URL: http://infoworks.ru/
Submission: On May 25 via manual from CA

Summary

This website contacted 30 IPs in 9 countries across 33 domains to perform 96 HTTP transactions. The main IP is 2606:4700:3037::6812:369c, located in United States and belongs to CLOUDFLARENET, US. The main domain is infoworks.ru.
This is the only time infoworks.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 93.170.27.229 25229 (VOLIA-AS)
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 212.1.66.234 6846 (UKRPACK)
9 212.1.66.239 6846 (UKRPACK)
1 3 88.212.201.216 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a03:90c0:999... 199524 (GCORE)
2 5 88.208.46.48 39572 (ADVANCEDH...)
1 185.184.8.30 204995 (RTB-HOUSE...)
1 4 89.184.66.167 28907 (MIROHOST ...)
1 2 88.208.46.233 39572 (ADVANCEDH...)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 10 2a00:1450:400... 15169 (GOOGLE)
5 12 146.0.227.110 29066 (VELIANET-...)
1 31.220.27.134 39572 (ADVANCEDH...)
1 62.149.0.137 15497 (COLOCALL ...)
1 2 94.130.13.220 24940 (HETZNER-AS)
3 3 188.42.191.196 7979 (SERVERS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 81.222.128.216 20597 (ELTEL-AS)
9 9 52.58.36.240 16509 (AMAZON-02)
1 193.200.65.6 6681 (UPLOAD-NET)
2 6 194.247.175.19 196831 (BEMOBILE-AS)
7 7 172.217.23.98 15169 (GOOGLE)
2 2 35.210.215.44 19527 (GOOGLE-2)
1 1 88.99.98.223 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 95.216.240.254 24940 (HETZNER-AS)
3 89.184.66.97 28907 (MIROHOST ...)
4 194.247.175.38 196831 (BEMOBILE-AS)
5 194.247.175.22 196831 (BEMOBILE-AS)
1 89.184.66.172 28907 (MIROHOST ...)
1 1 193.200.65.5 6681 (UPLOAD-NET)
1 5.9.13.98 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
96 30
Apex Domain
Subdomains
Transfer
21 c8.net.ua
c8.net.ua
b.c8.net.ua
ssp.c8.net.ua
match.c8.net.ua
r.c8.net.ua
r3.c8.net.ua
91 KB
20 admixer.net
cdn.admixer.net
inv-nets.admixer.net
inv-nets-eu.admixer.net
196 KB
10 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
9 bemobile.ua
source.mmi.bemobile.ua
pagestat.mmi.bemobile.ua
50 KB
9 bidswitch.net
x.bidswitch.net
4 KB
7 advon.net
infoworks-ru.advon.net
advon.net
icode.advon.net
tizerads.advon.net
28 KB
7 infoworks.ru
infoworks.ru
21 KB
6 tns-ua.com
pa.tns-ua.com
4 KB
6 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
134 KB
5 farension.com
farension.com
20 KB
4 am15.net
am15.net
3 KB
3 betweendigital.com
ads.betweendigital.com
1 KB
3 yadro.ru
counter.yadro.ru
2 KB
2 programattik.com
ads.programattik.com
1 KB
2 trafmag.com
m.trafmag.com
t.trafmag.com
813 B
2 buzzoola.com
exchange.buzzoola.com
513 B
2 bigmir.net
c.bigmir.net
i.bigmir.net
1 KB
2 google-analytics.com
www.google-analytics.com
17 KB
1 rontar.com
uaadcodedsp.rontar.com
1021 B
1 advon.info
ad.advon.info
563 B
1 splicky.com
bidswitch-eu.splicky.com
232 B
1 adriver.ru
ssp.adriver.ru
201 B
1 adsinspidsp.com
ads.adsinspidsp.com
545 B
1 adtarget.com.tr
s.console.adtarget.com.tr
1 uuidksinc.net
uuidksinc.net
1 googletagservices.com
www.googletagservices.com
27 KB
1 marketgid.com
jsc.marketgid.com
457 B
1 google.com
adservice.google.com
952 B
1 google.de
adservice.google.de
952 B
1 repetitor.info
repetitor.info
1 actiflex.org
actiflex.org
1 actpx.com
actpx.com
446 B
1 creativecdn.com
pubs2-eu.creativecdn.com
700 B
96 33
Domain Requested by
10 inv-nets.admixer.net 5 redirects cdn.admixer.net
infoworks.ru
9 x.bidswitch.net 9 redirects
9 b.c8.net.ua infoworks.ru
b.c8.net.ua
cdn.admixer.net
8 cdn.admixer.net infoworks.ru
cdn.admixer.net
7 cm.g.doubleclick.net 7 redirects
7 infoworks.ru infoworks.ru
6 pa.tns-ua.com 2 redirects infoworks.ru
source.mmi.bemobile.ua
pa.tns-ua.com
5 pagestat.mmi.bemobile.ua source.mmi.bemobile.ua
5 farension.com 2 redirects advon.net
farension.com
4 source.mmi.bemobile.ua r.c8.net.ua
source.mmi.bemobile.ua
4 am15.net infoworks.ru
am15.net
4 pagead2.googlesyndication.com ssp.c8.net.ua
pagead2.googlesyndication.com
4 ssp.c8.net.ua 1 redirects infoworks.ru
b.c8.net.ua
3 match.c8.net.ua b.c8.net.ua
infoworks.ru
3 ads.betweendigital.com 3 redirects
3 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 counter.yadro.ru 1 redirects infoworks.ru
3 advon.net infoworks.ru
infoworks-ru.advon.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 r.c8.net.ua b.c8.net.ua
2 inv-nets-eu.admixer.net infoworks.ru
2 ads.programattik.com 2 redirects
2 exchange.buzzoola.com 1 redirects infoworks.ru
2 icode.advon.net infoworks-ru.advon.net
2 www.google-analytics.com infoworks.ru
2 c8.net.ua infoworks.ru
pagead2.googlesyndication.com
1 uaadcodedsp.rontar.com infoworks.ru
1 t.trafmag.com 1 redirects
1 r3.c8.net.ua infoworks.ru
1 ad.advon.info 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 m.trafmag.com infoworks.ru
1 ssp.adriver.ru infoworks.ru
1 ads.adsinspidsp.com infoworks.ru
1 s.console.adtarget.com.tr infoworks.ru
1 uuidksinc.net farension.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 jsc.marketgid.com tizerads.advon.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 tizerads.advon.net infoworks-ru.advon.net
1 repetitor.info infoworks-ru.advon.net
1 i.bigmir.net infoworks.ru
1 c.bigmir.net 1 redirects
1 actiflex.org farension.com
1 actpx.com 1 redirects
1 pubs2-eu.creativecdn.com cdn.admixer.net
1 infoworks-ru.advon.net infoworks.ru
96 48

This site contains links to these domains. Also see Links.

Domain
infoworks.com.ua
free.infoworks.ru
goo.gl
www.liveinternet.ru
www.bigmir.net
Subject Issuer Validity Valid
*.c8.net.ua
COMODO RSA Organization Validation Secure Server CA
2018-09-26 -
2020-09-25
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
farension.com
Let's Encrypt Authority X3
2020-04-07 -
2020-07-06
3 months crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
actiflex.org
Let's Encrypt Authority X3
2020-05-09 -
2020-08-07
3 months crt.sh
*.google.de
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.google.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA
2019-08-28 -
2020-08-27
a year crt.sh
s.console.adtarget.com.tr
Let's Encrypt Authority X3
2020-04-08 -
2020-07-07
3 months crt.sh
*.buzzoola.com
COMODO RSA Domain Validation Secure Server CA
2018-07-12 -
2020-07-11
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-09-18 -
2020-09-17
a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018
2020-04-03 -
2022-04-24
2 years crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-04 -
2020-06-19
a year crt.sh
juke.mmi.tns-ua.com
Let's Encrypt Authority X3
2020-05-18 -
2020-08-16
3 months crt.sh
r3.c8.net.ua
Let's Encrypt Authority X3
2020-04-17 -
2020-07-16
3 months crt.sh
match.c8.net.ua
Let's Encrypt Authority X3
2020-04-17 -
2020-07-16
3 months crt.sh
*.rontar.com
Sectigo RSA Domain Validation Secure Server CA
2019-07-10 -
2020-10-07
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-05-05 -
2020-07-28
3 months crt.sh

This page contains 19 frames:

Primary Page: http://infoworks.ru/
Frame ID: 7690454E1D941EF46850323A0CB3450F
Requests: 68 HTTP requests in this frame

Frame: https://actiflex.org/pf?p=341&uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1
Frame ID: 74163498B60FCB3FDAB0871E42DA7C2C
Requests: 1 HTTP requests in this frame

Frame: http://repetitor.info/browser/ya3xx_rot.html
Frame ID: 755644AD1BCABD3B0DD07DC436F6B710
Requests: 1 HTTP requests in this frame

Frame: http://icode.advon.net/300x250_marketgid_g.htm
Frame ID: 7EDBD9FF1385D93111EFEB4B49A06B39
Requests: 1 HTTP requests in this frame

Frame: http://icode.advon.net/728x90.htm
Frame ID: 9F9D65ED4E487FD6ADFA21D9F9ACA49B
Requests: 1 HTTP requests in this frame

Frame: https://b.c8.net.ua/show?s1775,79728&987610717&4&4&728&90&0;0;5
Frame ID: D7286FC87491DAD6A23A827C8D329CF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Frame ID: 2BFB7D006BCCAF91C337043907BC9E68
Requests: 1 HTTP requests in this frame

Frame: http://jsc.marketgid.com/t/v/tvpixy.com.648075.js?t=12042521
Frame ID: 774E91FF0A2E6E60EC70E7E12938BD14
Requests: 1 HTTP requests in this frame

Frame: https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
Frame ID: 2A5321B11256C1082A6A8B81B4918809
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&adk=1812271804&adf=3025194257&lmt=1590433509&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Finfoworks.ru%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590433509738&bpp=2&bdt=972&idt=104&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=911614913582&frm=20&pv=1&ga_vid=193774501.1590433509&ga_sid=1590433509&ga_hid=1056269818&ga_fc=1&iag=0&icsg=2748779724800&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3256875071516062&pem=777&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=109
Frame ID: 4240A69BD305850C96DEC40CBBD14F61
Requests: 1 HTTP requests in this frame

Frame: http://uuidksinc.net/matchx.html
Frame ID: 8035A1D29FAAF528E3939443577770F2
Requests: 1 HTTP requests in this frame

Frame: http://infoworks.ru/240x350.js
Frame ID: 42F66792F15F266DED0A82E04BE1B15C
Requests: 1 HTTP requests in this frame

Frame: https://b.c8.net.ua/b/js/swfobject.js
Frame ID: F61E96DABA7BEA4C6987DAD237259D74
Requests: 9 HTTP requests in this frame

Frame: http://infoworks.ru/rab_google_250.htm
Frame ID: 2FF8EDF23AB00143F31B3BE24389E56E
Requests: 3 HTTP requests in this frame

Frame: http://am15.net/tmp/r8893.php?s=32203
Frame ID: 2E0504D860AF2B5BA4B19A1D25E89209
Requests: 1 HTTP requests in this frame

Frame: http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_xy93n&bid=7f2ce18c-379d-4c29-8f73-713fcc658065
Frame ID: 14D8546C0601835178B4D26AF54C3DF0
Requests: 1 HTTP requests in this frame

Frame: https://b.c8.net.ua/show?s1775,87057&711731675&8&9&650&250&0;0;5
Frame ID: B2D30AC21EEAE983EC8D86C46995E46A
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 4BAA4BD7B20AA695133C6BEC2807CC15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F5391256DD0C903F85316E103375CBAB
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

96
Requests

46 %
HTTPS

24 %
IPv6

33
Domains

48
Subdomains

30
IPs

9
Countries

592 kB
Transfer

1387 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 12
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=InfoWorks.ru%20-%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%20%D1%80%D0%B5%D1%84%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D1%83%D1%80%D1%81%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B8%20%D0%B4%D0%B8%D0%BF%D0%BB%D0%BE%D0%BC%D0%BD%D1%8B%D1%85%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82&utmhid=1056269818&utmr=-&utmp=%2F&utmht=1590433508907&utmac=UA-24566524-1&utmcc=__utma%3D254990032.193774501.1590433509.1590433509.1590433509.1%3B%2B__utmz%3D254990032.1590433509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1895275931&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=InfoWorks.ru%20-%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%20%D1%80%D0%B5%D1%84%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D1%83%D1%80%D1%81%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B8%20%D0%B4%D0%B8%D0%BF%D0%BB%D0%BE%D0%BC%D0%BD%D1%8B%D1%85%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82&utmhid=1056269818&utmr=-&utmp=%2F&utmht=1590433508907&utmac=UA-24566524-1&utmcc=__utma%3D254990032.193774501.1590433509.1590433509.1590433509.1%3B%2B__utmz%3D254990032.1590433509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1895275931&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 20
  • http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;5&container_id=c8div_f177544_337631792&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/ HTTP 302
  • http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;5&container_id=c8div_f177544_337631792&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Request Chain 23
  • https://farension.com/js/sync?visitor_id=f62d7724-af43-48c3-939f-c29bea32d99a HTTP 302
  • https://actpx.com/sync?callback=%2F%2Ffarension.com%2Fjs%2Fsyncback%3Fvisitor_id%3Df62d7724-af43-48c3-939f-c29bea32d99a HTTP 302
  • https://farension.com/js/syncback?uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1&visitor_id=f62d7724-af43-48c3-939f-c29bea32d99a HTTP 302
  • https://actiflex.org/pf?p=341&uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1
Request Chain 26
  • http://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881 HTTP 302
  • http://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881
Request Chain 27
  • http://c.bigmir.net/?v16900905&s16901477&t3&c1&n611309&w0&y0&d24&r1600 HTTP 302
  • http://i.bigmir.net/cnt/03.png
Request Chain 40
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=400&slotname=1775&adk=1128538321&adf=190939100&w=240&lmt=1590433509&psa=0&guci=1.2.0.0.2.2.0.0&format=240x400&url=http%3A%2F%2Finfoworks.ru%2F&flash=0&wgl=1&adsid=NT&dt=1590433509707&bpp=9&bdt=942&idt=111&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=911614913582&frm=20&pv=2&ga_vid=193774501.1590433509&ga_sid=1590433509&ga_hid=1056269818&ga_fc=1&iag=0&icsg=549756469248&dssz=35&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=301&ady=540&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3256875071516062&pem=777&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZJmbyk1FuM&p=http%3A//infoworks.ru&dtd=128 HTTP 302
  • https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
Request Chain 50
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=173fad7a844040b8ad65f76da015ed94 HTTP 307
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=173fad7a844040b8ad65f76da015ed94
Request Chain 51
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b670cab6-b5db-5292-8f25-0330d1e915d5
Request Chain 54
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b670cab6-b5db-5292-8f25-0330d1e915d5&ssp=admixer&expires=30 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=8454ecc0-2e21-4c2f-be21-4652f45cb499
Request Chain 56
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94 HTTP 302
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z1E4FF457A104EEFAFB8D0D8A34D23B4&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94
Request Chain 57
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEEFS-jr_M26y0CD100tXSGg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=0 HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3ba0cb4b-fd2e-4485-8a50-df03275bd3f4&ssp=admixer HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=3ba0cb4b-fd2e-4485-8a50-df03275bd3f4&ssp=admixer HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=a92cee52-2382-4038-ac12-2e3e86cf764d
Request Chain 58
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEMmLFJ3tfCRriut3EaPNVAU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=0 HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=8454ecc0-2e21-4c2f-be21-4652f45cb499 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=8454ecc0-2e21-4c2f-be21-4652f45cb499 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=8454ecc0-2e21-4c2f-be21-4652f45cb499 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=173b9852-34f8-47d2-9d46-ed52468b1b05
Request Chain 59
  • http://ad.advon.info/240x350.js HTTP 301
  • http://infoworks.ru/240x350.js
Request Chain 80
  • http://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770 HTTP 301
  • https://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm&google_hm=5ecc16e8bc2425ecc16e8bc2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm=&google_hm=5ecc16e8bc2425ecc16e8bc2&google_tc= HTTP 302
  • https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEAsCpNaqlkGesRNT4xm8YSs&google_cver=1
Request Chain 82
  • https://t.trafmag.com/images/1px-matching-c8.gif?id=5ecc16e8bc2425ecc16e8bc2 HTTP 301
  • https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=7885321356066312

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
infoworks.ru/
31 KB
7 KB
Document
General
Full URL
http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed05ba91dd14ec3a41dc409a96da4b3169ae98ba195a18cf05e38a42cefefaaf

Request headers

Host
infoworks.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d05f500134520cebb0f2d933631817e1d1590433508; expires=Wed, 24-Jun-20 19:05:08 GMT; path=/; domain=.infoworks.ru; HttpOnly; SameSite=Lax
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
599186b51fcedfd7-FRA
Content-Encoding
gzip
cf-request-id
02eed2852f0000dfd70c2b5200000001
style.css
infoworks.ru/
3 KB
1 KB
Stylesheet
General
Full URL
http://infoworks.ru/style.css
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167b55affdd428ad5e5dea37917cba884e75655266e1b3544696aef6a896cb8c

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Wed, 29 Aug 2012 09:13:24 GMT
Server
cloudflare
ETag
W/"503ddd34-c56"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
599186b5d9ebdfd7-FRA
cf-request-id
02eed285a40000dfd70c2bc200000001
domen_ads.js
infoworks-ru.advon.net/
2 KB
1 KB
Script
General
Full URL
http://infoworks-ru.advon.net/domen_ads.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
93.170.27.229 , Czech Republic, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
68e7b53c67cb1a5d441425077e0080db68cdd40a8aa9c198fdceff90de435e8d

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 13:46:49 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Connection
keep-alive
Keep-Alive
timeout=7
referator.js
advon.net/
11 KB
4 KB
Script
General
Full URL
http://advon.net/referator.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3034::681b:b1f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db56be10861121c71b76072fb008d442555f05822e3777ce7ce2d9d1cef1b73

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 18 Oct 2016 18:44:03 GMT
Server
cloudflare
Age
71
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
599186b65d7b1456-FRA
cf-request-id
02eed285f7000014564932b200000001
logo3.gif
infoworks.ru/img/
5 KB
6 KB
Image
General
Full URL
http://infoworks.ru/img/logo3.gif
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b9b286f4fd93545c436e3e096d5e2119afad44ad4a2392e7f5e8f74bedc29d

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 07 May 2012 09:49:46 GMT
Server
cloudflare
Age
5783
ETag
"4fa79aba-1537"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
599186b68bffdfd7-FRA
Content-Length
5431
cf-request-id
02eed286110000dfd70c2c4200000001
swfobject.js
c8.net.ua/js/
7 KB
7 KB
Script
General
Full URL
http://c8.net.ua/js/swfobject.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
r1.c8.net.ua
Software
nginx /
Resource Hash
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:52 GMT
Last-Modified
Fri, 01 Apr 2016 08:29:51 GMT
Server
nginx
ETag
"56fe317f-1ae0"
Content-Type
application/x-javascript; charset=utf8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6880
sys.js
b.c8.net.ua/b/js/
33 KB
8 KB
Script
General
Full URL
http://b.c8.net.ua/b/js/sys.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
b0a740b67b3e9f868641878f61e64724977b0d493a93d2a8ad8dc54ea8e4e30c

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2017 14:00:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript
x-direct
true
Cache-Control
max-age=86400
Connection
close
Expires
Tue, 26 May 2020 19:04:52 GMT
swfobject.js
b.c8.net.ua/b/js/
0
253 B
Script
General
Full URL
https://b.c8.net.ua/b/js/swfobject.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:52 GMT
Last-Modified
Fri, 23 Jun 2017 14:05:47 GMT
x-direct
true
ETag
"594d203b-0"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
0
Server
nginx
sys.js
b.c8.net.ua/b/js/
33 KB
33 KB
Script
General
Full URL
https://b.c8.net.ua/b/js/sys.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
b0a740b67b3e9f868641878f61e64724977b0d493a93d2a8ad8dc54ea8e4e30c

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:52 GMT
Last-Modified
Fri, 14 Apr 2017 14:00:54 GMT
x-direct
true
ETag
"58f0d616-82f8"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33528
Server
nginx
zaochnik_240_3.gif
advon.net/informers/zakaz_referatov/
21 KB
21 KB
Image
General
Full URL
http://advon.net/informers/zakaz_referatov/zaochnik_240_3.gif
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3034::681b:b1f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b23442282925142e92bafa2ec8c100e7c0a91b282a00df11c986f6062f9e60

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 27 Jan 2016 16:00:51 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
599186b70fffdfe3-FRA
Content-Length
21418
cf-request-id
02eed286600000dfe3f0065200000001
logo
counter.yadro.ru/
673 B
897 B
Image
General
Full URL
http://counter.yadro.ru/logo?57.3
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
0W/0.8c /
Resource Hash
3e22fa5ed4ba8cb15ccc0fd386ba92e3eb6e44320e0f443fbf3b5cc9a50be55a

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Last-Modified
Sun, 09 Sep 2001 01:46:40 GMT
Server
0W/0.8c
Connection
Close
Content-Type
image/gif
Content-Length
673
Expires
Mon, 24 May 2021 21:00:00 GMT
verified-by-visa.gif
infoworks.ru/img/
2 KB
2 KB
Image
General
Full URL
http://infoworks.ru/img/verified-by-visa.gif
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbef48c975d6e0975f4176461fbf7154bb50b4d18aaec61097ca4c9d55ab8ba

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 07 May 2012 09:49:42 GMT
Server
cloudflare
ETag
"4fa79ab6-69e"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
599186b69c44dfd7-FRA
Content-Length
1694
cf-request-id
02eed286210000dfd70c2c5200000001
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2433
date
Mon, 25 May 2020 18:24:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 25 May 2020 20:24:35 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=I...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=InfoWorks.ru%20-%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%20%D1%80%D0%B5%D1%84%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D1%83%D1%80%D1%81%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B8%20%D0%B4%D0%B8%D0%BF%D0%BB%D0%BE%D0%BC%D0%BD%D1%8B%D1%85%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82&utmhid=1056269818&utmr=-&utmp=%2F&utmht=1590433508907&utmac=UA-24566524-1&utmcc=__utma%3D254990032.193774501.1590433509.1590433509.1590433509.1%3B%2B__utmz%3D254990032.1590433509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1895275931&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 May 2020 19:05:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1915509623&utmhn=infoworks.ru&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=InfoWorks.ru%20-%20%D0%BA%D0%B0%D1%82%D0%B0%D0%BB%D0%BE%D0%B3%20%D1%80%D0%B5%D1%84%D0%B5%D1%80%D0%B0%D1%82%D0%BE%D0%B2%2C%20%D0%BA%D1%83%D1%80%D1%81%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B8%20%D0%B4%D0%B8%D0%BF%D0%BB%D0%BE%D0%BC%D0%BD%D1%8B%D1%85%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82&utmhid=1056269818&utmr=-&utmp=%2F&utmht=1590433508907&utmac=UA-24566524-1&utmcc=__utma%3D254990032.193774501.1590433509.1590433509.1590433509.1%3B%2B__utmz%3D254990032.1590433509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1895275931&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
notification-modal.js
advon.net/push/
531 B
898 B
Script
General
Full URL
http://advon.net/push/notification-modal.js
Requested by
Host: infoworks-ru.advon.net
URL: http://infoworks-ru.advon.net/domen_ads.js
Protocol
HTTP/1.1
Server
2606:4700:3034::681b:b1f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1304280e4ae3bb5eca45cfc6395745eeb64273e571485e54976d866053f0742f

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 22 Apr 2020 12:32:22 GMT
Server
cloudflare
Age
4085
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
599186b6e8ccd6b1-FRA
cf-request-id
02eed286500000d6b1d9198200000001
loader2.js
cdn.admixer.net/scripts3/
27 KB
12 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
c0cd8d6c8028f7d03fc811c3a9eb4c7fe63b025b1421fe14318c35662dbc404c

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:19 GMT
Server
nginx
ETag
W/"5e9d8b13-6b95"
Transfer-Encoding
chunked
X-Cached-Since
2020-05-25T19:04:48+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Cache
HIT
Connection
keep-alive
Expires
Fri, 08 May 2020 13:20:26 GMT
0edd7dbfd3145011e4ef.b.js
cdn.admixer.net/scripts3/
63 KB
19 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/0edd7dbfd3145011e4ef.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
f778b6ba9ce65a96906fd54215dff0f579547bf8c31a08cd518253b08c096832

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:06 GMT
Server
nginx
ETag
W/"5e9d8b06-fa2a"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T13:10:27+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 13:10:27 GMT
2e618849ee13451c8cf1.b.js
cdn.admixer.net/scripts3/
90 KB
25 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
39db1cbb7e0c697d2edc944b73c6ef0ae0db04ff9bf57c3386e4620619c84fb1

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:08 GMT
Server
nginx
ETag
W/"5e9d8b08-168f6"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T13:10:27+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 13:10:27 GMT
51807.js
farension.com/
41 KB
16 KB
Script
General
Full URL
https://farension.com/51807.js
Requested by
Host: advon.net
URL: http://advon.net/push/notification-modal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd89ce70fe52ca12081c9f2e0350c8d7b4120b14cb9230c4cddb5e29ff948a1d

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
tagging
pubs2-eu.creativecdn.com/bidder/pubs/
12 B
700 B
XHR
General
Full URL
https://pubs2-eu.creativecdn.com/bidder/pubs/tagging?type=json&group=f6b3325441bf147b0b36
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 May 2020 19:05:09 GMT, Mon, 25 May 2020 19:05:09 GMT
status
200
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
http://infoworks.ru
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
12
expires
Thu, 01 Jan 1970 00:00:00 GMT
51467
farension.com/
3 KB
4 KB
Fetch
General
Full URL
https://farension.com/51467
Requested by
Host: farension.com
URL: https://farension.com/51807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
44d04550897ae7fd27f01f8884145bb9ef4dddcc73bf87a1f5b639275bb61904

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://infoworks.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
getcode.php
ssp.c8.net.ua/
Redirect Chain
  • http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;5&container_...
  • http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;...
157 B
699 B
Script
General
Full URL
http://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;5&container_id=c8div_f177544_337631792&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
89.184.66.167 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
e702a29d206e929afb115a0f93d4bfc13472b5e0cc7a761eba18c26e8efc3104

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
X-request-stat
1
Last-Modified
Mon, 25 May 2020 19:05:09 GMT
Server
nginx/1.15.5
X-Powered-By
PHP/5.5.38
X-node-root
ssp
Content-Type
application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
157
X-gw-server
_fcgi
Expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date
Mon, 25 May 2020 19:05:09 GMT
X-request-stat
1
X-Powered-By
PHP/5.5.38
X-node-root
ssp
Connection
keep-alive
Pragma
no-cache
Last-Modified
Mon, 25 May 2020 19:05:09 GMT
Server
nginx/1.15.5
Location
//ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=987610717&pid=4&format_id=4&sw=1600&sh=1200&ctype=&cbw=&w=728&h=90&c8_sa=0;0;5&container_id=c8div_f177544_337631792&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-gw-server
_fcgi
Expires
Tue, 03 Jul 2001 06:00:00 GMT
menu_bg.gif
infoworks.ru/img/
3 KB
4 KB
Image
General
Full URL
http://infoworks.ru/img/menu_bg.gif
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4e40e14d85f38305e7ddf168586275474704c67a78224bd2cd967289446f5f

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
CF-Cache-Status
HIT
Last-Modified
Mon, 07 May 2012 09:49:46 GMT
Server
cloudflare
Age
5780
ETag
"4fa79aba-db9"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
599186b8591cdfd7-FRA
Content-Length
3513
cf-request-id
02eed287330000dfd70c2e0200000001
set
farension.com/event/
0
0
Fetch
General
Full URL
https://farension.com/event/set
Requested by
Host: farension.com
URL: https://farension.com/51807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.48 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://infoworks.ru
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Cookie set pf
actiflex.org/ Frame 7416
Redirect Chain
  • https://farension.com/js/sync?visitor_id=f62d7724-af43-48c3-939f-c29bea32d99a
  • https://actpx.com/sync?callback=%2F%2Ffarension.com%2Fjs%2Fsyncback%3Fvisitor_id%3Df62d7724-af43-48c3-939f-c29bea32d99a
  • https://farension.com/js/syncback?uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1&visitor_id=f62d7724-af43-48c3-939f-c29bea32d99a
  • https://actiflex.org/pf?p=341&uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1
0
0
Document
General
Full URL
https://actiflex.org/pf?p=341&uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1
Requested by
Host: farension.com
URL: https://farension.com/51807.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.233 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash

Request headers

Host
actiflex.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx/1.17.3
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_ssp_uid=NvJnVvQmS0SJhE0Liuufhg; Path=/; Secure; SameSite=None; Expires=Sat, 24 May 2025 22:05:09 +0300
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
//actiflex.org/pf?p=341&uid=NvJnVvQmS0SJhE0Liuufhg&dmpNewUser=1
show
b.c8.net.ua/
704 B
1 KB
Script
General
Full URL
https://b.c8.net.ua/show?f1775&987610717&4&4&728&90&0;0;5&c8div_f177544_337631792&
Requested by
Host: b.c8.net.ua
URL: http://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
f8e35c16989f3d2952aaca7441470dfaea2d9b5769ddf0a885cefe0f6708b5a6

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:04:52 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP=UNI
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Expires
0
getcode.php
ssp.c8.net.ua/
2 KB
1 KB
Script
General
Full URL
http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=962074919&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1775913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
89.184.66.167 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
44835d3366175788e81b9c393be66ea3f51826d7a216681ffa6dd2ec89dab2da

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
X-request-stat
1
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
Pragma
no-cache
Last-Modified
Mon, 25 May 2020 19:05:09 GMT
Server
nginx/1.15.5
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-node-root
ssp
X-gw-server
_fcgi
Expires
Tue, 03 Jul 2001 06:00:00 GMT
hit;education_stat
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;education_stat?r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881
  • http://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881
43 B
411 B
Image
General
Full URL
http://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
0W/0.8c /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
43
Expires
Sat, 25 May 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit;education_stat?q;r;s1600*1200*24;uhttp%3A//infoworks.ru/;0.8803918268528881
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Sat, 25 May 2019 21:00:00 GMT
03.png
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?v16900905&s16901477&t3&c1&n611309&w0&y0&d24&r1600
  • http://i.bigmir.net/cnt/03.png
723 B
1 KB
Image
General
Full URL
http://i.bigmir.net/cnt/03.png
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Last-Modified
Sun, 02 Oct 2005 23:04:59 GMT
Server
nginx
ETag
"4340679b-2d3"
Content-Type
image/png
Cache-Control
max-age=259200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
723
Expires
Thu, 28 May 2020 19:05:09 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:09 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//i.bigmir.net/cnt/03.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
Cookie set ya3xx_rot.html
repetitor.info/browser/ Frame 7556
0
0
Document
General
Full URL
http://repetitor.info/browser/ya3xx_rot.html
Requested by
Host: infoworks-ru.advon.net
URL: http://infoworks-ru.advon.net/domen_ads.js
Protocol
HTTP/1.1
Server
2606:4700:3032::681f:5fa9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Host
repetitor.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d83b289e17d7a4bf77b6e2e9f652537151590433509; expires=Wed, 24-Jun-20 19:05:09 GMT; path=/; domain=.repetitor.info; HttpOnly; SameSite=Lax
Last-Modified
Wed, 04 Mar 2020 06:14:00 GMT
Vary
Accept-Encoding
X-Powered-By
ASP.NET
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
599186bb1f3b3248-FRA
Content-Encoding
gzip
cf-request-id
02eed288ee00003248e68d2200000001
300x250_marketgid_g.htm
icode.advon.net/ Frame 7EDB
0
0
Document
General
Full URL
http://icode.advon.net/300x250_marketgid_g.htm
Requested by
Host: infoworks-ru.advon.net
URL: http://infoworks-ru.advon.net/domen_ads.js
Protocol
HTTP/1.1
Server
93.170.27.229 , Czech Republic, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
icode.advon.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html
Content-Length
118
Last-Modified
Fri, 06 Mar 2020 13:47:28 GMT
Connection
keep-alive
Keep-Alive
timeout=7
Accept-Ranges
bytes
728x90.htm
icode.advon.net/ Frame 9F9D
0
0
Document
General
Full URL
http://icode.advon.net/728x90.htm
Requested by
Host: infoworks-ru.advon.net
URL: http://infoworks-ru.advon.net/domen_ads.js
Protocol
HTTP/1.1
Server
93.170.27.229 , Czech Republic, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
icode.advon.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html
Content-Length
140
Last-Modified
Fri, 06 Mar 2020 13:47:41 GMT
Connection
keep-alive
Keep-Alive
timeout=7
Accept-Ranges
bytes
tizer_g_3.js
tizerads.advon.net/edu/
718 B
965 B
Script
General
Full URL
http://tizerads.advon.net/edu/tizer_g_3.js
Requested by
Host: infoworks-ru.advon.net
URL: http://infoworks-ru.advon.net/domen_ads.js
Protocol
HTTP/1.1
Server
93.170.27.229 , Czech Republic, ASN25229 (VOLIA-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
663cbb400d0abe33342991eb39bfba2c25bc8d9402d3d99c0f5deeeb2b0a41f6

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Last-Modified
Fri, 06 Mar 2020 13:47:08 GMT
Server
nginx
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=7
Content-Length
718
show
b.c8.net.ua/ Frame D728
0
0
Document
General
Full URL
https://b.c8.net.ua/show?s1775,79728&987610717&4&4&728&90&0;0;5
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/show?f1775&987610717&4&4&728&90&0;0;5&c8div_f177544_337631792&
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash

Request headers

Host
b.c8.net.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
R=5ecc16e53bc065ecc16e53bc; I=390433492; M=10008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx
Date
Mon, 25 May 2020 19:04:52 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Content-Encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
39 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ssp.c8.net.ua
URL: http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=962074919&pid=9&format_id=13&sw=1600&sh=1200&ctype=&cbw=&w=240&h=400&c8_sa=0;0;5&container_id=c8net_code_f1775913&is=1&is_ssl=0&ref=&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ca763af24d15ce0742a1bf67304d0a23587b0a9d296670742a5caf7eee5e9fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5009305713781295135
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
39264
X-XSS-Protection
0
Expires
Mon, 25 May 2020 19:05:09 GMT
integrator.js
adservice.google.de/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=infoworks.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=infoworks.ru
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/
218 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83958
x-xss-protection
0
server
cafe
etag
14927078227322710652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 May 2020 19:05:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/ Frame 2BFB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200519/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://infoworks.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 May 2020 02:19:51 GMT
expires
Wed, 03 Jun 2020 02:19:51 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
492318
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
tvpixy.com.648075.js
jsc.marketgid.com/t/v/ Frame 774E
0
457 B
Script
General
Full URL
http://jsc.marketgid.com/t/v/tvpixy.com.648075.js?t=12042521
Requested by
Host: tizerads.advon.net
URL: http://tizerads.advon.net/edu/tizer_g_3.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc10
Date
Mon, 25 May 2020 19:05:09 GMT
Last-Modified
Wed, 15 Apr 2020 16:04:35 GMT
Server
nginx
x-amz-request-id
B5E8CFBF0B85FEC9
ETag
"d41d8cd98f00b204e9800998ecf8427e"
X-Cached-Since
2020-05-25T13:53:07+00:00
Content-Type
text/javascript
Cache
STALE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
u1xr0Srx7QEMWl4VzIFU0qC4O5Hwv31Ygg7yzseUAp/IGlgSbDQy8sW5CjMSdx+YPOgWrCZyfnM=
dsp.aspx
inv-nets.admixer.net/
6 KB
6 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&data=%7B%22id%22%3A%22c1b86f8a-67f4-8a22-0c77-c9543da46aac%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Finfoworks.ru%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%22rtb_rta%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22282d9233-acee-2172-6f77-8dd70baa0f90%22%2C%22tagid%22%3A%22dec062a7-23a1-444e-871f-157c43642c17%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_dec062a723a1444e871f157c43642c17_zone_851_sect_649_site_636%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%22f0c98528-7317-fd10-474d-4b8944bbd4e1%22%2C%22tagid%22%3A%2206f83056-2831-452d-b6cd-e229ab9d3d1a%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_06f830562831452db6cde229ab9d3d1a_zone_2035_sect_649_site_636%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%225f470eb9-3429-b25f-9a99-5de3eed79280%22%2C%22tagid%22%3A%22d6eb1e11-ee71-4860-8008-11ec08d1069d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_d6eb1e11ee714860800811ec08d1069d_zone_17834_sect_649_site_636%22%2C%22pos%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A3%7D&rnd=3786224222923473.5&cpv=2dc8cd47-5ee1-4427-bcb6-979f1ab3f1f1&am-uid=null&3rd=true
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5dfb3c411375e9e10abea6b346c50207f035ef1754990edd52196b0a60b7baf5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:09 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
GoogleAdx_240x400.html
c8.net.ua/ggl_block/ Frame 2A53
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=400&slotname=1775&adk=1128538321&adf=190939100&w=240&lmt=1590433509&psa=0&guci=1.2.0.0.2.2.0.0&format=240...
  • https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
0
0
Document
General
Full URL
https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
r1.c8.net.ua
Software
nginx /
Resource Hash

Request headers

Host
c8.net.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
R=5ecc16e53bc065ecc16e53bc; I=390433492; M=10008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx
Date
Mon, 25 May 2020 19:04:53 GMT
Content-Type
text/html; charset=utf8
Content-Length
427
Last-Modified
Fri, 01 Apr 2016 08:29:49 GMT
Connection
keep-alive
ETag
"56fe317d-1ab"
Accept-Ranges
bytes

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 May 2020 19:05:09 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-May-2020 19:20:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27764
x-xss-protection
0
expires
Mon, 25 May 2020 19:05:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4240
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&adk=1812271804&adf=3025194257&lmt=1590433509&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Finfoworks.ru%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590433509738&bpp=2&bdt=972&idt=104&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=911614913582&frm=20&pv=1&ga_vid=193774501.1590433509&ga_sid=1590433509&ga_hid=1056269818&ga_fc=1&iag=0&icsg=2748779724800&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3256875071516062&pem=777&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=109
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1066739973685958&output=html&adk=1812271804&adf=3025194257&lmt=1590433509&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Finfoworks.ru%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1590433509738&bpp=2&bdt=972&idt=104&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=240x400&nras=1&correlator=911614913582&frm=20&pv=1&ga_vid=193774501.1590433509&ga_sid=1590433509&ga_hid=1056269818&ga_fc=1&iag=0&icsg=2748779724800&dssz=36&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3256875071516062&pem=777&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=1&uci=a!1&fsb=1&dtd=109
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://infoworks.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 25 May 2020 19:05:09 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-May-2020 19:20:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 25 May 2020 19:05:09 GMT
cache-control
private
matchx.html
uuidksinc.net/ Frame 8035
0
0
Document
General
Full URL
http://uuidksinc.net/matchx.html
Requested by
Host: farension.com
URL: https://farension.com/51807.js
Protocol
HTTP/1.1
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash

Request headers

Host
uuidksinc.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx/1.17.3
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 25 May 2020 15:35:44 GMT
Vary
Accept-Encoding
ETag
W/"5ecbe5d0-15a1"
Expires
Mon, 25 May 2020 19:20:09 GMT
Cache-Control
max-age=900 public
Content-Encoding
gzip
13eacf6cee6bddf36c40.b.js
cdn.admixer.net/scripts3/
65 KB
17 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/13eacf6cee6bddf36c40.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ec198f2ba6b293caed13b5116a490c04b0ea07ab472a9b5f92d620b58337821e

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:06 GMT
Server
nginx
ETag
W/"5e9d8b06-104a1"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T13:10:30+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 13:10:29 GMT
0c041d0472a1e9937f43.b.js
cdn.admixer.net/scripts3/
28 KB
12 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/0c041d0472a1e9937f43.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d45c81284c2e259e75fee13ce5f55222aab6e2d953bbc241f234ec4fd1ed25cb

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:06 GMT
Server
nginx
ETag
W/"5e9d8b06-7029"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T13:10:30+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 13:10:29 GMT
41a864b609924a98ff78.b.js
cdn.admixer.net/scripts3/
42 KB
19 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/41a864b609924a98ff78.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
0bb2ecec828231314c53eeddb929ac4a79bde0975a7405d6f0fdfce309b1e76c

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:09 GMT
Server
nginx
ETag
W/"5e9d8b09-a7af"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T13:10:30+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 13:10:30 GMT
74f4cdef0798513d6ef8.b.js
cdn.admixer.net/scripts3/
13 KB
5 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/74f4cdef0798513d6ef8.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ace9d28180ae3b890ae427d99a7020a6a3230c6df6b4e8c6e422b575298c2640

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc10
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:11 GMT
Server
nginx
ETag
W/"5e9d8b0b-326c"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T15:37:25+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 15:37:25 GMT
dafea4539efafbf32fa2.b.js
cdn.admixer.net/scripts3/
221 KB
76 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/dafea4539efafbf32fa2.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1b160d7955c7b2c291eb2e99a4ead04b586e2dcd4af5b4ce8e865168f6e4b76d

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc10
Date
Mon, 25 May 2020 19:05:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 11:44:17 GMT
Server
nginx
ETag
W/"5e9d8b11-372b1"
Vary
Accept-Encoding
X-Cached-Since
2020-05-08T15:37:43+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31622400
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 May 2021 15:37:43 GMT
sync.html
s.console.adtarget.com.tr/
0
0
Image
General
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
62.149.0.137 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
adtelligent3.cc.colocall.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://infoworks.ru
Access-Control-Allow-Credentials
true
admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=173fad7a844040b8ad65f76da015ed94
  • https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=173fad7a844040b8ad65f76da015ed94
43 B
130 B
Image
General
Full URL
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=173fad7a844040b8ad65f76da015ed94
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
94.130.13.220 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.220.13.130.94.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 19:05:10 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

date
Mon, 25 May 2020 19:05:10 GMT
server
nginx
status
307
etag
W/"66373527609770b9d5439dafee9e8775ce6b519ad92f310db1c3428bc041dfa6"
serverid
TODO
content-type
text/html; charset=utf-8
location
/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=173fad7a844040b8ad65f76da015ed94
content-length
122
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b670cab6-b5db-5292-8f25-0330d1e915d5
43 B
448 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b670cab6-b5db-5292-8f25-0330d1e915d5
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=b670cab6-b5db-5292-8f25-0330d1e915d5
/
ads.adsinspidsp.com/
0
545 B
Image
General
Full URL
https://ads.adsinspidsp.com/?cmid=18&sid=136&user_id=173fad7a844040b8ad65f76da015ed94
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:61f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
599186bd9d2b1762-FRA
cf-request-id
02eed28a8100001762c9817200000001
sync.cgi
ssp.adriver.ru/cgi-bin/
42 B
201 B
Image
General
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=66&external_id=173fad7a844040b8ad65f76da015ed94
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad16.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=b670cab6-b5db-5292-8f25-0330d1e915d5&ssp=admixer&expires=30
  • https://inv-nets.admixer.net/bs/cm.aspx?id=8454ecc0-2e21-4c2f-be21-4652f45cb499
43 B
448 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=8454ecc0-2e21-4c2f-be21-4652f45cb499
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
date
Mon, 25 May 2020 19:05:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//inv-nets.admixer.net/bs/cm.aspx?id=8454ecc0-2e21-4c2f-be21-4652f45cb499
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1px-matching-admixer.gif
m.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://m.trafmag.com/images/1px-matching-admixer.gif?id=173fad7a844040b8ad65f76da015ed94
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (UPLOAD-NET, UA),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • https://pa.tns-ua.com/bug/pic.gif?tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94
  • https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z1E4FF457A104EEFAFB8D0D8A34D23B4&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94
56 B
174 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z1E4FF457A104EEFAFB8D0D8A34D23B4&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 19:05:10 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.13.0
content-type
image/gif
expires
-1

Redirect headers

status
302
date
Mon, 25 May 2020 19:05:10 GMT
cache-control
no-cache
server
nginx/1.13.0
content-length
0
location
https://pa.tns-ua.com/bug/pic.gif?cookie_detect=Z1E4FF457A104EEFAFB8D0D8A34D23B4&tnsb=admixer_uid_check&tnskb=s&tnsv=0.0.1&uid=173fad7a844040b8ad65f76da015ed94
expires
Thu, 01 Jan 1970 00:00:00 GMT
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEEFS-jr_M26y0CD100tXSGg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=0
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=3ba0cb4b-fd2e-4485-8a50-df03275bd3f4&ssp=admixer
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=3ba0cb4b-fd2e-4485-8a50-df03275bd3f4&ssp=admixer
  • https://inv-nets.admixer.net/bs/cm.aspx?id=a92cee52-2382-4038-ac12-2e3e86cf764d
43 B
448 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=a92cee52-2382-4038-ac12-2e3e86cf764d
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:11 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
date
Mon, 25 May 2020 19:05:11 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//inv-nets.admixer.net/bs/cm.aspx?id=a92cee52-2382-4038-ac12-2e3e86cf764d
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEMmLFJ3tfCRriut3EaPNVAU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=MTczZmFkN2E4NDQwNDBiOGFkNjVmNzZkYTAxNWVkOTQ&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEEMyhR1-7SHI2qkfFg9Kee4&google_cver=1
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=173fad7a844040b8ad65f76da015ed94&gdpr=0
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=admixer&bsw_custom_parameter=8454ecc0-2e21-4c2f-be21-4652f45cb499
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=8454ecc0-2e21-4c2f-be21-4652f45cb499
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=311&user_id=&user_group=2&ssp=admixer&expires=10&bsw_param=8454ecc0-2e21-4c2f-be21-4652f45cb499
  • https://inv-nets.admixer.net/bs/cm.aspx?id=173b9852-34f8-47d2-9d46-ed52468b1b05
43 B
448 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=173b9852-34f8-47d2-9d46-ed52468b1b05
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:13 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
date
Mon, 25 May 2020 19:05:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//inv-nets.admixer.net/bs/cm.aspx?id=173b9852-34f8-47d2-9d46-ed52468b1b05
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
240x350.js
infoworks.ru/ Frame 42F6
Redirect Chain
  • http://ad.advon.info/240x350.js
  • http://infoworks.ru/240x350.js
192 B
601 B
Script
General
Full URL
http://infoworks.ru/240x350.js
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12360878fc00708d91522749da55b430d5ee2eed1d930c0a6d41b4997115cc8

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 01 Aug 2019 09:56:29 GMT
Server
cloudflare
Age
747
ETag
W/"5d42b74d-c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
599186becc0bdfd7-FRA
cf-request-id
02eed28b3f0000dfd70c336200000001

Redirect headers

Date
Mon, 25 May 2020 19:05:10 GMT
CF-Cache-Status
EXPIRED
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Location
http://infoworks.ru/240x350.js
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
599186be1ea305f1-FRA
cf-request-id
02eed28aca000005f1e89d6200000001
Expires
Mon, 25 May 2020 19:05:04 GMT
swfobject.js
b.c8.net.ua/b/js/ Frame F61E
0
253 B
Script
General
Full URL
https://b.c8.net.ua/b/js/swfobject.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:53 GMT
Last-Modified
Fri, 23 Jun 2017 14:05:47 GMT
x-direct
true
ETag
"594d203b-0"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
0
Server
nginx
sys.js
b.c8.net.ua/b/js/ Frame F61E
33 KB
33 KB
Script
General
Full URL
https://b.c8.net.ua/b/js/sys.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
9384c34c1865fe2d92ec677995c9a44fdf2909a2bc89e28adcaf18092c5403ca

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:53 GMT
Last-Modified
Fri, 14 Apr 2017 14:00:54 GMT
x-direct
true
ETag
"58f0d616-82f8"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
33528
Server
nginx
ev_view.aspx
inv-nets-eu.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets-eu.admixer.net/ev_view.aspx?cc=CH/ZH/2657896&am-uid=173fad7a844040b8ad65f76da015ed94&cet=4&zone=06f83056-2831-452d-b6cd-e229ab9d3d1a&rule=9e1e0abc-8789-4721-83bd-1c0f636da52b&requestId=8b94b08d-a6c7-4d17-80b0-e7fad05820ef&page=infoworks.ru%2F&pvid=a569b9da-59f0-4059-a09c-efee0091da72&inst=ADS-EU-8&ts=637260303098253931&sf=0
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets-eu.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets-eu.admixer.net/ev_view.aspx?cc=CH/ZH/2657896&am-uid=173fad7a844040b8ad65f76da015ed94&cet=4&zone=dec062a7-23a1-444e-871f-157c43642c17&rule=025ab045-7634-4cbf-ba25-3450849e3b88&requestId=4b30cc09-54af-4be0-9dc6-a34cc853cae9&page=infoworks.ru%2F&pvid=a569b9da-59f0-4059-a09c-efee0091da72&inst=ADS-EU-8&ts=637260303098253931&sf=0
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
rab_google_250.htm
infoworks.ru/ Frame 2FF8
112 B
461 B
Document
General
Full URL
http://infoworks.ru/rab_google_250.htm
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/240x350.js
Protocol
HTTP/1.1
Server
2606:4700:3037::6812:369c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
805b3d00141a5790cce889a3e098dd3e88e90ee166d03f969ad16364ba289c04

Request headers

Host
infoworks.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d05f500134520cebb0f2d933631817e1d1590433508; __utma=254990032.193774501.1590433509.1590433509.1590433509.1; __utmc=254990032; __utmz=254990032.1590433509.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=254990032.1.10.1590433509; b=b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Date
Mon, 25 May 2020 19:05:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 01 Aug 2019 09:56:26 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
599186bf3d35dfd7-FRA
Content-Encoding
gzip
cf-request-id
02eed28b7e0000dfd70c345200000001
bn.php
am15.net/ Frame 2FF8
4 KB
3 KB
Script
General
Full URL
http://am15.net/bn.php?s=32203&f=2&d=26702
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/rab_google_250.htm
Protocol
HTTP/1.1
Server
95.216.240.254 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.240.216.95.clients.your-server.de
Software
openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash
54c177e1fca0ac449a46e4514b6383ac0cb0a16f969a621d1ed29390c8761b95

Request headers

Referer
http://infoworks.ru/rab_google_250.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 May 2020 19:05:10 GMT
Server
openresty
X-Powered-By
PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Expires
Tue, 01 Jan 2000 00:00:00 GMT
r8893.php
am15.net/tmp/ Frame 2E05
0
0
Document
General
Full URL
http://am15.net/tmp/r8893.php?s=32203
Requested by
Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Protocol
HTTP/1.1
Server
95.216.240.254 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.240.216.95.clients.your-server.de
Software
openresty / PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Resource Hash

Request headers

Host
am15.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/rab_google_250.htm
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
wbn=10200; uid=QCLCsNS; a6d39=1; unic_vc=yhYxyBI.1BSxNCVz1BbmFFnn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/rab_google_250.htm

Response headers

Server
openresty
Date
Mon, 25 May 2020 19:05:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.27-1+ubuntu16.04.1+deb.sury.org+1
Content-Encoding
gzip
dsp
am15.net/ssp/ Frame 2FF8
512 B
625 B
Script
General
Full URL
http://am15.net/ssp/dsp?upst=j9ouyBm.sBbDyI_xy93n&site=32203&height=400&width=240&block=ambn26702&ref=http%3A%2F%2Finfoworks.ru%2Frab_google_250.htm&title=&js=1&time=1590433510&ctype=undefined
Requested by
Host: am15.net
URL: http://am15.net/bn.php?s=32203&f=2&d=26702
Protocol
HTTP/1.1
Server
95.216.240.254 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.240.216.95.clients.your-server.de
Software
openresty /
Resource Hash
5d2d2c4628d9c350b76a0fc7bf7f5da66894c6d9aafe2de1d9e304fc034ff72d

Request headers

Referer
http://infoworks.ru/rab_google_250.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:10 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
getcode.php
ssp.c8.net.ua/ Frame F61E
153 B
695 B
Script
General
Full URL
http://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=f1775&domain=&rnd=711731675&pid=8&format_id=9&sw=1600&sh=1200&ctype=&cbw=&w=650&h=250&c8_sa=0;0;5&container_id=c8net_code_f177589&iframe=1&is=1&is_ssl=0&ref=http%3A//infoworks.ru/&passback=&metric=&project_id=&location=http%3A//infoworks.ru/
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
89.184.66.167 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
377929b8556331047c8ddb25dc0744a1946cf72a0116ac5578c51ae147ffb92a

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:05:10 GMT
X-request-stat
1
Last-Modified
Mon, 25 May 2020 19:05:10 GMT
Server
nginx/1.15.5
X-Powered-By
PHP/5.5.38
X-node-root
ssp
Content-Type
application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
153
X-gw-server
_fcgi
Expires
Tue, 03 Jul 2001 06:00:00 GMT
show
b.c8.net.ua/ Frame F61E
703 B
970 B
Script
General
Full URL
https://b.c8.net.ua/show?f1775&711731675&8&9&650&250&0;0;5&c8net_code_f177589&http%3A//infoworks.ru/
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash
960e5a6f105a5c55bec3f1c77264f60b10d04bb0f91433593b662cdd2c499344

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 May 2020 19:04:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Expires
0
banner
am15.net/ssp/ Frame 14D8
0
0
Document
General
Full URL
http://am15.net/ssp/banner?upst=j9ouyBm.sBbDyI_xy93n&bid=7f2ce18c-379d-4c29-8f73-713fcc658065
Requested by
Host: am15.net
URL: http://am15.net/ssp/dsp?upst=j9ouyBm.sBbDyI_xy93n&site=32203&height=400&width=240&block=ambn26702&ref=http%3A%2F%2Finfoworks.ru%2Frab_google_250.htm&title=&js=1&time=1590433510&ctype=undefined
Protocol
HTTP/1.1
Server
95.216.240.254 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.240.216.95.clients.your-server.de
Software
openresty /
Resource Hash

Request headers

Host
am15.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://infoworks.ru/rab_google_250.htm
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
wbn=10200; uid=QCLCsNS; a6d39=1; unic_vc=yhYxyBI.1BSxNCVz1BbmFFnn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/rab_google_250.htm

Response headers

Server
openresty
Date
Mon, 25 May 2020 19:05:10 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
matchframe.php
match.c8.net.ua/
329 B
1 KB
Script
General
Full URL
http://match.c8.net.ua/matchframe.php
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
89.184.66.97 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
a62c87f22ff363b22319371fd33e8274044139445b8a834d49764504052589ff

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:12 GMT
X-request-stat
1
Server
nginx/1.15.5
X-Powered-By
PHP/5.5.38
X-node-root
match
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-gw-server
_fcgi
gcr.php
r.c8.net.ua/
617 B
491 B
Script
General
Full URL
http://r.c8.net.ua/gcr.php
Requested by
Host: b.c8.net.ua
URL: http://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
r1.c8.net.ua
Software
nginx / PHP/5.4.11
Resource Hash
ee591a2c0f344044e1231b8770d551afe41cbe4c6819fa0360a233235093ff42

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:55 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.11
Transfer-Encoding
chunked
Content-Type
text/javascript
Cookie set show
b.c8.net.ua/ Frame B2D3
0
0
Document
General
Full URL
https://b.c8.net.ua/show?s1775,87057&711731675&8&9&650&250&0;0;5
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/show?f1775&711731675&8&9&650&250&0;0;5&c8net_code_f177589&http%3A//infoworks.ru/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
b.c8.net.ua
Software
nginx /
Resource Hash

Request headers

Host
b.c8.net.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://infoworks.ru/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

Server
nginx
Date
Mon, 25 May 2020 19:04:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
P3P
CP=UNI
Set-Cookie
I=90433496; expires=Wednesday, 05-Sep-2096 00:00:00 GMT; path=/; domain=.c8.net.ua
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
Content-Encoding
gzip
cmeter_an.js
source.mmi.bemobile.ua/cm/
10 KB
4 KB
Script
General
Full URL
http://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: r.c8.net.ua
URL: http://r.c8.net.ua/gcr.php
Protocol
HTTP/1.1
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Nov 2019 07:55:53 GMT
Server
nginx/1.13.0
ETag
W/"5dc27c89-2699"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Expires
Thu, 07 Nov 2019 07:55:53 GMT
cm.js
source.mmi.bemobile.ua/cm/
52 KB
20 KB
Script
General
Full URL
http://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
HTTP/1.1
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Nov 2019 07:55:53 GMT
Server
nginx/1.13.0
ETag
W/"5dc27c89-d0f6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Expires
Thu, 07 Nov 2019 07:55:53 GMT
cds.js
pa.tns-ua.com/viewability/
2 KB
3 KB
Script
General
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:12 GMT
last-modified
Mon, 02 Jul 2018 17:26:58 GMT
server
nginx/1.13.0
etag
"5b3a6062-9c3"
content-type
application/javascript; charset=utf-8
status
200
accept-ranges
bytes
content-length
2499
cm.html
pa.tns-ua.com/viewability/ Frame 4BAA
0
0
Document
General
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash

Request headers

:method
GET
:authority
pa.tns-ua.com
:scheme
https
:path
/viewability/cm.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://infoworks.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

status
200
server
nginx/1.13.0
date
Mon, 25 May 2020 19:05:12 GMT
content-type
text/html; charset=utf-8
last-modified
Mon, 25 Jun 2018 15:00:28 GMT
etag
W/"5b31038c-b5f"
content-encoding
gzip
PageStatEntry
pagestat.mmi.bemobile.ua/pagestat/
36 B
222 B
XHR
General
Full URL
http://pagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
HTTP/1.1
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:12 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
36
Content-Type
application/json
PageStatEntry
pagestat.mmi.bemobile.ua/pagestat/
36 B
222 B
XHR
General
Full URL
http://pagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512680&location=http%3A%2F%2Finfoworks.ru%2F&referrer=&is_flash=0&session_id=326937839&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=C8&param1=~cm_timer~&param2=0&param3=1200&param5=4&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
HTTP/1.1
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:12 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
36
Content-Type
application/json
pic.gif
pa.tns-ua.com/bug/
Redirect Chain
  • http://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770
  • https://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770
56 B
230 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 19:05:12 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://pa.tns-ua.com/bug/pic.gif?uid=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433512770
Date
Mon, 25 May 2020 19:05:12 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
match.php
r3.c8.net.ua/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm&google_hm=5ecc16e8bc2425ecc16e8bc2
  • https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm=&google_hm=5ecc16e8bc2425ecc16e8bc2&google_tc=
  • https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEAsCpNaqlkGesRNT4xm8YSs&google_cver=1
0
186 B
Image
General
Full URL
https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEAsCpNaqlkGesRNT4xm8YSs&google_cver=1
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.184.66.172 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:13 GMT
x-request-stat
1
server
nginx/1.15.5
x-powered-by
PHP/5.5.38
x-node-root
match
content-type
text/html; charset=UTF-8
status
200
content-encoding
gzip
x-gw-server
_fcgi

Redirect headers

pragma
no-cache
date
Mon, 25 May 2020 19:05:12 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEAsCpNaqlkGesRNT4xm8YSs&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
367
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match.php
match.c8.net.ua/
Redirect Chain
  • https://t.trafmag.com/images/1px-matching-c8.gif?id=5ecc16e8bc2425ecc16e8bc2
  • https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=7885321356066312
0
185 B
Image
General
Full URL
https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=7885321356066312
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.184.66.97 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:14 GMT
x-request-stat
1
server
nginx/1.15.5
x-powered-by
PHP/5.5.38
x-node-root
match
content-type
text/html; charset=UTF-8
status
200
content-encoding
gzip
x-gw-server
_fcgi

Redirect headers

Location
//match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=7885321356066312
Date
Mon, 25 May 2020 19:05:12 GMT
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
146
P3P
CP="NON DSP COR CURa TIA"
CookieSync.axd
uaadcodedsp.rontar.com/
807 B
1021 B
Image
General
Full URL
https://uaadcodedsp.rontar.com/CookieSync.axd?sspId=2&uid=5ecc16e8bc2425ecc16e8bc2
Requested by
Host: infoworks.ru
URL: http://infoworks.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.9.13.98 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.98.13.9.5.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
65e9ada049db714c820c47b0d855e2af6add274850cfc7896c43003fcd383162

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 19:05:13 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
status
200
cache-control
private
content-length
807
matchframe.php
match.c8.net.ua/ Frame F61E
0
382 B
Script
General
Full URL
http://match.c8.net.ua/matchframe.php
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
89.184.66.97 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS
c8.net.ua
Software
nginx/1.15.5 / PHP/5.5.38
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:12 GMT
X-request-stat
1
Server
nginx/1.15.5
X-Powered-By
PHP/5.5.38
X-node-root
match
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Content-Length
0
X-gw-server
_fcgi
gcr.php
r.c8.net.ua/ Frame F61E
617 B
491 B
Script
General
Full URL
http://r.c8.net.ua/gcr.php
Requested by
Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol
HTTP/1.1
Server
212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS
r1.c8.net.ua
Software
nginx / PHP/5.4.11
Resource Hash
ee591a2c0f344044e1231b8770d551afe41cbe4c6819fa0360a233235093ff42

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:04:56 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.11
Transfer-Encoding
chunked
Content-Type
text/javascript
cmeter_an.js
source.mmi.bemobile.ua/cm/ Frame F61E
10 KB
4 KB
Script
General
Full URL
http://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: r.c8.net.ua
URL: http://r.c8.net.ua/gcr.php
Protocol
HTTP/1.1
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Nov 2019 07:55:53 GMT
Server
nginx/1.13.0
ETag
W/"5dc27c89-2699"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Expires
Thu, 07 Nov 2019 07:55:53 GMT
cm.js
source.mmi.bemobile.ua/cm/ Frame F61E
52 KB
20 KB
Script
General
Full URL
http://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
HTTP/1.1
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Nov 2019 07:55:53 GMT
Server
nginx/1.13.0
ETag
W/"5dc27c89-d0f6"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
Expires
Thu, 07 Nov 2019 07:55:53 GMT
PageStatEntry
pagestat.mmi.bemobile.ua/pagestat/ Frame F61E
36 B
222 B
XHR
General
Full URL
http://pagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
HTTP/1.1
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:13 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
36
Content-Type
application/json
PageStatEntry
pagestat.mmi.bemobile.ua/pagestat/
36 B
222 B
XHR
General
Full URL
http://pagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433517680&location=http%3A%2F%2Finfoworks.ru%2F&referrer=&is_flash=0&session_id=326937839&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=C8&param1=~cm_timer~&param2=5&param3=1200&param5=9&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
HTTP/1.1
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:17 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
36
Content-Type
application/json
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200519&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77951afff4862e17b4fec5a19e4be0532d96d38c5c686b876346a25105b19260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 19:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5565
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 19:05:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Mon, 25 May 2020 19:05:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F539
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://infoworks.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://infoworks.ru/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Mon, 25 May 2020 18:17:02 GMT
expires
Tue, 25 May 2021 18:17:02 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2897
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
120 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200519&jk=3256875071516062&bg=!7u2l7fVYh2HIYp-1h9oCAAAAQlIAAAAOmQFzExZSOfHNXxcwiN6Kkvhzu63Hn8YRSjsltot8LCxhYKACwKEIHr6Vx4-MdajooQ3godjT4ggD1T7qi96mQqRqTTZRBJhJbjcjIa7n8bz3QZRhPnggcgecP93CRKFL_RZVDSfK3mBeogirFgmy0rk6yQC4KZbkPv2ypKqY4JE1gtxyXcqAAcLDvAI1JzxVIksuc8QMaNGkrhkxQ-v7T6leGmRG_QkchMXc8zittwvKNeWy1Oeg6OOcCfno1t3mpttiXQJHw4mDr8iGT12qsbnwaofxp3wtehbw25ghC-9O1PJYlS5Ptjd5U7vGd-siazlDE8EGLwFHn2TlEMIWhTvtu3aHEVvmMJtGCcmfwBs3Iz384PadqRMG5KGvaZuBFsuOzn2kzyY3FNijRr4WiVDt5w8xhcHOpSIECTSrP-BGMpMGEB7BC9452f8bcRTJY2ai1djJfiyaa4Q5UG8fY6s6zF49ITlWkekVmvXAdGkeapYsKdw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 May 2020 19:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PageStatEntry
pagestat.mmi.bemobile.ua/pagestat/
36 B
222 B
XHR
General
Full URL
http://pagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=F4427E74BCED49428EB9CD9CDB478A2A&time=1590433527680&location=http%3A%2F%2Finfoworks.ru%2F&referrer=&is_flash=0&session_id=326937839&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=C8&param1=~cm_timer~&param2=15&param3=1200&param4=10810&param5=19&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: http://source.mmi.bemobile.ua/cm/cm.js
Protocol
HTTP/1.1
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
http://infoworks.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 25 May 2020 19:05:27 GMT
Server
nginx/1.13.0
Connection
keep-alive
Content-Length
36
Content-Type
application/json

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _gaq object| _gat object| gaGlobal boolean| google object| s boolean| mobile function| ad1_300x250_l function| ad1_300x250_r function| ad1_300x250_3 function| ad1_728x90 function| ad1_160x600 function| ad1_tizer_g function| ad1_mobile object| admixerML object| _bml object| admixerJSONP object| __core-js_shared__ object| core object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| wpnConfig function| HELPER object| hb_dmx_res object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| dgcv32653 boolean| PzRbzoGy1xGbo4zE function| C8AdStorage object| c8AdObjectStorage string| ua boolean| isOpera boolean| isIE function| getDocumentHeight function| getViewportHeight object| c8BannerLoaderList object| c8PlaceUList function| c8_escape function| c8_setcode number| c8_tns_already number| c8_match_user_already function| c8_getXHRObject function| c8_XHRload_script function| c8_set_code_by_key_format function| c8_set_code_by_key function| show_code1 function| c8_set_hitua function| c8_set_gl_data function| show_code function| c8_load_script function| c8BannerLoader function| c8_tns function| c8_gemius function| c8_stat function| c8_user_match function| c8_readCookie function| c8_createCookie function| c8_getid function| in_array function| inIframe function| c8BannerLoaderI function| c8_uamobile_click_handler function| c8_uamobile_response_detector number| c8_mobile_check function| contains string| c8_sa number| cw number| ch string| c8_metric object| c8_passback number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r boolean| mobileDevice string| ad_data string| ad_container_id object| ad_container string| ad_container_idc8net_code_f1775913 object| ad_containerc8net_code_f1775913 object| head object| c8_script175c8net_code_f1775913 string| google_ad_client string| google_ad_slot number| google_ad_width number| google_ad_height string| ad_datac8net_code_f1775913 object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| html2canvas function| _open object| sCmeterScript object| pCmeterParrent number| lCmeterLenght number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm function| CrossDomainStorage object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
am15.net/ Name: AdskeeperStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fb.c8.net.ua%2Fb%2F87%2F87842.html%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22SZLLadCs5%22%7D%2C%22C891279%22%3A%7B%22page%22%3A1%2C%22time%22%3A1590433517888%7D%2C%22C891260%22%3A%7B%22page%22%3A1%7D%7D
.am15.net/ Name: wdata
Value: {}
.am15.net/ Name: uid
Value: M8Nn4TR
pa.tns-ua.com/ Name: uid
Value: F4427E74BCED49428EB9CD9CDB478A2A
b.c8.net.ua/ Name: rekmob_last_seen_5928ac6440cd44d2b9849bdd48dfdb47
Value: 1590433516515
b.c8.net.ua/ Name: rekmob_props_605177
Value: %7B%22date%22%3A1590433217101%2C%22rekJs%22%3A%7B%22rekmob_ad_unit_type%22%3A1%2C%22rekmob_native_type%22%3Anull%2C%22rekmob_ad_width%22%3A300%2C%22rekmob_fixed_cpm%22%3A0%2C%22rekmob_network_ids%22%3A%22anx_placement_id%3D17723636%3Badf_placement_id%3D733804%3Bcrt_id%3D1%22%2C%22rekmob_ad_unit%22%3A%225928ac6440cd44d2b9849bdd48dfdb47%22%2C%22rekmob_app_type%22%3A0%2C%22rekmob_ad_height%22%3A250%2C%22region_id%22%3A605177%7D%2C%22countryCode%22%3A%22CH%22%2C%22cookieTime%22%3A1590433515583%7D
.am15.net/ Name: wbn
Value: 10700
.doubleclick.net/ Name: IDE
Value: AHWqTUlY46f301GQbUl8VsYrKxW84bPP_CYWOax5e1NF1Gw-DEtyQXQzscrIfyMZ
.c8.net.ua/ Name: I
Value: 90433499
.am15.net/ Name: 80d78
Value: 1
.am15.net/ Name: unic_vc
Value: yhmx2hg.1BSxNCVz1BbmFFnn
b.c8.net.ua/ Name: bidswitch_last_time
Value: 1590433515440

6 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Mraid Ready false
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Event view http://inv-nets-eu.admixer.net/ev_view.aspx?cc=CH/ZH/2657896&am-uid=173fad7a844040b8ad65f76da015ed94&cet=4&zone=06f83056-2831-452d-b6cd-e229ab9d3d1a&rule=9e1e0abc-8789-4721-83bd-1c0f636da52b&requestId=8b94b08d-a6c7-4d17-80b0-e7fad05820ef&page=infoworks.ru%2F&pvid=a569b9da-59f0-4059-a09c-efee0091da72&inst=ADS-EU-8&ts=637260303098253931&sf=0
console-api log URL: http://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1)
Message:
Event view http://inv-nets-eu.admixer.net/ev_view.aspx?cc=CH/ZH/2657896&am-uid=173fad7a844040b8ad65f76da015ed94&cet=4&zone=dec062a7-23a1-444e-871f-157c43642c17&rule=025ab045-7634-4cbf-ba25-3450849e3b88&requestId=4b30cc09-54af-4be0-9dc6-a34cc853cae9&page=infoworks.ru%2F&pvid=a569b9da-59f0-4059-a09c-efee0091da72&inst=ADS-EU-8&ts=637260303098253931&sf=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actiflex.org
actpx.com
ad.advon.info
ads.adsinspidsp.com
ads.betweendigital.com
ads.programattik.com
adservice.google.com
adservice.google.de
advon.net
am15.net
b.c8.net.ua
bidswitch-eu.splicky.com
c.bigmir.net
c8.net.ua
cdn.admixer.net
cm.g.doubleclick.net
counter.yadro.ru
exchange.buzzoola.com
farension.com
googleads.g.doubleclick.net
i.bigmir.net
icode.advon.net
infoworks-ru.advon.net
infoworks.ru
inv-nets-eu.admixer.net
inv-nets.admixer.net
jsc.marketgid.com
m.trafmag.com
match.c8.net.ua
pa.tns-ua.com
pagead2.googlesyndication.com
pagestat.mmi.bemobile.ua
pubs2-eu.creativecdn.com
r.c8.net.ua
r3.c8.net.ua
repetitor.info
s.console.adtarget.com.tr
source.mmi.bemobile.ua
ssp.adriver.ru
ssp.c8.net.ua
t.trafmag.com
tizerads.advon.net
tpc.googlesyndication.com
uaadcodedsp.rontar.com
uuidksinc.net
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
146.0.227.110
172.217.23.98
185.184.8.30
188.42.191.196
193.200.65.5
193.200.65.6
193.239.68.97
193.239.71.100
194.247.175.19
194.247.175.22
194.247.175.38
212.1.66.234
212.1.66.239
2606:4700:3030::6818:78ec
2606:4700:3031::6818:61f6
2606:4700:3032::681f:5fa9
2606:4700:3034::681b:b1f3
2606:4700:3037::6812:369c
2a00:1450:4001:801::200e
2a00:1450:4001:814::2001
2a00:1450:4001:81b::2002
2a03:90c0:9997::9997
31.220.27.134
35.210.215.44
5.9.13.98
52.58.36.240
62.149.0.137
81.222.128.216
88.208.46.233
88.208.46.48
88.212.201.216
88.99.98.223
89.184.66.167
89.184.66.172
89.184.66.97
93.170.27.229
94.130.13.220
95.216.240.254
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0bb2ecec828231314c53eeddb929ac4a79bde0975a7405d6f0fdfce309b1e76c
0ca763af24d15ce0742a1bf67304d0a23587b0a9d296670742a5caf7eee5e9fb
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1304280e4ae3bb5eca45cfc6395745eeb64273e571485e54976d866053f0742f
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
167b55affdd428ad5e5dea37917cba884e75655266e1b3544696aef6a896cb8c
1b160d7955c7b2c291eb2e99a4ead04b586e2dcd4af5b4ce8e865168f6e4b76d
1db56be10861121c71b76072fb008d442555f05822e3777ce7ce2d9d1cef1b73
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
377929b8556331047c8ddb25dc0744a1946cf72a0116ac5578c51ae147ffb92a
39db1cbb7e0c697d2edc944b73c6ef0ae0db04ff9bf57c3386e4620619c84fb1
3dbef48c975d6e0975f4176461fbf7154bb50b4d18aaec61097ca4c9d55ab8ba
3e22fa5ed4ba8cb15ccc0fd386ba92e3eb6e44320e0f443fbf3b5cc9a50be55a
44835d3366175788e81b9c393be66ea3f51826d7a216681ffa6dd2ec89dab2da
44d04550897ae7fd27f01f8884145bb9ef4dddcc73bf87a1f5b639275bb61904
47b9b286f4fd93545c436e3e096d5e2119afad44ad4a2392e7f5e8f74bedc29d
54c177e1fca0ac449a46e4514b6383ac0cb0a16f969a621d1ed29390c8761b95
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5d2d2c4628d9c350b76a0fc7bf7f5da66894c6d9aafe2de1d9e304fc034ff72d
5dfb3c411375e9e10abea6b346c50207f035ef1754990edd52196b0a60b7baf5
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
65e9ada049db714c820c47b0d855e2af6add274850cfc7896c43003fcd383162
663cbb400d0abe33342991eb39bfba2c25bc8d9402d3d99c0f5deeeb2b0a41f6
681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d
68e7b53c67cb1a5d441425077e0080db68cdd40a8aa9c198fdceff90de435e8d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
77951afff4862e17b4fec5a19e4be0532d96d38c5c686b876346a25105b19260
805b3d00141a5790cce889a3e098dd3e88e90ee166d03f969ad16364ba289c04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9384c34c1865fe2d92ec677995c9a44fdf2909a2bc89e28adcaf18092c5403ca
960e5a6f105a5c55bec3f1c77264f60b10d04bb0f91433593b662cdd2c499344
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a62c87f22ff363b22319371fd33e8274044139445b8a834d49764504052589ff
a8b23442282925142e92bafa2ec8c100e7c0a91b282a00df11c986f6062f9e60
ace9d28180ae3b890ae427d99a7020a6a3230c6df6b4e8c6e422b575298c2640
b0a740b67b3e9f868641878f61e64724977b0d493a93d2a8ad8dc54ea8e4e30c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb4e40e14d85f38305e7ddf168586275474704c67a78224bd2cd967289446f5f
bd89ce70fe52ca12081c9f2e0350c8d7b4120b14cb9230c4cddb5e29ff948a1d
c0cd8d6c8028f7d03fc811c3a9eb4c7fe63b025b1421fe14318c35662dbc404c
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
d0b3404fceb6bbd79a99ea6d8241b1b29ac1ffb3c7d97bfc1b873b49c0ad6a09
d45c81284c2e259e75fee13ce5f55222aab6e2d953bbc241f234ec4fd1ed25cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e702a29d206e929afb115a0f93d4bfc13472b5e0cc7a761eba18c26e8efc3104
ec198f2ba6b293caed13b5116a490c04b0ea07ab472a9b5f92d620b58337821e
ed05ba91dd14ec3a41dc409a96da4b3169ae98ba195a18cf05e38a42cefefaaf
ee591a2c0f344044e1231b8770d551afe41cbe4c6819fa0360a233235093ff42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12360878fc00708d91522749da55b430d5ee2eed1d930c0a6d41b4997115cc8
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993
f778b6ba9ce65a96906fd54215dff0f579547bf8c31a08cd518253b08c096832
f8e35c16989f3d2952aaca7441470dfaea2d9b5769ddf0a885cefe0f6708b5a6