaW6s8BIaur0on+GPYoLc2tFg4iS5vOFC6yJRAGdBgTCiQSu1SzcicZQ=
.acint.net/	1970-01-20 09:38:08	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 19:14:08	Name: aid Value: nVqzHGPqIMh4xgOgfxeXAm+ECjJ8l8oXMeE+UuVkzmJBbAvp
.360yield.com/	1970-01-20 11:47:44	Name: tuuid_lu Value: 1676288200
.betweendigital.com/	1970-01-20 18:23:44	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 18:23:44	Name: ss Value: 1
.betweendigital.com/	1970-01-20 18:23:44	Name: tuuid Value: a1535696-e344-522c-85e4-b757e60e979f
px.arcspire.io/	1970-01-20 10:21:20	Name: arcid Value: 05b3ea8b53da829fbeea44
.360yield.com/	1970-01-20 11:47:44	Name: tuuid Value: f9e65f79-2ea3-48de-bf63-bbc51eb572b7
.acint.net/	1970-01-20 10:21:20	Name: cSyncDp14v3 Value: 1676288200
.adx.opera.com/	1970-01-20 18:23:44	Name: UID Value: OPU56dc4893511e4121b41c09f99bcc36b0
.dmg.digitaltarget.ru/	1970-01-20 19:14:08	Name: viuserid Value: 5UcO6YfbXqWL2b77NQM7
.betweendigital.com/	1970-01-20 18:23:44	Name: ut Value: Y-ogyAAC3mAT68n6pmhNZBqBR_0eZnhT_FrA6g==
.tns-counter.ru/	1970-01-20 18:23:44	Name: guid Value: E4E56A0363EA20C8X1676288200
.demdex.net/	1970-01-20 13:57:20	Name: demdex Value: 35130804341516069962514459195039595840
.yandex.ru/	1970-01-20 19:14:08	Name: yuidss Value: 2305259781676288199
.dpm.demdex.net/	1970-01-20 13:57:20	Name: dpm Value: 35130804341516069962514459195039595840
.weborama.fr/	1970-01-20 19:04:03	Name: AFFICHE_W Value: hNiagl2GHsmE99
kimberlite.io/	1970-01-20 11:47:44	Name: u Value: Y-ogyEporTk~jk6P98a5TxMQtvkvJmUemA4cRlg
.ssp-rtb.sape.ru/	1970-01-20 19:14:08	Name: sspuid Value: CkIDIGPqIMio9QAfZszXAkT5DTn7WVh1GoXxtNX5iOpqXKab
.uuidksinc.net/	1970-01-20 18:23:44	Name: jcsuuid Value: CmhtsipAwaB29En0vdcp
.adhigh.net/	1970-01-20 18:23:44	Name: gi_u Value: 61y7RrNDxTK.AikABlGGSpAO8Q
.adhigh.net/	1970-01-20 18:23:44	Name: yandexssp_sync Value: LKpm
.mts.ru/	1970-01-20 18:10:46	Name: dspid Value: a6004e29-f650-428f-81a2-2d3093482a78
.sonar.semantiqo.com/	1970-01-20 19:14:08	Name: semantiqo_a Value: e30dfec69bfb4c47b47d2f446e806380
.sonar.semantiqo.com/	1970-01-20 18:33:49	Name: check Value: 85c856ac609740988979c0e86c17b91d
.upravel.com/	1970-01-20 09:38:08	Name: session_tptc Value: 1676288200672
.upravel.com/	1970-01-20 19:14:08	Name: user_id Value: d2c1c7cc-947a-4ef8-97c2-eb49bfb6aa57
.aidata.io/	1970-01-20 19:14:08	Name: __upin Value: +QkO4LxCbcPXw9uv3ZOPEQ
.aidata.io/	1970-01-20 19:14:08	Name: __upints Value: 1676288200
.mts.ru/	1970-01-20 19:14:08	Name: mts_id Value: 253da580-7bb0-4985-89ca-c14685f53166
.mts.ru/	1970-01-20 19:14:08	Name: mts_id_last_sync Value: 1676288200
.caltat.com/	1970-01-20 19:14:08	Name: caltat Value: 6b61843d3616457ca611ebc00631fdd0
x01.aidata.io/	1970-01-20 09:48:13	Name: yaya Value: 1
.rutarget.ru/	1970-01-20 13:57:20	Name: userId Value: F7Tq75mUPBgU
.magnitent.com/	1970-01-20 19:14:08	Name: sonar Value: e30dfec69bfb4c47b47d2f446e806380
.magnitent.com/	1970-01-20 19:14:08	Name: ct Value: 6b61843d3616457ca611ebc00631fdd0
.magnitent.com/	1970-01-20 19:14:08	Name: spid Value: 089EC568695D27C4
.magnitent.com/	1970-01-20 10:22:46	Name: 3db Value: 089EC568695D27C4
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=5jdj43qz_ond&acs_rt=fe22bf7b1344448882b7fac50e3fa765
.aliexpress.com/	1970-01-20 19:14:08	Name: aeu_cid Value: 5d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl
.aliexpress.com/	1970-01-20 11:47:44	Name: xman_t Value: syiudX9fF/2TbsUHvtoM25HgQX28N+eaqbqlVl9Qrhc4nKYz69xd3x15u0zLZu4T
.aliexpress.com/	1970-01-20 19:14:08	Name: xman_f Value: pESm9HEazvNW+Ps7GlAZ5G2xkvWHVkcNfK6Hi6Y9VwYYQUqLJuKHxxLLQe710eoROQO2GUuGVV+jkj2qbhV7Aa2/ajaJQTF4mexVfsaKXDZvEGTC4lMPZA==
.aliexpress.com/	1970-01-20 19:14:08	Name: af_ss_a Value: 1
.yandex.ru/	1970-01-20 19:14:08	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 19:14:08	Name: is_gdpr_b Value: CKWxOxC2pgEYAQ==
.aliexpress.com/	1970-01-20 19:14:08	Name: xman_us_f Value: x_locale=de_DE&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%225d705bffec1d4d11b4ae6093da618336-1676288200955-01650-_Dd01Otl%22%2C%22affiliateKey%22%3A%22_Dd01Otl%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224988725314%22%2C%22tagtime%22%3A1676288200955%7D&acs_rt=fe22bf7b1344448882b7fac50e3fa765
.aliexpress.com/	1970-01-20 19:14:08	Name: aep_usuc_f Value: site=deu&c_tp=EUR&region=DE&b_locale=de_DE
.doubleclick.net/	1970-01-20 09:38:09	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://the-day-x.ru/spec_up/dayx.gif Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exdynsrv.com
acint.net
ads.betweendigital.com
af.click.ru
ajax.googleapis.com
an.yandex.ru
avatars.mds.yandex.net
best.aliexpress.com
block.s2block.com
cdn3.caltat.com
cm.g.doubleclick.net
cm.tns-counter.ru
cntrsync.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
favicon.yandex.net
googleads.g.doubleclick.net
ic.pics.livejournal.com
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
origlnal-diplom.com
origlnaldiplomas.com
orlgenaldlplos.com
othereal.ru
othereals.ru
pagead2.googlesyndication.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
s.click.aliexpress.com
s.uuidksinc.net
sm.rtb.mts.ru
solta-sync.rutarget.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
supraneet.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
the-day-x.ru
ufoleaks.su
w.uptolike.com
www.google.com
www.google.de
www.googleadservices.com
www.neveroyatno.info
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
104.87.131.237
142.251.208.130
165.232.185.113
168.119.8.212
176.9.8.252
176.9.9.10
178.170.195.115
178.170.196.176
18.193.152.7
185.15.175.174
185.74.254.66
188.42.196.115
193.232.150.68
193.3.184.219
194.55.244.181
195.216.243.31
2001:4de0:ac19::1:b:3a
2001:6d0:4001::226
213.87.44.187
217.197.112.80
217.65.2.150
217.66.147.39
23.88.12.14
2606:4700:20::ac43:48bf
2606:4700:3031::ac43:8a5b
2a00:1450:400d:802::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::200a
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a06:98c1:3121::c
2a13:1ec0:1000::1073
31.172.81.172
31.220.27.155
35.177.4.157
35.190.24.218
37.18.16.21
45.84.226.24
52.16.56.245
52.45.175.185
54.72.143.161
62.109.6.15
80.78.249.201
81.177.165.65
81.222.128.216
82.145.213.8
87.242.89.90
88.212.201.198
88.212.202.52
89.108.120.76
91.192.149.30
92.63.102.100
95.163.114.204
95.216.10.178
95.217.109.66
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0a68fa3877c10a6098635ed295b34819ca1aa45006ae4d9804b0884a7975eddb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb16d2d4bdac7b4420adfa048c02877e035cbba937a1630c04a683cea79bfd6
0cab290acb4a69a632ad5ff53a7f0659d64c992df8b11db5462f50992eddde0f
0f539950e5f3d7f8e066a261e7333aeae32f44263df98950a3c71da29170fcee
16dd525e2d45bd646524e59888886e507a27452515a21850ad244a6be21c3131
17c53ed9d84aa158f4e406e787b1091a4ffc52b02a4dc19034707b61634f4c56
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a0f7f8cfb2ab6c19c37dae6a2ff452b2f36c5c440dcd796118a5afb229452a1
2503c28569b3df2f2c2bbd52269262839e48442c313bd616b99ac02dc1fffc12
29566211c0742a044398ba7ae7fe728cd72c94c9ac0e1a114424ae21daf74a22
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
394e2eff54c931c4def55131d8c46a20775bc1b49d96a6af5b25906942f64b8f
46148ef1398c2506cd18f962498dbef6ec35b99dd7681834f973ac59635d70c1
50c40a500f6842913fde72c69f1f0d2575ecf60c8498e3e0856d3183dbc89f5e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c776ef35ed320afc07d0e110145774489373b47c5c9b3a8f08ee2bc61e9cff8
5efd0865091d38f9a22cd387157266e762673f77230fd0d8b64ef5f6f0c354e9
5feec005a4394838eaec61b77886a9dd6616c8876cf795baf605998a14b3de41
611aebf8ef939abe70339ca753827220aaf80b5a23a03e20297f452554a6c803
6171868b8895de2685fd6cb69eeeb0daf2e39efd5afd94008b8f3f4ecd4c52e6
6187fa9c0a3cffaf83cff8dc4219f40306562dd17711f05766aa0dc8c72ad3c3
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65c308475ab486c1d1b11bb27372de9fce717c906f4d6b8aeb083271101a5326
661b6f06cd306cbb21b77211387142d31eafaafe6325e4ed99a8480581874751
675ac6857389414b8730a683e65c2dfd962436f57237779b4127a2402122b649
676b251f9c3bf1d8d475f2796e8c0ac321f852bcf3360997d857856542f8544c
6f2ca74bfa0dd185f45b7af50dd71596d97405fed0f68bfd7e15ce88b18aa8f7
706ad3fd8f6be44514eb6f80dfd52fd95f2cfed1149a3a7a5c7eb423940675bb
7688cf1c8d4475e4c743bbda92e0b6ac0df1ba4ffca589bfd9c08fd48d4ad51b
79bbefe62902da3a0afe66c9e8b9559bf1e0081bfb22280e8a3664f40809e6ab
79d1ac7253e19bbbf2368169ee6b3dad0595aa4bdd65b11d6b28dc318c412202
7c0f880cabcd70c40aa9bf51a246220c891610033f258448faf09cf3707c4048
7c192df6f75b7bbfc2b67eeef5f3240a3945aca03721381ad800c54742d05f7f
7caaae98b7094606cc30c6b7fac93a7df26f69ec64ec9ab26b95660397fec76d
7efac484c93389f1680df8779fced6aace7a93d6fc90c31fc2de50eb453b7839
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398c4af9b01a17b6a36dc6ff9be0becfae8f93cfd21808d13645c5a9f2cee33
84665c84f70d5e01ca7530d4c8400fa36aa98c26e6531f099f19945b8d80b8eb
862b41adf613e5a21d9163d8621ee1e0b5982613149f22386336f6ef83a3df47
95e3704f84ee03228bfe9d2a88a3c96d4f4169444a3855e4cfb23ebd143e1e90
975832fca88e1d3b5535b39142447c7b4a0fadc10cf78dfb16e19d5ccd3a2724
988a5f8c42df203b1be0bd0ca8ce4c518a45576aececc1f0d9dbaea0b5f95e23
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a3c40e08badf9b270fa5b32603ffc2bbd24e00b26bd2bafd3737cbd88120418b
a50eb9dcd1a2c5869b663fddf7f4dc54b5e4ee95e7dc54d45fed4b3aefeae99e
a67898ee2e8bd21203b79e8ffc2f50ab486bcc59e26358244c277443c6a29ea5
a7d0ece74004433cf0a98be3732051f25a2636ae88f28335399afcb419055603
aa52a196dd12d98413ec55bf3de15fc6ac2236b416518bbfcfe7960eb235659f
aaec534fbb994fedeb1eb2f9f38aad5e97596e57010f04f992205c9ad0f7a43b
aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9
af818ba9216a2010432b73e0fc606833a588119c400a59396dbed1dbaa852638
b12ffe07bdd87a74e2983b4cb14e4e003b4c76769b2778378c1d47f54d65a429
b39bcd31f93b96bfcd623a4fd956d0f4b2b6f160faca5f65d12514c87dc0e577
b5fb195844036d511cbc48bb7a0bf6569eb9b63e47ab399193309bdcd527c465
b803aabef91dde63b4e22e383748625fba5aeda48de96c5f848be15acc796345
bb11fdd2e80d651eb2608465db2d5b5b99ec3bcf5a59e7f81c9aab3778c6595e
bb88dfe87b19e80453c1f453a2b3e0f9b719f0e2491a323fad133bb1e8c1513b
bbcb4cf7ad63b96ac9830bafa3b820e4aaa2d5b1f2d02e7a2c67ba9c78432246
bdba1794137fda32b72cf509f374764bf89059ea78785a4128db3276305053bc
bde0efec7ec863a3ba94d401cef30d62ddef7082393fb0c61edeff1aafeded44
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
ca7e31761c294211b614391d091bc5787316c74d785d8c13976a3cb0872e4c1d
ce50b4c3bcff24729fbe5431e76d44adb2e79bb547b91541b0050c71698a3f72
d2d3aaa4c950ab4fb2d5c2156ee874da2712920f256aeccfbf0c64370c7c2092
d2e6b83cc2e0fcba7f7a1b3b58da414ee47125d647a420632c14086975dc2e2c
d394f4876a28a36ed57f3b601d148edb1a857f58bd222e32e39fffc2d31a215b
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dd967b57fa2835b539f742e0c0db1b2bcf28d1b8122d8a860f87177cff08b38b
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e23e09e5470ded7223443d3f46b823c3ea4117f9adee5380deee9b12d4fad82f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3daf652c758178620be708a65e420fe2bad83e229f90d0e7294242231b28a98
e4b97661f0f5ef6e574242c3ce64663e3987dfa7575edd9baff848696d936bd0
e4e8b894d67ef574a1be8047d7469328fc0432b87cd80996a6a5edfcecfa7071
e622428b67d0895d3065ad19f709b343b7363908724954dc9f3084d4a28f74e6
ec3d45d438b58cd5d873626b3dd6b2d4f133445a25f4be9b504e96438336591b
ec7cadf76a9fb694f3b112a0b21a63ce889075aa83eefd87a139da4b14d1b0ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6791a6109dbaaa103f0099c6874ca1ff5bfa9c4e118347100508154c2c55134
fb94f2d531b756ac6d16c478cd4c7c5ed942e116e52aeecfdc9fa14616d3bc3a
fc6c8aadfd64b5dab9a2b296b0c79089908ffb092fed9f7f53824cbca3365e3e
fc827828dfd78bf6cbbf1e68a59086ab71567ebe3925ecf32f48b32b8a0ba6e2
ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb

ufoleaks.su Open in urlscan Pro 45.84.226.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

51 %HTTPS

29 %IPv6

59 Domains

69 Subdomains

39 IPs

12 Countries

1402 kBTransfer

3425 kBSize

73 Cookies

7 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ufoleaks.su Open in urlscan Pro
45.84.226.24 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

51 %
HTTPS

29 %
IPv6

59
Domains

69
Subdomains

39
IPs

12
Countries

1402 kB
Transfer

3425 kB
Size

73
Cookies

163 HTTP transactions
-1 data transactions