getfile.dokpub.com Open in urlscan Pro
78.46.92.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://getfile.dokpub.com/
Effective URL:
https://getfile.dokpub.com/
Submission Tags: falconsandbox
Submission: On April 19 via api (April 19th 2021, 6:46:05 am UTC) from US

Summary HTTP 58 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 23 domains to perform 58 HTTP transactions. The main IP is 78.46.92.107, located in Germany and belongs to HETZNER-AS, DE. The main domain is getfile.dokpub.com.
TLS certificate: Issued by R3 on March 13th 2021. Valid for: 3 months.

This is the only time getfile.dokpub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	78.46.92.107 78.46.92.107	24940 (HETZNER-AS) (HETZNER-AS)
7 21	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3 19	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
1 1	212.11.152.207 212.11.152.207	8901 (Moscow Ma...) (Moscow Mayor_s Office)
1 2	148.251.41.166 148.251.41.166	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 2	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
2 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	18.202.205.86 18.202.205.86	16509 (AMAZON-02) (AMAZON-02)
1 1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
3 3	78.46.16.13 78.46.16.13	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
2 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
58	15

2 78.46.92.107 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.107.92.46.78.clients.your-server.de

getfile.dokpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 7 redirects

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::90 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.11.152.207 (Moscow, Russian Federation) 1 redirects

ASN8901 (Moscow Mayor_s Office, RU)

stats.mos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.41.166 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.166.41.251.148.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.174 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.205.86 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-205-86.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Netherlands) 1 redirects

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.16.13 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-2.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	yandex.ru 5 redirects informer.yandex.ru an.yandex.ru mc.yandex.ru ysa-static.passport.yandex.ru yandex.ru	148 KB
15	yandex.com 5 redirects mc.yandex.com	5 KB
8	doubleclick.net 4 redirects cm.g.doubleclick.net googleads.g.doubleclick.net	6 KB
6	google.de www.google.de	474 B
6	google.com 2 redirects www.google.com	747 B
6	yastatic.net yastatic.net	175 KB
3	googleadservices.com 2 redirects www.googleadservices.com	15 KB
3	upravel.com 3 redirects sync.upravel.com 8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	542 B
2	1dmp.io 2 redirects sync.1dmp.io	1018 B
2	aidata.io 2 redirects x01.aidata.io	991 B
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru yandex-sync.rutarget.ru	860 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	semantiqo.com 1 redirects sonar.semantiqo.com	977 B
2	dokpub.com 1 redirects getfile.dokpub.com	4 KB
1	tns-counter.ru 1 redirects cm.tns-counter.ru	387 B
1	hybrid.ai 1 redirects dm.hybrid.ai	404 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru	244 B
1	adriver.ru ssp.adriver.ru	201 B
1	yadro.ru 1 redirects counter.yadro.ru	332 B
1	mos.ru 1 redirects stats.mos.ru	359 B
1	yandex.net avatars.mds.yandex.net	35 KB
58	23

	Domain	Requested by
19	an.yandex.ru	3 redirects getfile.dokpub.com an.yandex.ru yastatic.net
15	mc.yandex.com	5 redirects getfile.dokpub.com mc.yandex.ru
6	www.google.de
6	www.google.com	2 redirects
6	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
6	yastatic.net	an.yandex.ru yastatic.net getfile.dokpub.com
5	mc.yandex.ru	2 redirects getfile.dokpub.com yastatic.net
3	www.googleadservices.com	2 redirects yastatic.net
2	sync.upravel.com	2 redirects
2	dpm.demdex.net	1 redirects yastatic.net
2	redirect.frontend.weborama.fr	2 redirects
2	sync.1dmp.io	2 redirects
2	x01.aidata.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sonar.semantiqo.com	1 redirects yastatic.net
2	getfile.dokpub.com	1 redirects
1	yandex.ru	yastatic.net
1	8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	dm.hybrid.ai	1 redirects
1	profile.ssp.rambler.ru	1 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	ssp.adriver.ru	yastatic.net
1	counter.yadro.ru	1 redirects
1	stats.mos.ru	1 redirects
1	ysa-static.passport.yandex.ru	yastatic.net
1	avatars.mds.yandex.net	getfile.dokpub.com
1	informer.yandex.ru	getfile.dokpub.com
58	30

This site contains links to these domains. Also see Links.

Domain
dokpub.com
dev256.com
metrika.yandex.ru

Subject Issuer	Validity	Valid
dokpub.com R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2021-03-12` - `2021-09-10`	6 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-03-15` - `2021-09-13`	6 months	crt.sh
semantiqo.com R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
yandex.ru Yandex CA	`2021-03-18` - `2021-09-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://getfile.dokpub.com/
Frame ID: FF855FDAD36F2E819225FF0B1AC6213A
Requests: 21 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: 7C23F1C6482B590BC3034E89D68A1F3F
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://getfile.dokpub.com/ HTTP 301
https://getfile.dokpub.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

58
Requests

100 %
HTTPS

37 %
IPv6

23
Domains

30
Subdomains

15
IPs

5
Countries

381 kB
Transfer

1289 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://dokpub.com/
Title: DokPub.com

Search URL Search Domain Scan URL

URL: https://dev256.com/
Title: dev256.com

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=32422420&from=informer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://getfile.dokpub.com/ HTTP 301
https://getfile.dokpub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9248.mgnXux0ST7mzEaIA_fJGGvKuOHdwlJJqZZ7-5XAX7G_yZd6mb0ck1TgRlQAYioPJ.W6_EGIRo7ay5tcWzA4xlDBVnwuc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9248.kKiEQ2HxQ3w6V43UZL8EiujlrUyGqPFpBc-K_4jRaoC_T7vYy4I-IbPnDOA_t-QdDdm0Jr6cvblYjaHA0FoV5A%2C%2C.48HYficeqq4WKOj_xRtgZqsoMY4%2C

Request Chain 9

https://mc.yandex.com/watch/32422420?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A145278706728%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084547%3Aet%3A1618814748%3Ac%3A1%3Arn%3A963884041%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618814746017%3Ads%3A0%2C72%2C968%2C1%2C631%2C0%2C%2C6%2C0%2C%2C%2C%2C1681%3Adsn%3A0%2C71%2C968%2C0%2C631%2C0%2C%2C8%2C0%2C%2C%2C%2C1680%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85 HTTP 302
https://mc.yandex.com/watch/32422420/1?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A145278706728%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084547%3Aet%3A1618814748%3Ac%3A1%3Arn%3A963884041%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618814746017%3Ads%3A0%2C72%2C968%2C1%2C631%2C0%2C%2C6%2C0%2C%2C%2C%2C1681%3Adsn%3A0%2C71%2C968%2C0%2C631%2C0%2C%2C8%2C0%2C%2C%2C%2C1680%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9248.5lNShvRwJV1KqPi53kasLGcWUhIowvLJZd2yK1EYRADpx6PmHpM2Hv0lO-OS1WhH.4oB89Z4CaTJXcQvwnG38sI-wHBU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9248.oXCHJQkoH2LQu6xcnLe24Y0_gbkrVU7NcMv90IAoJi-9WA6-IPz5uAlIimFB1VuIH58RvROj2qk_w6p-jyyaFw%2C%2C.d4eSgr4nGEEMmhtkpRQYxSfxmrI%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9248.k3aIUkzcONKk2HodeOyE5hrczqNchD2nj_bnjrry25bM5KnpLfx6h6Pf3SeM_3LFsNxT7PhrTgAElD-dN3TYUg%2C%2C.qouakKWVmeZNgRtwYsNbdQJQmlw%2C

Request Chain 17

https://stats.mos.ru/gc/ynd/ HTTP 302
https://an.yandex.ru/mapuid/ditmsk/Cg8qAmB9JxxbiCrnO5pyAgA=?time=1618814748.857

Request Chain 18

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=ec3988f8e47148d5b3bed148178716b5 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=ec3988f8e47148d5b3bed148178716b5

Request Chain 20

https://an.yandex.ru/mapuid/google/ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D19D193232490858&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D19D193232490858&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 21

https://dmg.digitaltarget.ru/1/119/i/i?i=1618814748 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1618814748 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/HnkC3FGZnGRpADc7Knrs

Request Chain 22

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/ANr0l3Qfb25t?sign=1721429540

Request Chain 23

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/setud/rutarget/g5yBott1vD_j?sign=3368926771

Request Chain 24

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/U6eq94hADSMpkzKtBoHHRA?sign=1825136222

Request Chain 25

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/dff210f1-a0da-11eb-a15e-901b0e8d6a9d?sign=3512037121

Request Chain 26

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2758926056 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/7/PrVIb/GKuI99mUshaVnu

Request Chain 27

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 28

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=229597352E7EBABF HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=229597352E7EBABF

Request Chain 29

https://dm.hybrid.ai/yandexdmp-match HTTP 302
https://an.yandex.ru/mapuid/dmphybridai/ab6db8f616229859444d?sign=671953631

Request Chain 30

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/15b7b31ba05f4d03b0871bbb6cb98085fa156126f620b40b5d01281d5aaae0ac

Request Chain 31

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/jQtcDZtgQZi8DbpAFH3fvw

Request Chain 40

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hid9YP-AKIDC7_UPkdi80AE&random=991310802&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412&ipr=y

Request Chain 41

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hid9YKqDKPmU7_UPvMSaoAw&random=1001512121&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251&ipr=y

Request Chain 42

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A570601684910%3Ahid%3A282048199%3Az%3A120%3Ai%3A20210419084550%3Aet%3A1618814751%3Ac%3A1%3Arn%3A850278378%3Au%3A1618814751785478553%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1618814748348%3Ads%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C26%2C0%2C701%2C701%2C0%2C133%3Adsn%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C22%2C0%2C701%2C701%2C0%2C133%3Ati%3A2%3Ast%3A1618814751 HTTP 302
https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A570601684910%3Ahid%3A282048199%3Az%3A120%3Ai%3A20210419084550%3Aet%3A1618814751%3Ac%3A1%3Arn%3A850278378%3Au%3A1618814751785478553%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1618814748348%3Ads%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C26%2C0%2C701%2C701%2C0%2C133%3Adsn%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C22%2C0%2C701%2C701%2C0%2C133%3Ati%3A2%3Ast%3A1618814751

Request Chain 57

https://an.yandex.ru/count/WIeejI_zO6S01Ga010zd8v7-1WSl00K0Pm4GW8200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG7D070j08We20W0A02W682WraCrNC-wm00DTY1AvDmF0B1gWF-zcIXP6HYuWSa122fys0mP6fxhi1-10Auf-soGdm4WY8u1G1s1N1YlRieu-y_6FmoHRmFu4Ng1SDcHZG627u680Pk1d___y1m1cRZhIAe-F-mMFI6H9vOM9pNtDbSdPbSYzoDJ4vBJFe6O08y1c0mWCE0CHhO51mLqN39Bg5a51YO2vRxVKCATsZkkMUPsZCH1vSMZj7BO7WW75m4GmA~1=WXCejI_zOA41JH00X1g2p0KNeGAggzJ0uWI00Q_IzWA80SV8nFHpa06mvTNwpe20W0AO0R3brVfEe060tAW1WDpL-awu0TRvwEGXs07qfA-P0U01bfMlcG7e0Qu3e0AE-eK1c0F0X3sm0x4iY0NAz3wG1Sh8Ux05bRKVk0MLjH_2aGxW1NUe1k82k0U01V470028X_r2oGhWMc3eVtZmF_WAWBKOsGlxhD0DYImG7EWBolG-gGmQjI7R_ppQF-WCcmQO3RBSGZ-W3i24FTaFW12wa80TeU0HmPbFw16PhR6QniASh8_mT_H09Qs0bhd3oZ-O4mAe4uRSa-d_oiUV0k0JbRKVY1JWaPpKxUkGiLEW59Mr7wWKoiXx-fh0WmRe58m2q1M3kjU31jWLmOhsxAEFlFnZe1RGhzs31h0MsWJ95j0MafdUlW615vWNbxMqBBWN0S0NjHBO5y24FUWN0PaOe1W7i1Y2k_I31hWO0VWO-DRLmf6jjuXbW1c96JGla1a1e1d00RWP____0U0P0UWPW0Zm6O320u4Q__-pwNjmdzAG6e20WO20W810k1e1zHe100007G3-n3XI1t4DPHIA21eYWNo4XiPOvzurV1bfwLQNFZ1WLRikf9Si4Fn5h8B6HX1gw-fyP1ciVDmvajv28d3WDM9WijZO19qq1jdWanK__C6RMocTFyxl8x_Kp2NO9k00~1?stat-id=1&test-tag=69269530409473&format-type=126&actual-format=78&pcodever=14462&banner-test-tags=eyI3MjA1NzYwNDYzNTUzOTgwMCI6IjU3MzYwIn0%3D&renderWidth=1024&renderHeight=165&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP 302
https://an.yandex.ru/count/WIGejI_zO6S0rGW0P0vd8v7-OlzZJWK0Pm4GmO200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG780A0OWA3MGpLSpxh000rs84hat0y0i6g0_xsPA5aP6BY1oG48AdpO31aQdkkm7u40hYdxR92V0I28ZW507O5S6AzkoZZxpyO_395l0_WHUe5msP6D0O8VWOW1cu6V___m706PkEj8gZu_x1Oz8P4dbXOdDVSsLoTcLoBt8rCJajC-WPW0Zm6O320my0n6jWK71NHSCakeMGK69WBbljzGmftQEwvPvdQCn47bnQEqSH28wo5_xO9GukWkq1~1=WXiejI_zOAO1ZH00D1jkN2c7fW8GW8200QghrC3Y1801hzBs0eW1nyZ4z7EG0R3brVhEW8200fW1iENL-awW0O3Sg060tDNwJhW1rldev27O0VIahva1u06MbQ-P0UW1hWEW0exwXG6O0y24FR03iIo81ShqFf05oiXxi0MLjH-u1PMr7yAH3k05TwW6uWAm1u20a0ou1u05yGS008Y7_KB92k1QOEX_UF0_-0g0jHZP2_kiq0s9B10Sw0lAz3wf31gr8Tl_FDe_w0oR1fWDijn2Fw0Em8GzsG-04BgGW1sXu171cK_e4PcjiPh6mfoiZ_1tz40bhO2MkSFAFvWJ0gWJXjoJwV_Anvy2u1ELjH-85E2HdDJjwv2nKw0KbRKVg1JAo7lwci231kWKZ0BG5OEwruC6s1N1YlRieu-y_6EW5j2ltOC6i1RQ1CaMq1QIcTw-0O4Nc1UNjRGik1S1m1Ur4jWNm8Gzw1S1cHYW60Um68Axz8C6k1W1-1ZurjN2aQstY6M06OaPD2-G6G6W6S01k1d___y1u1a1w1c02F0PWC83WHh__xFfUt2Vqf0QW821W820W42u6W7r6W40000S00F5E587SGrb58e86YA1V8G6oLZd1ZPyMMhfzfS-M61LkpEabomGJ4QiWiPQ46ehx7nakQny73kItk8YS60uOc1fiR4L29-i8E8Ftl1AwVp1VX_vfMOknZOn1m00~1?stat-id=1&test-tag=69269530409473&format-type=126&actual-format=78&pcodever=14462&banner-test-tags=eyI3MjA1NzYwNDYzNTUzOTgwMCI6IjU3MzYwIn0%3D&renderWidth=1024&renderHeight=165&confirmTime=2100000&confirmRatio=1000000&wmode=0

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
getfile.dokpub.com/
Redirect Chain

http://getfile.dokpub.com/
https://getfile.dokpub.com/

8 KB
4 KB

1041ms
968ms

Document
text/html

78.46.92.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://getfile.dokpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.92.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.92.46.78.clients.your-server.de
Software: nginx / PHP/5.6.17
Resource Hash: f507c78268e95aae05ef2521792b1b368826df3c7c89eccbb2a6118d5c5a7885

Request headers

Host: getfile.dokpub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: gfdp=gfdpck2qu7RVQFkAU6MjVhiwkIMR5tN8M_tkAbwVeL68P0H4g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 19 Apr 2021 06:45:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.17
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 19 Apr 2021 06:45:46 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.17
Set-Cookie: gfdp=gfdpck2qu7RVQFkAU6MjVhiwkIMR5tN8M_tkAbwVeL68P0H4g; expires=Thu, 18-Apr-2024 06:45:46 GMT; Max-Age=94608000; path=/; domain=dokpub.com
Location: https://getfile.dokpub.com/

GET
H2 200 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/32422420/ 1 KB
2 KB 143ms
52ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/32422420/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

39ed028b8ff044efd74d8d7f9fa0e94ca2e6c29bdebb2abdb317147cfae2f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:47 GMT
last-modified: Mon, 19-Apr-2021 06:45:47 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1352
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:47 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 127 KB
36 KB 152ms
55ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

77d09953400f51db88922140c65ba03c93e7d04bb0a169ffd8e5369ab9b5729f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1346320374
x-yandex-req-id: 1618814747820695-365180354974201718700107-production-app-host-vla-pcode-76
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 19 Apr 2021 07:45:47 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
44 KB 132ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

553eb5bbd710f85a90e930f22e9c7dec5b9d5e28ff96b7129802b7fe894a4209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:47 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 10:37:30 GMT
etag: "60705d6f-ad38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44344
expires: Mon, 19 Apr 2021 07:45:47 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9248.mgnXux0ST7mzEaIA_fJGGvKuOHdwlJJqZZ7-5XAX7G_yZd6mb0ck1TgRlQAYioPJ.W6_EGIRo7ay5tcWzA4xlDBVnwuc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9248.kKiEQ2HxQ3w6V43UZL8EiujlrUyGqPFpBc-K_4jRaoC_T7vYy4I-IbPnDOA_t-QdDdm0Jr6cvblYjaHA0FoV5A%2C%2C.48HYficeqq4WKOj_xRtgZqsoMY4%2C

75 B
75 B

45ms
45ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9248.kKiEQ2HxQ3w6V43UZL8EiujlrUyGqPFpBc-K_4jRaoC_T7vYy4I-IbPnDOA_t-QdDdm0Jr6cvblYjaHA0FoV5A%2C%2C.48HYficeqq4WKOj_xRtgZqsoMY4%2C

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9248.kKiEQ2HxQ3w6V43UZL8EiujlrUyGqPFpBc-K_4jRaoC_T7vYy4I-IbPnDOA_t-QdDdm0Jr6cvblYjaHA0FoV5A%2C%2C.48HYficeqq4WKOj_xRtgZqsoMY4%2C
date: Mon, 19 Apr 2021 06:45:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
220 B 50ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Fri, 16 Apr 2021 09:10:40 GMT
etag: "60705d6f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Apr 2021 07:45:48 GMT

GET
H2 200 256990 Show response
an.yandex.ru/meta/ 54 KB
18 KB 159ms
158ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/256990?grab=dNCh0LrQsNGH0LDRgtGMINCx0LXRgdC_0LvQsNGC0L3QviDRgSDRhNCw0LnQu9C-0L7QsdC80LXQvdC90LjQutC-0LIuINCa0LDQuiDQv9C-0LvRg9GH0LjRgtGMINC_0YDRj9C80YPRjiDRgdGB0YvQu9C60YMg0L3QsCDRgdC60LDRh9C40LLQsNC90LjQtSDQsiDRhNCw0LnQu9C-0L7QsdC80LXQvdC90LjQutCw0YUKMdCh0LrQsNGH0LDRgtGMINCx0LXRgdC_0LvQsNGC0L3QviDRgSDRhNCw0LnQu9C-0L7QsdC80LXQvdC90LjQutC-0LIgCjLQmtCw0Log0L_QvtC70YPRh9C40YLRjCDQv9GA0Y_QvNGD0Y4g0YHRgdGL0LvQutGDINC90LAg0YHQutCw0YfQuNCy0LDQvdC40LUg0LI6IAoy0JrQsNC6INC-0L_Rg9Cx0LvQuNC60L7QstCw0YLRjCDRgdC_0LjRgdC60L7QvCDRgdGB0YvQu9C60Lgg0L3QsCDRgdC60LDRh9C40LLQsNC90LjQtSDQsjogCjPQodC-0LPQu9Cw0YjQtdC90LjQtSDRgSDQv9C-0LvRjNC30L7QstCw0YLQtdC70LXQvCAK&target-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&pcode-test-ids=314122%2C0%2C11%3B351542%2C0%2C70%3B353670%2C0%2C27%3B338027%2C0%2C35%3B330366%2C0%2C5%3B351586%2C0%2C16%3B355108%2C0%2C78&pcode-flags=%7B%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22286573%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22ctl%22%2C%22PACKSHOT_POSTER%22%3A%22ctl%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22stickyColor%22%2C%22PCODEVER%22%3A%2214462%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=7170851121618814747&duid=MTYxODgxNDc0ODY2NjcxMTEw&imp-id=1&enable-flat-highlight=1&test-tag=69269232549890&ad-session-id=7461621618814748010&target-id=29241905&tga-with-creatives=1&pcode-version=14462&pcodever=14462&flash-ver=0&available-width=1024&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.2%2C%22w%22%3A1024%2C%22h%22%3A0%2C%22width%22%3A1024%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A288%2C%22top%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B5533979363517%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7d3ec64a70e026a60eefc7c956b09dd481ed06e8ff39d13cbdfb6e8bc1ea4c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
content-type: application/json
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
ssr: true
x-yandex-req-id: 1618814748056147-1628605056576240631300107-production-app-host-sas-pcode-115
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

GET
H2 200 ef604373f319a9f95393.js Show response
yastatic.net/partner-code-bundles/14462/ 12 KB
5 KB 110ms
36ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14462/ef604373f319a9f95393.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2d37f01d2947b8657264de8df2fb6dfa1f32eb0373b34b481ee692f67b9162cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://getfile.dokpub.com
Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4201
last-modified: Fri, 16 Apr 2021 19:18:13 GMT
server: nginx/1.17.9
etag: "7846d4e363fe493a0c4942e532f62bc5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2051 13:19:27 GMT

GET
H2 200 fb9004ff136a85e4f81d.js Show response
yastatic.net/partner-code-bundles/14462/ 361 KB
79 KB 147ms
73ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14462/fb9004ff136a85e4f81d.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0986d92029f4bf3a03a8c3de38636d5f97c17f8b818347488db3a1b2b300ba42

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://getfile.dokpub.com
Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 79972
last-modified: Fri, 16 Apr 2021 19:18:13 GMT
server: nginx/1.17.9
etag: "b7d4edc92308e077ca9fb7c3d9ad8b26"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2051 13:19:27 GMT

GET
H2 200 b2c7f4b0919292fe83a6.js Show response
yastatic.net/partner-code-bundles/14462/ 240 KB
42 KB 202ms
129ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14462/b2c7f4b0919292fe83a6.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f22a3d485c576eac167aa7a961b7fe261374b7efe45268bed79e52bad8ec6001

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://getfile.dokpub.com
Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 42624
last-modified: Fri, 16 Apr 2021 19:18:13 GMT
server: nginx/1.17.9
etag: "75638a3f7695dc69feee130b27365398"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2051 13:20:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/32422420/
Redirect Chain

https://mc.yandex.com/watch/32422420?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/32422420/1?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3A...

184 B
266 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/32422420/1?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A145278706728%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084547%3Aet%3A1618814748%3Ac%3A1%3Arn%3A963884041%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618814746017%3Ads%3A0%2C72%2C968%2C1%2C631%2C0%2C%2C6%2C0%2C%2C%2C%2C1681%3Adsn%3A0%2C71%2C968%2C0%2C631%2C0%2C%2C8%2C0%2C%2C%2C%2C1680%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f3e529f229a0af2b8a2fcaa361a7d5172422f55a3df85fa606f883af1f7a19e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
location: /watch/32422420/1?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A145278706728%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084547%3Aet%3A1618814748%3Ac%3A1%3Arn%3A963884041%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618814746017%3Ads%3A0%2C72%2C968%2C1%2C631%2C0%2C%2C6%2C0%2C%2C%2C%2C1681%3Adsn%3A0%2C71%2C968%2C0%2C631%2C0%2C%2C8%2C0%2C%2C%2C%2C1680%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85
strict-transport-security: max-age=31536000
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 35ms
35ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://getfile.dokpub.com
Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2051 13:21:36 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9248.5lNShvRwJV1KqPi53kasLGcWUhIowvLJZd2yK1EYRADpx6PmHpM2Hv0lO-OS1WhH.4oB89Z4CaTJXcQvwnG38sI-wHBU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9248.oXCHJQkoH2LQu6xcnLe24Y0_gbkrVU7NcMv90IAoJi-9WA6-IPz5uAlIimFB1VuIH58RvROj2qk_w6p-jyyaFw%2C%2C.d4eSgr4nGEEMmhtkpRQYxSfxmrI%2C
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9248.k3aIUkzcONKk2HodeOyE5hrczqNchD2nj_bnjrry25bM5KnpLfx6h6Pf3SeM_3LFsNxT7PhrTgAElD-dN3TYUg%2C%2C.qouakKWVmeZNgRtwY...

43 B
259 B

44ms
44ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9248.k3aIUkzcONKk2HodeOyE5hrczqNchD2nj_bnjrry25bM5KnpLfx6h6Pf3SeM_3LFsNxT7PhrTgAElD-dN3TYUg%2C%2C.qouakKWVmeZNgRtwYsNbdQJQmlw%2C

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9248.k3aIUkzcONKk2HodeOyE5hrczqNchD2nj_bnjrry25bM5KnpLfx6h6Pf3SeM_3LFsNxT7PhrTgAElD-dN3TYUg%2C%2C.qouakKWVmeZNgRtwYsNbdQJQmlw%2C
date: Mon, 19 Apr 2021 06:45:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/ 34 KB
35 KB 132ms
43ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4474510/1oQc0AlscF6DCbh4K8pDag/x450
Requested by: Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 01d0ea1b7fe1fc63ab2bc12977f7f3f82afbaa87906a2c0b7af380bd0acfeed2

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Thu, 08 Apr 2021 20:01:37 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 35284
x-request-id: f4aaa95bd592e409

POST
H2 200 1 Show response
mc.yandex.com/watch/32422420/ 43 B
159 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/32422420/1?page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A1%3Als%3A145278706728%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084548%3Aet%3A1618814748%3Ac%3A1%3Arn%3A16247795%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1618814746017%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 7C23 22 KB
6 KB 104ms
34ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.80/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://getfile.dokpub.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://getfile.dokpub.com/

Response headers

server: nginx/1.17.9
date: Mon, 19 Apr 2021 06:45:48 GMT
content-type: text/html
content-length: 6026
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f883bd7781c332870c9968db60e89349"
expires: Wed, 19 Apr 2051 13:18:37 GMT
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 7C23 95 B
400 B 153ms
49ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Tue, 20 Apr 2021 06:45:48 GMT

GET
H2

200

Cg8qAmB9JxxbiCrnO5pyAgA=
an.yandex.ru/mapuid/ditmsk/ Frame 7C23
Redirect Chain

https://stats.mos.ru/gc/ynd/
https://an.yandex.ru/mapuid/ditmsk/Cg8qAmB9JxxbiCrnO5pyAgA=?time=1618814748.857

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ditmsk/Cg8qAmB9JxxbiCrnO5pyAgA=?time=1618814748.857

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/ditmsk/Cg8qAmB9JxxbiCrnO5pyAgA=?time=1618814748.857
Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx/1.14.0
Connection: keep-alive
Content-Length: 161
Content-Type: text/html

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame 7C23
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=ec3988f8e47148d5b3bed148178716b5
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=ec3988f8e47148d5b3bed148178716b5

0
355 B

24ms
24ms

Image
text/html

148.251.41.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=ec3988f8e47148d5b3bed148178716b5
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 148.251.41.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.166.41.251.148.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
server: nginx/1.18.0
mode: no-cors
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=ec3988f8e47148d5b3bed148178716b5
Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 7C23 42 B
201 B 301ms
73ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 7C23
Redirect Chain

https://an.yandex.ru/mapuid/google/
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D19D193232490858&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=D19D193232490858&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
https://an.yandex.ru/resource/spacer.gif

43 B
135 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Mon, 04 Apr 2022 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

HnkC3FGZnGRpADc7Knrs
an.yandex.ru/mapuid/dmpamberdata/ Frame 7C23
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1618814748
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1618814748
https://an.yandex.ru/mapuid/dmpamberdata/HnkC3FGZnGRpADc7Knrs

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/HnkC3FGZnGRpADc7Knrs

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

Date: Mon, 19 Apr 2021 06:45:48 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/HnkC3FGZnGRpADc7Knrs
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 16
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2

200

ANr0l3Qfb25t
an.yandex.ru/mapuid/dmpsegmento/ Frame 7C23
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/ANr0l3Qfb25t?sign=1721429540

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/ANr0l3Qfb25t?sign=1721429540

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/ANr0l3Qfb25t?sign=1721429540
Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

404

g5yBott1vD_j
an.yandex.ru/setud/rutarget/ Frame 7C23
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/setud/rutarget/g5yBott1vD_j?sign=3368926771

43 B
103 B

63ms
63ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/rutarget/g5yBott1vD_j?sign=3368926771

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

Location: https://an.yandex.ru/setud/rutarget/g5yBott1vD_j?sign=3368926771
Date: Mon, 19 Apr 2021 06:45:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

U6eq94hADSMpkzKtBoHHRA
an.yandex.ru/mapuid/dmpaidatame/ Frame 7C23
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/U6eq94hADSMpkzKtBoHHRA?sign=1825136222

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/U6eq94hADSMpkzKtBoHHRA?sign=1825136222

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Mon, 19 Apr 2021 06:45:47 GMT
server: nginx
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/U6eq94hADSMpkzKtBoHHRA?sign=1825136222
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 19 Apr 2021 06:45:47 GMT

GET
H2

200

dff210f1-a0da-11eb-a15e-901b0e8d6a9d
an.yandex.ru/mapuid/dmpcleverdata/ Frame 7C23
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/dff210f1-a0da-11eb-a15e-901b0e8d6a9d?sign=3512037121

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/dff210f1-a0da-11eb-a15e-901b0e8d6a9d?sign=3512037121

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/dff210f1-a0da-11eb-a15e-901b0e8d6a9d?sign=3512037121
date: Mon, 19 Apr 2021 06:45:48 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2

200

GKuI99mUshaVnu
an.yandex.ru/mapuid/dmpweborama/7/PrVIb/ Frame 7C23
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=2758926056
https://an.yandex.ru/mapuid/dmpweborama/7/PrVIb/GKuI99mUshaVnu

43 B
99 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/7/PrVIb/GKuI99mUshaVnu

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
via: 1.1 google
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
server: nginx/1.12.0
location: https://an.yandex.ru/mapuid/dmpweborama/7/PrVIb/GKuI99mUshaVnu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame 7C23
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

date: Mon, 19 Apr 2021 06:45:48 GMT
server: nginx
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
x-passed: 0bal1
content-type: application/x-javascript; charset=Windows-1251
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 7C23
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=229597352E7EBABF
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=229597352E7EBABF

42 B
915 B

41ms
41ms

Image
image/gif

18.202.205.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=229597352E7EBABF

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.205.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-205-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-04ea69e97.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: DvE3Y39ISnY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: apGANj4URS0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=229597352E7EBABF
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

ab6db8f616229859444d
an.yandex.ru/mapuid/dmphybridai/ Frame 7C23
Redirect Chain

https://dm.hybrid.ai/yandexdmp-match
https://an.yandex.ru/mapuid/dmphybridai/ab6db8f616229859444d?sign=671953631

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmphybridai/ab6db8f616229859444d?sign=671953631

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
server: Hybrid Web Server
location: https://an.yandex.ru/mapuid/dmphybridai/ab6db8f616229859444d?sign=671953631
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 101
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

15b7b31ba05f4d03b0871bbb6cb98085fa156126f620b40b5d01281d5aaae0ac
an.yandex.ru/mapuid/mediascope/ Frame 7C23
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/15b7b31ba05f4d03b0871bbb6cb98085fa156126f620b40b5d01281d5aaae0ac

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/15b7b31ba05f4d03b0871bbb6cb98085fa156126f620b40b5d01281d5aaae0ac

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:48 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:48 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
server: tns-counter-3.1.0/1.18.0
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/15b7b31ba05f4d03b0871bbb6cb98085fa156126f620b40b5d01281d5aaae0ac
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

jQtcDZtgQZi8DbpAFH3fvw
an.yandex.ru/mapuid/upravelis/ Frame 7C23
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/jQtcDZtgQZi8DbpAFH3fvw

43 B
152 B

48ms
48ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/jQtcDZtgQZi8DbpAFH3fvw

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:49 GMT

Redirect headers

date: Mon, 19 Apr 2021 06:45:48 GMT
server: nginx
location: https://an.yandex.ru/mapuid/upravelis/jQtcDZtgQZi8DbpAFH3fvw
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 256990 Show response
mc.yandex.com/watch/ 35 B
69 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/256990?wmode=7&page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A2%3Adp%3A1%3Als%3A526996321674%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084548%3Aet%3A1618814748%3Ac%3A1%3Arn%3A495211994%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1618814746017%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814748%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/256990/ 43 B
85 B 45ms
45ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/256990/1?page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A1708%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A2%3Adp%3A1%3Als%3A526996321674%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084548%3Aet%3A1618814749%3Ac%3A1%3Arn%3A242165844%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1618814746017%3Ads%3A0%2C72%2C968%2C1%2C631%2C0%2C%2C6%2C0%2C%2C%2C%2C1681%3Adsn%3A0%2C71%2C968%2C0%2C631%2C0%2C%2C8%2C0%2C%2C%2C%2C1680%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814749

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

GET
H2 200 256990 Show response
mc.yandex.com/watch/ 43 B
73 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/256990?page-url=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A2%3Adp%3A1%3Als%3A526996321674%3Ahid%3A941736981%3Az%3A120%3Ai%3A20210419084548%3Aet%3A1618814749%3Ac%3A1%3Arn%3A78469041%3Au%3A161881474866671110%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1618814746017%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1618814749%3At%3A%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D1%81%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%BE%D0%B2.%20%D0%9A%D0%B0%D0%BA%20%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C%20%D0%BF%D1%80%D1%8F%D0%BC%D1%83%D1%8E%20%D1%81%D1%81%D1%8B%D0%BB%D0%BA%D1%83%20%D0%BD%D0%B0%20%D1%81%D0%BA%D0%B0%D1%87%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA%D0%B0%D1%85

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:48 GMT
last-modified: Mon, 19-Apr-2021 06:45:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://getfile.dokpub.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:48 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 7C23 105 KB
35 KB 47ms
47ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: getfile.dokpub.com
URL: https://getfile.dokpub.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 17:05:54 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 21 Apr 2021 18:44:36 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: aa63892ea6280dcc

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 7C23 123 KB
43 KB 43ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

553eb5bbd710f85a90e930f22e9c7dec5b9d5e28ff96b7129802b7fe894a4209

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 10:37:30 GMT
etag: "60705d6f-ad38"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44344
expires: Mon, 19 Apr 2021 07:45:50 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 7C23 402 B
1003 B 228ms
127ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgetfile.dokpub.com%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3b4eaaad515f3e9b673d8a259d868f474c1684914d61705f947f19fe6ae3bb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 1G1tMID20NS100000000U9nJb66sDVbiTphGyFUQ9GATEW8obZBgjGaCGE094mdzDr4vFVRUQsQ6L4QWUERlDHTuGUAb85xjHY3HoWZICHN8Ls2OoLZl3f9WO5Z8wDKBPZ2iP9ng3s5j14aPx0SIUnaR_8KOZe9bhZA2XEyoCiWmCFnbdCN4m32N2IIobEa6aBsMA...
an.yandex.ru/rtbcount/ 43 B
152 B 49ms
48ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1G1tMID20NS100000000U9nJb66sDVbiTphGyFUQ9GATEW8obZBgjGaCGE094mdzDr4vFVRUQsQ6L4QWUERlDHTuGUAb85xjHY3HoWZICHN8Ls2OoLZl3f9WO5Z8wDKBPZ2iP9ng3s5j14aPx0SIUnaR_8KOZe9bhZA2XEyoCiWmCFnbdCN4m32N2IIobEa6aBsMAGh8Filq7mXUCGdy5H40Ee61OTCZvdM-1rWP_ZAnWfp0329xcHL13c46QPxBp0Io6aWgGAncpcAzOXh2s9j-abbcTfXdTR-du5MmohjWyYUpWnC_nE4i1yy8WrahMFxtiUvWOJh0mdY1fUtEv9V_JnsVptIJ1UAP3_OFMSwU0O4xzczPG1vPmCfxajL47o9zarMQtTTGwdTpybTMaDiNi3rvtjczuylQ1ta0iKTg-G00?confirmTime=2100000&confirmRatio=1000000&test-tag=69269232549890&format-type=126&actual-format=78&rnd=1275529309560&renderWidth=1024&renderHeight=165

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:50 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 7C23 36 KB
14 KB 78ms
33ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

1a58653b1d34da07818ccc196f91736ba7b21841bc1e1c1e7416d8c699239ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
server: cafe
etag: 10699152380065569555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Apr 2021 06:45:50 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7C23
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hid9YP-AKIDC7_UPkdi80A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412&ipr=y

42 B
64 B

28ms
27ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=991310802&crd=&is_vtc=1&random=2377100412&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 7C23
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Hid9YKqDKPmU7_UPvMSaoA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251&ipr=y

42 B
64 B

28ms
27ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1001512121&crd=&is_vtc=1&random=4104696251&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/3/ Frame 7C23
Redirect Chain

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv...
https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=...

35 B
66 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A570601684910%3Ahid%3A282048199%3Az%3A120%3Ai%3A20210419084550%3Aet%3A1618814751%3Ac%3A1%3Arn%3A850278378%3Au%3A1618814751785478553%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1618814748348%3Ads%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C26%2C0%2C701%2C701%2C0%2C133%3Adsn%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C22%2C0%2C701%2C701%2C0%2C133%3Ati%3A2%3Ast%3A1618814751

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Apr-2021 06:45:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
last-modified: Mon, 19-Apr-2021 06:45:50 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A1%3Adp%3A0%3Als%3A570601684910%3Ahid%3A282048199%3Az%3A120%3Ai%3A20210419084550%3Aet%3A1618814751%3Ac%3A1%3Arn%3A850278378%3Au%3A1618814751785478553%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1618814748348%3Ads%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C26%2C0%2C701%2C701%2C0%2C133%3Adsn%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C22%2C0%2C701%2C701%2C0%2C133%3Ati%3A2%3Ast%3A1618814751
strict-transport-security: max-age=31536000
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:50 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7C23 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1618814750685&cv=9&fst=1618814750685&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59fa717ec715f5ca36faf27ca3fdba4f014cf23ab3d68b1621ee9fc56c9e3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7C23 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1618814750690&cv=9&fst=1618814750690&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af42d31e60876de173d567456234174f8f432223cd04bfdf5f14fd2fe01775c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 7C23 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1618814750698&cv=9&fst=1618814750698&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dca52f1fb6f95dcf0f9b3302e5d9d32c224e884dfa8769b8ed0c020c21011758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1133
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 7C23 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1618814750700&cv=9&fst=1618814750700&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60acf8f67fb72fb434380255c3e2426185dcc56e1daf2500b742a374b965f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1131
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7C23 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1618814750685&cv=9&fst=1618812000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=4020202651&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7C23 42 B
154 B 22ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1618814750685&cv=9&fst=1618812000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=4020202651&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 7C23 43 B
165 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 06:45:50 GMT
last-modified: Fri, 16 Apr 2021 09:10:40 GMT
etag: "60705d6f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Apr 2021 07:45:50 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 7C23 203 B
237 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgetfile.dokpub.com%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A490%3Acn%3A2%3Adp%3A1%3Als%3A519744563376%3Ahid%3A282048199%3Az%3A120%3Ai%3A20210419084550%3Aet%3A1618814751%3Ac%3A1%3Arn%3A846129462%3Au%3A1618814751490907511%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1618814748348%3Ads%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C26%2C0%2C701%2C701%2C0%2C133%3Adsn%3A0%2C70%2C34%2C6%2C0%2C0%2C%2C22%2C0%2C701%2C701%2C0%2C133%3Arqnl%3A1%3Ati%3A2%3Ast%3A1618814751%3At%3A

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d58c988f6eb2a2268d2e17e381ea38bd49c9df38eaa393e32b84bedba0c5facf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Apr-2021 06:45:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Mon, 19-Apr-2021 06:45:50 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7C23 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1618814750690&cv=9&fst=1618812000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=1044780779&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7C23 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1618814750690&cv=9&fst=1618812000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=1044780779&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 7C23 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1618814750698&cv=9&fst=1618812000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=1556324044&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 7C23 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1618814750698&cv=9&fst=1618812000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=1556324044&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 7C23 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1618814750700&cv=9&fst=1618812000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=212061449&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 7C23 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1618814750700&cv=9&fst=1618812000000&num=1&guid=ON&eid=376635470%2C2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgetfile.dokpub.com%2F&async=1&fmt=3&is_vtc=1&random=212061449&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

WIGejI_zO6S0rGW0P0vd8v7-OlzZJWK0Pm4GmO200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG780A0OWA3MGpLSpxh000rs84hat0y0i6g0_xsPA5aP6BY1oG48AdpO31a...
an.yandex.ru/count/
Redirect Chain

https://an.yandex.ru/count/WIeejI_zO6S01Ga010zd8v7-1WSl00K0Pm4GW8200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG7D070j08We20W0A02W682WraCrNC-w...
https://an.yandex.ru/count/WIGejI_zO6S0rGW0P0vd8v7-OlzZJWK0Pm4GmO200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG780A0OWA3MGpLSpxh000rs84hat0y0...

43 B
97 B

65ms
65ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WIGejI_zO6S0rGW0P0vd8v7-OlzZJWK0Pm4GmO200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG780A0OWA3MGpLSpxh000rs84hat0y0i6g0_xsPA5aP6BY1oG48AdpO31aQdkkm7u40hYdxR92V0I28ZW507O5S6AzkoZZxpyO_395l0_WHUe5msP6D0O8VWOW1cu6V___m706PkEj8gZu_x1Oz8P4dbXOdDVSsLoTcLoBt8rCJajC-WPW0Zm6O320my0n6jWK71NHSCakeMGK69WBbljzGmftQEwvPvdQCn47bnQEqSH28wo5_xO9GukWkq1~1=WXiejI_zOAO1ZH00D1jkN2c7fW8GW8200QghrC3Y1801hzBs0eW1nyZ4z7EG0R3brVhEW8200fW1iENL-awW0O3Sg060tDNwJhW1rldev27O0VIahva1u06MbQ-P0UW1hWEW0exwXG6O0y24FR03iIo81ShqFf05oiXxi0MLjH-u1PMr7yAH3k05TwW6uWAm1u20a0ou1u05yGS008Y7_KB92k1QOEX_UF0_-0g0jHZP2_kiq0s9B10Sw0lAz3wf31gr8Tl_FDe_w0oR1fWDijn2Fw0Em8GzsG-04BgGW1sXu171cK_e4PcjiPh6mfoiZ_1tz40bhO2MkSFAFvWJ0gWJXjoJwV_Anvy2u1ELjH-85E2HdDJjwv2nKw0KbRKVg1JAo7lwci231kWKZ0BG5OEwruC6s1N1YlRieu-y_6EW5j2ltOC6i1RQ1CaMq1QIcTw-0O4Nc1UNjRGik1S1m1Ur4jWNm8Gzw1S1cHYW60Um68Axz8C6k1W1-1ZurjN2aQstY6M06OaPD2-G6G6W6S01k1d___y1u1a1w1c02F0PWC83WHh__xFfUt2Vqf0QW821W820W42u6W7r6W40000S00F5E587SGrb58e86YA1V8G6oLZd1ZPyMMhfzfS-M61LkpEabomGJ4QiWiPQ46ehx7nakQny73kItk8YS60uOc1fiR4L29-i8E8Ftl1AwVp1VX_vfMOknZOn1m00~1?stat-id=1&test-tag=69269530409473&format-type=126&actual-format=78&pcodever=14462&banner-test-tags=eyI3MjA1NzYwNDYzNTUzOTgwMCI6IjU3MzYwIn0%3D&renderWidth=1024&renderHeight=165&confirmTime=2100000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://getfile.dokpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Apr 2021 06:45:50 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 06:45:50 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/count/WIGejI_zO6S0rGW0P0vd8v7-OlzZJWK0Pm4GmO200J4S9trW000003Yyhn-80W6v0iBSI6WFZVeEy0Bx_Pszu0_m1G6W1k82k0R00Sa670CzDFC-or7P1W00032_0000gGVxhD0DYImG780A0OWA3MGpLSpxh000rs84hat0y0i6g0_xsPA5aP6BY1oG48AdpO31aQdkkm7u40hYdxR92V0I28ZW507O5S6AzkoZZxpyO_395l0_WHUe5msP6D0O8VWOW1cu6V___m706PkEj8gZu_x1Oz8P4dbXOdDVSsLoTcLoBt8rCJajC-WPW0Zm6O320my0n6jWK71NHSCakeMGK69WBbljzGmftQEwvPvdQCn47bnQEqSH28wo5_xO9GukWkq1~1=WXiejI_zOAO1ZH00D1jkN2c7fW8GW8200QghrC3Y1801hzBs0eW1nyZ4z7EG0R3brVhEW8200fW1iENL-awW0O3Sg060tDNwJhW1rldev27O0VIahva1u06MbQ-P0UW1hWEW0exwXG6O0y24FR03iIo81ShqFf05oiXxi0MLjH-u1PMr7yAH3k05TwW6uWAm1u20a0ou1u05yGS008Y7_KB92k1QOEX_UF0_-0g0jHZP2_kiq0s9B10Sw0lAz3wf31gr8Tl_FDe_w0oR1fWDijn2Fw0Em8GzsG-04BgGW1sXu171cK_e4PcjiPh6mfoiZ_1tz40bhO2MkSFAFvWJ0gWJXjoJwV_Anvy2u1ELjH-85E2HdDJjwv2nKw0KbRKVg1JAo7lwci231kWKZ0BG5OEwruC6s1N1YlRieu-y_6EW5j2ltOC6i1RQ1CaMq1QIcTw-0O4Nc1UNjRGik1S1m1Ur4jWNm8Gzw1S1cHYW60Um68Axz8C6k1W1-1ZurjN2aQstY6M06OaPD2-G6G6W6S01k1d___y1u1a1w1c02F0PWC83WHh__xFfUt2Vqf0QW821W820W42u6W7r6W40000S00F5E587SGrb58e86YA1V8G6oLZd1ZPyMMhfzfS-M61LkpEabomGJ4QiWiPQ46ehx7nakQny73kItk8YS60uOc1fiR4L29-i8E8Ftl1AwVp1VX_vfMOknZOn1m00~1?stat-id=1&test-tag=69269530409473&format-type=126&actual-format=78&pcodever=14462&banner-test-tags=eyI3MjA1NzYwNDYzNTUzOTgwMCI6IjU3MzYwIn0%3D&renderWidth=1024&renderHeight=165&confirmTime=2100000&confirmRatio=1000000&wmode=0
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 19 Apr 2021 06:45:50 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.80/1-1-0	1970-01-19 17:41:41	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.80/1-1-0	1970-01-19 17:48:53	Name: pcssspb Value: 1
.dokpub.com/	1970-01-19 17:40:16	Name: _ym_visorc Value: w
.dokpub.com/	1970-01-19 17:41:26	Name: _ym_isad Value: 2
.dokpub.com/	1970-01-20 02:25:50	Name: _ym_d Value: 1618814748
.dokpub.com/	1970-01-20 02:25:50	Name: _ym_uid Value: 161881474866671110

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8d0b5c0d-9b60-4198-bc0d-ba40147ddfbf.sync.upravel.com
an.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
getfile.dokpub.com
googleads.g.doubleclick.net
informer.yandex.ru
mc.yandex.com
mc.yandex.ru
profile.ssp.rambler.ru
redirect.frontend.weborama.fr
sonar.semantiqo.com
ssp.adriver.ru
stats.mos.ru
sync.1dmp.io
sync.upravel.com
www.google.com
www.google.de
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
142.250.186.34
148.251.41.166
172.217.23.98
18.202.205.86
185.15.175.174
2001:6d0:4001::226
212.11.152.207
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
35.190.16.14
37.18.16.22
78.46.16.13
78.46.92.107
80.64.106.148
80.64.106.149
81.222.128.216
88.212.201.210
88.99.149.88
89.108.120.68
91.192.150.14
01d0ea1b7fe1fc63ab2bc12977f7f3f82afbaa87906a2c0b7af380bd0acfeed2
0986d92029f4bf3a03a8c3de38636d5f97c17f8b818347488db3a1b2b300ba42
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1a58653b1d34da07818ccc196f91736ba7b21841bc1e1c1e7416d8c699239ed1
1af42d31e60876de173d567456234174f8f432223cd04bfdf5f14fd2fe01775c
2d37f01d2947b8657264de8df2fb6dfa1f32eb0373b34b481ee692f67b9162cc
39ed028b8ff044efd74d8d7f9fa0e94ca2e6c29bdebb2abdb317147cfae2f725
3b4eaaad515f3e9b673d8a259d868f474c1684914d61705f947f19fe6ae3bb28
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553eb5bbd710f85a90e930f22e9c7dec5b9d5e28ff96b7129802b7fe894a4209
59fa717ec715f5ca36faf27ca3fdba4f014cf23ab3d68b1621ee9fc56c9e3f5d
60acf8f67fb72fb434380255c3e2426185dcc56e1daf2500b742a374b965f19a
77d09953400f51db88922140c65ba03c93e7d04bb0a169ffd8e5369ab9b5729f
7d3ec64a70e026a60eefc7c956b09dd481ed06e8ff39d13cbdfb6e8bc1ea4c0d
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
d58c988f6eb2a2268d2e17e381ea38bd49c9df38eaa393e32b84bedba0c5facf
dca52f1fb6f95dcf0f9b3302e5d9d32c224e884dfa8769b8ed0c020c21011758
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f22a3d485c576eac167aa7a961b7fe261374b7efe45268bed79e52bad8ec6001
f3e529f229a0af2b8a2fcaa361a7d5172422f55a3df85fa606f883af1f7a19e6
f507c78268e95aae05ef2521792b1b368826df3c7c89eccbb2a6118d5c5a7885

getfile.dokpub.com Open in urlscan Pro 78.46.92.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

37 %IPv6

23 Domains

30 Subdomains

15 IPs

5 Countries

381 kBTransfer

1289 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

getfile.dokpub.com Open in urlscan Pro
78.46.92.107 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

37 %
IPv6

23
Domains

30
Subdomains

15
IPs

5
Countries

381 kB
Transfer

1289 kB
Size

6
Cookies

58 HTTP transactions
1 data transactions