steepman.ru Open in urlscan Pro
2606:4700:3037::ac43:b7c7 Public Scan

URL:
http://steepman.ru/
Submission: On August 11 via api (August 11th 2021, 11:34:42 pm UTC) from US

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 45 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3037::ac43:b7c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is steepman.ru.

This is the only time steepman.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3037::ac43:b7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	185.203.72.224 185.203.72.224	42240 (VARITI-IN...) (VARITI-INT-AS)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3 4	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
6 15	46.4.114.109 46.4.114.109	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	67.216.91.5 67.216.91.5	35415 (WEBZILLA) (WEBZILLA)
2 3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	157.90.179.214 157.90.179.214	24940 (HETZNER-AS) (HETZNER-AS)
3	195.201.243.72 195.201.243.72	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.153 193.232.148.153	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3039::6815:c034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
3 5	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.108.196 195.201.108.196	24940 (HETZNER-AS) (HETZNER-AS)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	95.163.37.253 95.163.37.253	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 3	188.34.131.132 188.34.131.132	24940 (HETZNER-AS) (HETZNER-AS)
2 4	185.15.175.144 185.15.175.144	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 3	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1 1	193.106.93.124 193.106.93.124	48614 (ITSOFT-AS) (ITSOFT-AS)
2 4	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 1	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
4 4	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	176.9.158.88 176.9.158.88	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2	2606:4700:10:... 2606:4700:10::6816:557	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.212.233.108 88.212.233.108	7979 (SERVERS-COM) (SERVERS-COM)
16	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
127	35

30 2606:4700:3037::ac43:b7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

steepman.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.203.72.224 (Switzerland)

ASN42240 (VARITI-INT-AS, CH)

wycji.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xksqb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.216 (Russian Federation) 3 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 46.4.114.109 (Germany) 6 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 67.216.91.5 (United States)

ASN35415 (WEBZILLA, NL)

c.jjcus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.179.214 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz1407632.sapientru.net

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.153 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp14.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.47 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c034 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.94 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.108.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.108.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.37.253 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.34.131.132 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.132.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.144 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.99.213.228 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.93.124 (Russian Federation) 1 redirects

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.120.68 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.168 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.158.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.158.9.176.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:557 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.108 (Russian Federation)

ASN7979 (SERVERS-COM, US)

api.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	steepman.ru steepman.ru	263 KB
18	acint.net 6 redirects www.acint.net acint.net	16 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	220 KB
10	jjcus.com c.jjcus.com	196 KB
9	yandex.ru 4 redirects mc.yandex.ru an.yandex.ru	95 KB
7	ampproject.org cdn.ampproject.org	125 KB
7	yandex.com 3 redirects mc.yandex.com	4 KB
7	wycji.top wycji.top	59 KB
6	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru dmg.digitaltarget.ru	22 KB
5	bumlam.com 3 redirects sync.bumlam.com	3 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	19 KB
4	aidata.io 2 redirects x01.aidata.io	2 KB
4	adriver.ru 2 redirects ad.adriver.ru ssp.adriver.ru	2 KB
4	yadro.ru 3 redirects counter.yadro.ru	3 KB
3	advarkads.com s3.advarkads.com api.advarkads.com	7 KB
3	1dmp.io 2 redirects sync.1dmp.io	1 KB
3	com.ru 3 redirects adx.com.ru	1 KB
3	adsniper.ru 3 redirects sync3.adsniper.ru	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com	2 KB
3	xksqb.com xksqb.com	29 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	841 B
2	republer.com 2 redirects sync.republer.com	953 B
2	adhigh.net 2 redirects px.adhigh.net	826 B
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	gnezdo.ru fcgi4.gnezdo.ru	189 B
1	new-programmatic.com match.new-programmatic.com	215 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	327 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	rktch.com 1 redirects ut.rktch.com	544 B
1	beeline.ru 1 redirects 0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru	633 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru	416 B
1	prodmp.ru 1 redirects prodmp.ru	278 B
1	relap.io relap.io	985 B
1	adlmerge.com adlmerge.com	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru	108 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	hybrid.ai dm.hybrid.ai	238 B
1	utraff.com a.utraff.com	734 B
1	mail.ru ad.mail.ru	635 B
1	sape.ru 1 redirects ssp-rtb.sape.ru	566 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	657 B
127	45

	Domain	Requested by
30	steepman.ru	steepman.ru
15	www.acint.net	6 redirects steepman.ru www.acint.net
10	c.jjcus.com	wycji.top xksqb.com c.jjcus.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	mc.yandex.com	3 redirects steepman.ru
7	wycji.top	steepman.ru wycji.top
5	an.yandex.ru	2 redirects www.acint.net
5	sync.bumlam.com	3 redirects www.acint.net
5	pagead2.googlesyndication.com	steepman.ru pagead2.googlesyndication.com tpc.googlesyndication.com
4	sm.rtb.mts.ru	4 redirects
4	x01.aidata.io	2 redirects www.acint.net
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	counter.yadro.ru	3 redirects steepman.ru
4	mc.yandex.ru	2 redirects steepman.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	sync.1dmp.io	2 redirects www.acint.net
3	adx.com.ru	3 redirects
3	sync3.adsniper.ru	3 redirects
3	acint.net	www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	xksqb.com	steepman.ru xksqb.com
2	s3.advarkads.com	www.acint.net s3.advarkads.com
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	sync.republer.com	2 redirects
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	www.google-analytics.com	steepman.ru www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	api.advarkads.com	s3.advarkads.com
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	ut.rktch.com	1 redirects
1	0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	prodmp.ru	1 redirects
1	relap.io	www.acint.net
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
127	54

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.steepman.ru R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.acint.net R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.bumlam.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
adlmerge.com R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
relap.io GeoTrust RSA CA 2018	`2020-10-01` - `2021-10-06`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
sync.1dmp.io R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
new-programmatic.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
dmg.digitaltarget.ru R3	`2021-06-07` - `2021-09-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://steepman.ru/
Frame ID: 47363428D8D496AAFD646DC142BCB74B
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 47BC38CFDE5ED77820507503524862C6
Requests: 1 HTTP requests in this frame

Frame: http://wycji.top/jsonp.php?eyJiIjo2NzE3NDksImMiOiJkalF1YjJsVFF6aHRNVmxOUzBsVGNsQk5SbTFpTDBsak4zUTFkVm9yWXpORlMwaFBaV2RtVUZKR09Vb3JZalJvVFd0bVV6TktUSGRuVlc1bWVpOUJUUzlCYTFCNVpXUlpWbVJvYnlzMmVHYzFUMWxQT0dGbGRqVjJVMkZxUVZoaWRFZGpOSGRpVUZoc1NtOTNNRVk1UkhGUGRWVmFiekZMVEZkWFIwSXpVMDEwVDIxaGRraGtWSEJDVUU5eloxZHpOVmh6VWtJeWIwOVJjVEZpUzFsdk5IbFZLeXRwVVdKWVpESjJNblpGSzNSRU0xRmlRak5FWTNaSllreDVWMWc1T0ZWT1dHRlVTbXc0UWs1MldrRlVaVEo1S3pCT2JVeEVhemsxYzAxUlBRPT0iLCJyZWYiOiIiLCJta2V5IjoibXNnMjQxMjQiLCJ1bWQiOjAsInJlbmRlciI6IntcImlcIjowLFwib1wiOjAsXCJ3XCI6MSxcIm1cIjowLFwiYVwiOjAsXCJtYlwiOjB9IiwicGxpZCI6Njg1MjIwNjM2NTIxNjM0OSwiX3IiOjEzNH0
Frame ID: E396CC142D34FFCF890FB1DF534B1A5E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126
Frame ID: 58C8A31A28CF4CBE7EF60F2582BE4527
Requests: 16 HTTP requests in this frame

Frame: http://wycji.top/jsonp.php?eyJiIjoyNzM1OTksImMiOiJkalF1YjJsVFF6aHRNREpLU2pab1JqaDRVMHcyZDBWaFl6VXpObkF4U0RsTFNERnVOa3MxTXpaNVdUZG9NRFJ4T1VwWFlVRm9NRzR6YUdwTFprNU1NVFZDVURWcWJuQk9UMWRYUTNNMVJuUk5NaTl6VlRSd2VFSmpTRFZaU2prNE5XaE1WRTlLT0hJMGRtcEhka2xvWWxSWldTc3djRmxVYjNCdmNraDFTVlZpWjBaUVZHWm5OblJ1WVdKTFpIRlpaWE51ZVhCdmMzRjVPRlJ3ZEhKTFNXRjRaMkUyY0RoUlJHOHZOR0Z5UTFGUFNIbFdZalZMYUVGdlRYQjZMelpJV25KNVQxSlpaVVl6UkhKcWVuVmpSMHAwWW5GVVVXZEZMMVF4VDBKU1MxbG5QVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ3MTMwIiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjo3NjYzMH0
Frame ID: 8133055B4EE187616889088B07137789
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&adk=1812271804&adf=3025194257&lmt=1628724865&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsteepman.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628724864945&bpp=1&bdt=821&idt=77&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=432240763658&frm=20&pv=1&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=82
Frame ID: 4FE474C47134A6B5A89AFB1081C602B5
Requests: 1 HTTP requests in this frame

Frame: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Frame ID: F86E3766D346868AC014540A030A4E58
Requests: 5 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 90DBE297F10774880B288537335A256C
Requests: 32 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
Frame ID: 6FB30685D6AACC5EEC93420676353DD3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 37F694E0E195D79F1D3A19D7D86449D0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42DA5E80C6859EB3A1D8E390425B961D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

127
Requests

69 %
HTTPS

27 %
IPv6

45
Domains

54
Subdomains

35
IPs

6
Countries

1104 kB
Transfer

2515 kB
Size

42
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

http://counter.yadro.ru/hit?t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%u0432%u0441%u0435%20%u0441%u043B%u0443%u0447%u0430%u0438%20%u0436%u0438%u0437%u043D%u0438%21;0.4640029516399262 HTTP 302
https://counter.yadro.ru/hit?t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%u0432%u0441%u0435%20%u0441%u043B%u0443%u0447%u0430%u0438%20%u0436%u0438%u0437%u043D%u0438%21;0.4640029516399262 HTTP 302
https://counter.yadro.ru/hit?q;t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%u0432%u0441%u0435%20%u0441%u043B%u0443%u0447%u0430%u0438%20%u0436%u0438%u0437%u043D%u0438%21;0.4640029516399262

Request Chain 39

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 40

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 41

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 53

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 54

http://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8!&oE=1&oP=1&dT=2021-08-12T01%3A34%3A25.049&fu=19f9aba0-4d1e-4c58-875a-47a952e28a46 HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8!&oE=1&oP=1&dT=2021-08-12T01%3A34%3A25.049&fu=19f9aba0-4d1e-4c58-875a-47a952e28a46

Request Chain 58

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862&crf=1

Request Chain 59

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=0100007F815E146141001431027EEB62

Request Chain 60

https://px.adhigh.net/p/cm/sape?u=0100007F815E14616B02B63E0246F862 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F815E14616B02B63E0246F862&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=0jjzZivlMm1.AikABlF7N5EpCw

Request Chain 62

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4356766326 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AFCRRnqpcbu7n_ysppHaX-A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F815E14616B02B63E0247F862

Request Chain 64

https://sync.republer.com/match?dsp=sape HTTP 307
https://sync.republer.com/match?dsp=sape&qset=1 HTTP 307
https://sync.bumlam.com/?src=rp1&uid=7b969fb3-b1e7-4b6b-8b1a-746003a5dce6 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBvdGIBlIEioaQK2IkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiBvdGIBlIEioaQK2IkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf4FeFGFrArY-Akb4Yg HTTP 302
https://www.acint.net/match?dp=77&euid=

Request Chain 69

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862

Request Chain 72

https://adx.com.ru/sape-sync?uid=0100007F815E14616B02B63E0246F862 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F815E14616B02B63E0246F862 HTTP 302
https://dmg.digitaltarget.ru/1/6733/i/i?a=892&e=61145e81d41e061c0a55fb56&i=646984475798577050&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3D1ff6bf67-bdc8-400e-bc26-d735d8654ed6%26pid%3Dw%26uid%3D61145e81d41e061c0a55fb56%26ru%3Dhttps%253A%252F%252Fredirect.frontend.weborama.fr%252Frd%253Furl%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fweborama-sync%25253Furl%25253Dhttps%2525253A%2525252F%2525252Fprodmp.ru%2525252Fyabbi.gif%2525253Fuid%2525253D61145e81d41e061c0a55fb56%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fx01.aidata.io%252525252F0.gif%252525253Fpid%252525253D9712851%2525252526id%252525253D61145e81d41e061c0a55fb56%2525252526dest%252525253D%252526webouid%25253D%257BWEBO_CID%257D HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6733/i/i?call_source=awg&a=892&e=61145e81d41e061c0a55fb56&i=646984475798577050&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3D1ff6bf67-bdc8-400e-bc26-d735d8654ed6%26pid%3Dw%26uid%3D61145e81d41e061c0a55fb56%26ru%3Dhttps%253A%252F%252Fredirect.frontend.weborama.fr%252Frd%253Furl%253Dhttps%25253A%25252F%25252Fadx.com.ru%25252Fweborama-sync%25253Furl%25253Dhttps%2525253A%2525252F%2525252Fprodmp.ru%2525252Fyabbi.gif%2525253Fuid%2525253D61145e81d41e061c0a55fb56%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fx01.aidata.io%252525252F0.gif%252525253Fpid%252525253D9712851%2525252526id%252525253D61145e81d41e061c0a55fb56%2525252526dest%252525253D%252526webouid%25253D%257BWEBO_CID%257D HTTP 307
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61145e81d41e061c0a55fb56&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru%252Fweborama-sync%253Furl%253Dhttps%25253A%25252F%25252Fprodmp.ru%25252Fyabbi.gif%25253Fuid%25253D61145e81d41e061c0a55fb56%252526r%25253Dhttps%2525253A%2525252F%2525252Fx01.aidata.io%2525252F0.gif%2525253Fpid%2525253D9712851%25252526id%2525253D61145e81d41e061c0a55fb56%25252526dest%2525253D%2526webouid%253D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61145e81d41e061c0a55fb56%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61145e81d41e061c0a55fb56%252526dest%25253D%26webouid%3D{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61145e81d41e061c0a55fb56%2526r%253Dhttps%25253A%25252F%25252Fx01.aidata.io%25252F0.gif%25253Fpid%25253D9712851%252526id%25253D61145e81d41e061c0a55fb56%252526dest%25253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1746004712 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61145e81d41e061c0a55fb56%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61145e81d41e061c0a55fb56%2526dest%253D&webouid=zK5Dj5XmugGewlpTw1nPK. HTTP 302
https://prodmp.ru/yabbi.gif?uid=61145e81d41e061c0a55fb56&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61145e81d41e061c0a55fb56%26dest%3D HTTP 302
https://x01.aidata.io/0.gif?pid=9712851&id=61145e81d41e061c0a55fb56&dest=

Request Chain 73

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862&cs=1

Request Chain 74

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=RF9nufjCPzCQ

Request Chain 75

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=9de863e9-e969-52e0-bf77-d1fade638f7b

Request Chain 76

https://0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru/p?ssp=sp&id=0100007F815E14616B02B63E0246F862 HTTP 301
https://www.acint.net/match?dp=111&euid=91e314ee-cc2b-4ac5-92bf-779cec1b1cd8

Request Chain 77

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F815E14616B02B63E0246F862 HTTP 302
https://sm.rtb.mts.ru/p?ssp=natimatica&id=d879d43c25e020c897543b01c65c1e98473e HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&ssp=natimatica&exu=d879d43c25e020c897543b01c65c1e98473e HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F6PAhlHb5TJmeXSym2_pLFw%3Flocation%3Dhttps%253A%252F%252Fut.rktch.com%252Fmatchsbm%253Fbi%253D29%2526bui%253De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17%26sign%3D110919276 HTTP 302
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=110919276

Request Chain 78

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F815E14616B02B63E0246F862 HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&ssp=sape&exu=0100007F815E14616B02B63E0246F862 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F6PAhlHb5TJmeXSym2_pLFw%3Flocation%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D125%2526euid%253De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17%26sign%3D3852232431 HTTP 302
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431 HTTP 302
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431

Request Chain 79

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=ac56e1b2-8929-4346-5b25-82f6d0468f6e

Request Chain 80

https://s.uuidksinc.net/match/396/0100007F815E14616B02B63E0246F862 HTTP 302
https://www.acint.net/match?dp=127&euid=xwiwYmrJypOdD16LwB5o

Request Chain 83

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F815E14616B02B63E0246F862 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F815E14616B02B63E0246F862&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=FAD659D8898BBE4F8FE8&back=STOP

Request Chain 84

https://sync.bumlam.com/?src=sap1&uid=0100007F815E14616B02B63E0246F862 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBvdGIBlIFrbKc-w9iIDAxMDAwMDdGODE1RTE0NjE2QjAyQjYzRTAyNDZGODYy HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQABiBvdGIBmIgMDEwMDAwN0Y4MTVFMTQ2MTZCMDJCNjNFMDI0NkY4NjKiARCqAzgS-vwR66bpACWQyCQ3

Request Chain 85

https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862?redir-setuniq=1

Request Chain 94

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9362.2W7xPPrUOL_ZVjdlbt8gheHqwiGjWvP7ntNrlEi5NEpf8NaXwdwUHW-TDjJbM2YP.TKep-qE8cC3oLhe0gUomJ9MEhsc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9362.L_sXESNGQEuJZbl6sJ3fB4N7Tomru-HcV5wEPxPZll3M9Y1YcgKXkdPETNiHqJ3blSOwVNDwDq1O4r1v2ouwKw%2C%2C.tK2e5bYl-3eTe1pcotTyd7NtqVs%2C

Request Chain 113

https://mc.yandex.com/watch/23457205?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A262629053567%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A809500399%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8! HTTP 302
https://mc.yandex.com/watch/23457205/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A262629053567%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A809500399%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21

Request Chain 114

https://mc.yandex.com/watch/21983401?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A295700085380%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A1020452385%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8! HTTP 302
https://mc.yandex.com/watch/21983401/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A295700085380%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A1020452385%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21

Request Chain 126

http://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051

127 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
steepman.ru/ 57 KB
13 KB 896ms
842ms Document
text/html 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.4
Resource Hash: fbbbfcf43f82904a3386ac78a77d7fe7f2d741774a35af0ff390da1624dfaf08

Request headers

Host: steepman.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.2.4
x-hyper-cache: stop - no cache header
link: <https://steepman.ru/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSMqWv4xs4mmaUZhQ8D47s2EWfvXuaPD3b7TZ822GoRFoCd0yKDZa%2F1pO%2Bs%2Fgj5XvlmhXSxR8qkPw2jnfX%2F1vSrXL%2BdrHVcljiVokz%2BgOjXZr5b%2Fu0WbULXR53NRNfqCGJrhjmUSBUoaMw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 67d5463b7fb6175e-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
steepman.ru/wp-content/themes/twentyten/ 17 KB
5 KB 82ms
81ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/themes/twentyten/style.css
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6068e7c31c9b85761b590d29013317991c91a0ef65608c4aa3dc42fadeeeba3b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 4410
last-modified: Thu, 12 Mar 2015 19:15:58 GMT
Server: cloudflare
etag: "4466-5111c36b2d780-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtpXr9rYNk9u1X0Pw3SZYlhNPs0DRSm8ouH2Ku%2F3cf5PXXZb5x8JJQolwPeBimiwFSDv6BdV5X1VGkov%2F9RHhNGT1qgCDCtzR3sm8fSo%2FfGFld7XvCBPKAD6G2JWYi%2BKC5GJTALR8KFNBw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640ccb3175e-FRA

GET
H2 200 wordpress-file-monitor.php
steepman.ru/wp-content/plugins/wordpress-file-monitor/ 0
619 B 683ms
659ms Stylesheet
text/html 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://steepman.ru/wp-content/plugins/wordpress-file-monitor/wordpress-file-monitor.php?ver=scan
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.4
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfLvSc764fUQujVJM6XHhVwiXaqqlW%2FIQqHBh7%2Bp5cqAOM7csFQelGw3TPgP%2FxIbVkUZfOnVsBAnLMcPxjgTO5hk%2BfJvh2HeYbm51%2F9F6JVqGjzHMRVsnsjL017wRlZyAit2aBUHGfPKGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-hyper-cache: stop - query string
cf-ray: 67d54640fb9e430f-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK hb_gorizontal.css
steepman.ru/wp-content/plugins/socialize-it/css/ 747 B
1 KB 91ms
85ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/socialize-it/css/hb_gorizontal.css?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3275cf40c8cfc7c021d8bcc0ecfe66c9e50e8f87dedea75610a5afe424d615

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 347
last-modified: Wed, 31 Jul 2013 08:17:54 GMT
Server: cloudflare
etag: "2eb-4e2ca5cbcf080-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fePZjkUWhM9nD4TlGB4HD2qVn%2BqEmiS%2FaNYqt55cYga%2FcinCIjOyf3m%2FJrXsuNcR%2FSarweDwJc3fafhpHnsHv2%2F8NrzJLhFAtnKetB94VVfymHrilkg6koQxu6%2FbSS7aXn1KLqL7Fd88qw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640dfb6c2ae-FRA

GET
H/1.1 200
OK style.min.css
steepman.ru/wp-includes/css/dist/block-library/ 53 KB
9 KB 88ms
82ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 7907
last-modified: Sun, 06 Sep 2020 10:24:28 GMT
Server: cloudflare
etag: "d293-5aea281c05d80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nHEBO9pcEvC3jskItFKQ3yyLL5hycAOkq6RcbyVDx2lpzPtXw%2FeKrMZ42D2jCAULl6kiLjlIRcLAvvPm7%2B%2BX1WLzEE0ugNSdG%2Bt2l2CtKxYwLFJ0gv61FL921cDSIkaAseflfWJzGARyw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640d84b4dee-FRA

GET
H/1.1 200
OK front_end_style.css
steepman.ru/wp-content/plugins/captcha/css/ 2 KB
2 KB 99ms
92ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/captcha/css/front_end_style.css?ver=4.4.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4cd126b21a4a71df6b2eb9210d37eca993c879b5fff2eb5808741c5b3069d03

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 724
last-modified: Fri, 22 Dec 2017 16:44:03 GMT
Server: cloudflare
etag: "724-560f0862bfac0-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlSJ8vkV%2FjbfxWh2loW7%2FO3Y6Lsa3X7h9bADDY5J1LhNB%2FJEBYhnTqrH%2FWyCVEwas50EGWUrO0u%2BbnjyHRh8Ogg3rYDMCi%2BfN7x6b85bmO6yW%2BGtC8CYJvWElm%2BIffnlHZ5nRmqagN3w%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640d9f7dfbf-FRA

GET
H/1.1 200
OK dashicons.min.css
steepman.ru/wp-includes/css/ 58 KB
36 KB 117ms
110ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/css/dashicons.min.css?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 35726
last-modified: Thu, 15 Apr 2021 04:27:31 GMT
Server: cloudflare
etag: "e687-5bffb4820c67f-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVD5%2BhZKqCkOLz46FtvrZLz%2Fap4nGqFSMcZPpojTdyhK8qlakECP61%2BESELhPsSfJNYOoqPfS18HlAnowWf4YktyQeG2Su%2FRPtPQhH4niXpN4Vpl54%2B%2FLfkozY9Z%2F6G5xAjyqQzG70W3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640da800625-FRA

GET
H/1.1 200
OK desktop_style.css
steepman.ru/wp-content/plugins/captcha/css/ 2 KB
1 KB 84ms
77ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/captcha/css/desktop_style.css?ver=4.4.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 410
last-modified: Fri, 22 Dec 2017 16:44:03 GMT
Server: cloudflare
etag: "6d3-560f0862bfac0-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5tX6OTnEGpmscqkxnnjH21Hu1mjnr8b7U%2Bx8BM5GT8ZLBgkDQiHNjex1YgvxvDIXdLjHJ88o9uxrsOe0A2784EjqoyyzOByFMwhQ6xeq2gLWfrg%2B6qdcL182q%2BcQY4GMapgFJg0586nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54640ddac2bb9-FRA

GET
H/1.1 200
OK styles.css
steepman.ru/wp-content/plugins/contact-form-7/includes/css/ 2 KB
2 KB 163ms
78ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.2
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 728
last-modified: Sun, 06 Sep 2020 10:23:27 GMT
Server: cloudflare
etag: "780-5aea27e19df1e-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqIYN5zUTFxDMCBoVC6qMFBOHYmb8cEeqcmrz0MbThGGYcbJoEdOycLtDv0izvUNAsRg%2BzSFJYda%2BpPBIVV0kTQJSJFDUMtjaGWT0Xq3072Ys0kQ2x3RMSuwg2oESXLFK7SjX2GrPgagCg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546415d25175e-FRA

GET
H/1.1 200
OK style.css
steepman.ru/wp-content/plugins/scroll-top-and-bottom/css/ 628 B
1 KB 159ms
73ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/scroll-top-and-bottom/css/style.css?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb6574655125d71a82d526d304d1227af750484deb25496b77e25d5c5032341

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 289
last-modified: Sun, 20 Mar 2016 00:23:09 GMT
Server: cloudflare
etag: "274-52e6ffc147540-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il7IplnnRuidB2nD9ChVxKebdt2P1dl3AdF%2FQ9zphsJrd3Nnvr2Qtodx2olCHcyp3MculnS2dXAJiiHgDI0JXx5PJ6DkmISL9ZEbzLJxMmzFP%2FShB8FKfdNH8x3u%2BUjIXAWcOvt2Id55ng%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546415e1f2bb9-FRA

GET
H/1.1 200
OK jquery.js Show response
steepman.ru/wp-includes/js/jquery/ 95 KB
34 KB 209ms
109ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 33776
last-modified: Thu, 05 Sep 2019 04:28:40 GMT
Server: cloudflare
etag: "17a69-591c6c193980d-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Isds4gq58QMGdIS6d3usg7BDuvGqnttTKAFvDGFJtwQ%2Bkj7uTjsqrWUCoWVEza7f9mHEg7z1D19Bl4elLqHR4OvrL%2FzJuTJyXEZ7FaVRYYaY%2Bvm4RAvzzoxJutfSPk2fxhWDglh0qIq8aw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546416a83dfbf-FRA

GET
H/1.1 200
OK script.js Show response
steepman.ru/wp-content/plugins/scroll-top-and-bottom/js/ 540 B
1 KB 190ms
72ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/scroll-top-and-bottom/js/script.js?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0f089dc7b0b244cbd386bc6ebcce884050062d0d6a41ed7350ddb3dd193bdd4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 211
last-modified: Sun, 20 Mar 2016 00:23:09 GMT
Server: cloudflare
etag: "21c-52e6ffc147540-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldf2SdSSzG1wh0mLmuiEVOD1VTlRxZa8CkPLzgMYPrlQqGeORLRQbeoPJdFGbV09OqrpqHLGLsbAvpludvFOddVgEhyTSZzAUyAUr%2By9opyJoPSCcOqkLs3s4LXspUFFZJnC%2BXiuI7yqqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546418b540625-FRA

GET
H/1.1 200
OK plugin.css
steepman.ru/wp-content/plugins/wp-table-reloaded/css/ 980 B
1 KB 162ms
72ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/wp-table-reloaded/css/plugin.css?ver=1.9.4
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687a44ded2afd0ffd0e142762dcdf4e440ba81cbb1a688eaa25035e271c0c55e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 414
last-modified: Wed, 31 Jul 2013 08:19:24 GMT
Server: cloudflare
etag: "3d4-4e2ca621a3b00-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3ZmRmCcrVIVM3dhmlf%2F693JrMDaOjgYF0h0czwSUlkWhFJ5%2F71nJxTx%2B9MShLbzx0InsyUttod7wdJ1JFYg5b32m6Dz1qZ%2B32MKuL2N7tzEmmJgoq83x6RNHpFLRXkrsUwzxQ1ttWD%2FDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d5464159254dee-FRA

GET
H/1.1 200
OK datatables.css
steepman.ru/wp-content/plugins/wp-table-reloaded/css/ 2 KB
1 KB 171ms
79ms Stylesheet
text/css 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/wp-table-reloaded/css/datatables.css?ver=1.9.4
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e22ce21c57f31404ec65afddc6c88d9f0943892d30dba4cb1ee7740b4adbaee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Connection: keep-alive
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 581
last-modified: Thu, 12 Mar 2015 18:59:16 GMT
Server: cloudflare
etag: "6cf-5111bfaf98900-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnfyCa7LMOAi2enw4WEXyqvsR%2FH1w4S5sX70VBaX4MigHfgoGOswqETBi6PMVKTQQVVrUkcliT14k1JScmqZHv%2BRPAJjzETWYpc64imHAvy4GFLy%2BB743DVrYLY4oXhbVpyk2EXvsQSO2g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546415852c2ae-FRA

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7d1ad6799d69e6b2554f3ca7b64411f5f3ca8e4e62e45a746421d8cdbc665e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7032553261440607969
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49886
X-XSS-Protection: 0
Expires: Wed, 11 Aug 2021 23:34:24 GMT

GET
H/1.1 200
OK 2750bc.js Show response
wycji.top/e3d0a38/f897/ 69 KB
24 KB 107ms
73ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/e3d0a38/f897/2750bc.js
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: f1dff558f86f73763dd5d293fc80a480b21e25e60831e496b75b9b504c4277cf

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Mar 2019 13:09:00 GMT
Server: nginx
ETag: "5c9cc76c-5e14"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 24084
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4135167387:1

GET
H/1.1 200
OK 58a7af.js Show response
wycji.top/c7/b3761f56acad9/ 69 KB
24 KB 50ms
15ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/c7/b3761f56acad9/58a7af.js
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: f1dff558f86f73763dd5d293fc80a480b21e25e60831e496b75b9b504c4277cf

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Mar 2019 13:09:00 GMT
Server: nginx
ETag: "5c9cc76c-5e14"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 24084
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4153413197:1

GET
H/1.1 200
OK 6709.js Show response
xksqb.com/31s0f/31/3caae/ 69 KB
24 KB 30ms
16ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://xksqb.com/31s0f/31/3caae/6709.js
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: f1dff558f86f73763dd5d293fc80a480b21e25e60831e496b75b9b504c4277cf

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Mar 2019 13:09:00 GMT
Server: nginx
ETag: "5c9cc76c-5e14"
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 24084
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4159321544:1

GET
H/1.1 200
OK 2_u.ico
steepman.ru/wp-content/plugins/scroll-top-and-bottom/icon/ 8 KB
2 KB 73ms
73ms Image
image/vnd.microsoft.icon 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://steepman.ru/wp-content/plugins/scroll-top-and-bottom/icon/2_u.ico
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75161ac289beefd58025e5f14b5ad0290aa346d556f52cde1beedcd279afc72b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 20 Mar 2016 00:23:09 GMT
Server: cloudflare
ETag: W/"2166-52e6ffc147540"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UePi7l3NbYQiAe0zz8ONkMxQFaSKNqUWOZhutHJ6IP356GQzq5wnwhmZ1J0Yug1k15WECObSjVahnVd9P5XvxcbafecHhqP1e6%2FLDp2OgEWjZRXbeSfT01SQEdrL6%2B%2BXSOjqBX9xRviv2A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/vnd.microsoft.icon
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cache-Control: max-age=691200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67d546441d6adfbf-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK 2_d.ico
steepman.ru/wp-content/plugins/scroll-top-and-bottom/icon/ 8 KB
2 KB 49ms
49ms Image
image/vnd.microsoft.icon 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://steepman.ru/wp-content/plugins/scroll-top-and-bottom/icon/2_d.ico
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eced419f4b87421efcaa221094a0593c898bb06972fa49d7689918a401fd93bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 20 Mar 2016 00:23:09 GMT
Server: cloudflare
ETag: W/"2166-52e6ffc147540"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNBTUapfpN%2F8pqF%2BODjsDCh3Izfl6Q7kbZGEPxNJuCayHuDVIPayGGvE7CjnN8A%2FquqdyHKNcvnTYvCPJmfbgnzDOd5LrOhmQvJwo4N%2FdLHM5x6SZ2Z6qkCAVCk%2FEFaYHucb3EFg2WJygw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/vnd.microsoft.icon
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Cache-Control: max-age=691200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 67d546448ddfdfbf-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK core.min.js Show response
steepman.ru/wp-includes/js/jquery/ui/ 4 KB
3 KB 82ms
82ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 1811
last-modified: Thu, 15 Apr 2021 04:27:31 GMT
Server: cloudflare
etag: "f59-5bffb48259cc7-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHQ2VZBMThSxktCiRKOfKgIYGNBB3yd7bbkQKMU7lloC9DntqwGL48xDVB0%2F%2FFRyKJLlA90uZ7gAkw6RkaRzIPmu7x7NtBqw0GtqtDRyCpLrp8HDy6%2FgW4HLsRZDv1fYmZewA5LOdIKYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546421b1fdfbf-FRA

GET
H/1.1 200
OK scripts.js Show response
steepman.ru/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 79ms
78ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 3911
last-modified: Sun, 06 Sep 2020 10:23:27 GMT
Server: cloudflare
etag: "3719-5aea27e1a7b5e-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRszBY3oLCwsEKyWATm7DxxEFeXqpB1Vmhg7%2FzDf7zSy6hmqSkpWu7JA07TrxUYhvhN20ZM8QtBvxMAjfTR6SKYVLJRkfkHLKyzED6KrJL3ylpFQpZXEk%2Bi%2FlasQFvwUoQqZWt2cmnZunw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54642abb2dfbf-FRA

GET
H/1.1 200
OK wp-embed.min.js Show response
steepman.ru/wp-includes/js/ 1 KB
2 KB 83ms
82ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 765
last-modified: Thu, 15 Apr 2021 04:27:31 GMT
Server: cloudflare
etag: "592-5bffb4827a837-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=454sX%2F7k4D6dLqGa2qyuOgq%2B9CTQQtnaHmlCffFj5Ko6irVOqVOIqZKVdy5x0mPZe2MKluE6KYdWwO%2Fft%2Feq9a9pAchmHTVan1kRFbGwvnFqREs07oTpMX%2BUp7KoDUMAoe03uSlf5KYBtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d546432c90dfbf-FRA

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
steepman.ru/wp-includes/js/ 14 KB
5 KB 78ms
78ms Script
application/javascript 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://steepman.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: steepman.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://steepman.ru/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length: 4662
Last-Modified: Thu, 15 Apr 2021 04:27:31 GMT
Server: cloudflare
ETag: "3795-5bffb4827b007-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvLBtVsNig9muTK803bBnQP7N9NhVDNvV69Zhjr8wlzdpJjSr3%2FxxBASoX%2BCCAEr64481XxwGSc0bzmWTKM9qQ3F%2FmnaAY0DSzNZz7f0C5rxw%2BYCGI49ULwYhKgM%2FG2F%2B6nA0Mx2adgafQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=691200
Accept-Ranges: bytes
CF-RAY: 67d54644de31dfbf-FRA

GET
H3-29 200 Bitva_pri_Gastningse.jpg
steepman.ru/wp-content/uploads/2015/04/ 32 KB
32 KB 123ms
113ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2015/04/Bitva_pri_Gastningse.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3168c398fe2f3d96dad8edd8129f85c163bdd71ef01c411539d25c6c9d1f8450

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Thu, 09 Apr 2015 13:57:52 GMT
server: cloudflare
etag: "7f1d-5134b08a41800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBMvTqe4CRtPSSR5YNQFDJDfqLJhUTu78L1zs5kk0vbdyAiY3HeCp3PDFfqf6q4IQHxeB9GjOipuz6ujZbhCSTZUVdcxGhw75sWLgiT1kiNwFJjROaHhlUErdy%2FiwsF468JmBRnijD9kxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456af916f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 32541

GET
H3-29 200 termostaticheskaya_golovka.jpg
steepman.ru/wp-content/uploads/2015/02/ 8 KB
9 KB 99ms
89ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2015/02/termostaticheskaya_golovka.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d81e1efce77d1e3aa53ab160117ca21cd8bf8bb25ded24c8294316e4cd0b8b

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Sun, 22 Feb 2015 17:33:22 GMT
server: cloudflare
etag: "2141-50fb0aea0fc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCr5iz3hx6mYq6KfTSb5H7F8MCO6QhKpWyd%2FF7SPHG1t4HliGrjSosXIA1EP7u5ywumSpc0t3c8smsDvR8b4IHm%2BwJnbyNk9%2F9S2ZNzG1I%2FWf7Bn8M2riRTGzaCRa6kQIOMxmSTqHAbPlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456afc16f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8513

GET
H3-29 200 kollektornyiy_shkaf_vnutrenney_ustanovki.jpg
steepman.ru/wp-content/uploads/2015/01/ 4 KB
5 KB 113ms
103ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2015/01/kollektornyiy_shkaf_vnutrenney_ustanovki.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1c3e4f099c4b7b68bcd848e2244e8157e83c2540d2c4829499866e3b67f634

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Jan 2015 10:36:50 GMT
server: cloudflare
etag: "114e-50c9a512db480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H24IytBcRcsDIbM%2B6T4tzdcATvsa1ays2Tq3ZFRzO7qwhknt0lRBXSfRcz5fCLg1F6mGPp0MHKy3fmZ0XpnXm6utXPZ0TyAwdvNcc9Cv7RARitzSnJyC9AD%2FMgDXW%2BHXSypXu8lzjzTedA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456afe16f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4430

GET
H3-29 200 dyihanie.jpg
steepman.ru/wp-content/uploads/2015/01/ 9 KB
10 KB 97ms
87ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2015/01/dyihanie.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f92e9071fcaa2116a19e5bef50cc82fd68fd843964a6d0256fb84ddc2cfb8668

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Jan 2015 15:18:28 GMT
server: cloudflare
etag: "2521-50c61e6da9900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKVat%2FrDroj7bSTLeaDUQJSHnOERs6hxSjeGIZXsbsg0K5BFjUG1DF71rU4PyDQ9%2BE4MCZ7Wq9YQKkysq7MLKk%2B5BRzYkX%2BNgaeweZH%2B9jgRHtHCaxhmv2ne%2FNPKP9F9%2FV%2FydtTxcg5Ifg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456aff16f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9505

GET
H3-29 200 tsirkulyarnyiy_nasos_Grundfos.jpg
steepman.ru/wp-content/uploads/2015/01/ 10 KB
10 KB 113ms
103ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2015/01/tsirkulyarnyiy_nasos_Grundfos.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4b2190fae036c96c85b74712686a2fe91c257fa5f55255a1ff3283aa1134e1

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Sat, 10 Jan 2015 11:38:24 GMT
server: cloudflare
etag: "2700-50c4ab5fe2c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DAI2qUlZ5WRC73Rt0mLEvmrLqWvWY%2Fw21HgnG6OLSqbljXKaqJaH3b%2BawoRe6Ya4UoUAMmYi13pn4aSvwwBmi9AbS3ClS1LWG4zzoVXkvzkzX75Kf4qeMkSYv0C9k%2B8PXG36kvt8Mab%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456b0016f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9984

GET
H3-29 200 pit_vodu.jpg
steepman.ru/wp-content/uploads/2014/12/ 10 KB
10 KB 107ms
98ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2014/12/pit_vodu.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85bf841c71bc261a80791e8348747331204b525135c14b4345e06a10ecaa8270

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Sun, 28 Dec 2014 12:50:16 GMT
server: cloudflare
etag: "279c-50b4633123200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4bY8XsNB4dNVq%2B5mI4elBghSqgFn6ItZiISJB%2Ba0i%2FRjExopp6cCqfo2LM85DjrR2BrDByFjF2g0vV4n4Fxl0KwCTKRe9qr%2B4XlFRPFHma9VDx9Dx%2Bq1At%2FPLaM%2BKFYxlKcjXcICarFiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456afd16f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10140

GET
H3-29 200 pishha.jpg
steepman.ru/wp-content/uploads/2014/12/ 22 KB
23 KB 105ms
96ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2014/12/pishha.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ddb32aff61044212164b7514525c3555dfa75199dcf48684e69df87e45654b

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 21 Dec 2014 15:25:46 GMT
server: cloudflare
etag: "587d-50abb8e4b1280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJer6fCs3%2Fj3RniJIxIx0ELzjBQEgkbd4QuwTWOhobVWl6Klx4tiv9%2F9dvJ9KSzxoEUfQ5yD%2Bji9fUsSG7PQ%2B%2BSy9emJNHW%2B3Y4KokK2eNyA6HWc4b%2FEZoauu0fTtLcaKs%2BLP3Ai3kKdcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456b0316f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22653

GET
H3-29 200 raspredelitelnyiy_kollektor1.jpg
steepman.ru/wp-content/uploads/2014/12/ 13 KB
14 KB 111ms
103ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2014/12/raspredelitelnyiy_kollektor1.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b60503d153758f51056cab146d0fe5f86c5090b09769d07ddeba43132ee444

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Wed, 17 Dec 2014 09:20:30 GMT
server: cloudflare
etag: "354c-50a65fca1f380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQqxNrmxtMIZ2WhxKigovcgpHggRovkyIzP74mGweR%2F9gTexJx%2FXZpmS2bZUGgO0W9PHBBaL0mIYh9nkQK%2F4CJ8b25FTdwLNfqL6137WyaeMaWKYTQnYTiHjJbsE50cqnPlMBi1JLNSpow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456af816f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13644

GET
H3-29 200 metalloplastikovyie-trubyi1.jpg
steepman.ru/wp-content/uploads/2014/09/ 6 KB
7 KB 90ms
82ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2014/09/metalloplastikovyie-trubyi1.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7948f7328e314b41987ec35f9a5da2f9e379e83b62fff6c903b5b580d3651e2

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Mon, 08 Sep 2014 06:54:34 GMT
server: cloudflare
etag: "18d9-502884a9a7e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkPnJWnj%2Bsu0pzKMlP047vBk93Ds%2BvAY%2Fzyd%2BRDXBNqGvkxrDEbCc9R9DN4CbVuWStjFr26Ywo0PearOXQy%2FrgIIQSRjl6ZrTN7GiWU1iMSPWT1gz2AWpPwr9QsWtkblFPl3cnXahYof4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456b0216f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6361

GET
H3-29 200 krepezhnyie-materialyi.jpg
steepman.ru/wp-content/uploads/2014/07/ 18 KB
19 KB 112ms
104ms Image
image/jpeg 2606:4700:3037::ac43:b7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steepman.ru/wp-content/uploads/2014/07/krepezhnyie-materialyi.jpg
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4686280af90e065b5392a9ec4bd688583a96740b4a64979925b4a3c1c6c472e3

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Jul 2014 09:04:02 GMT
server: cloudflare
etag: "4822-4fde738f9a480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IaqRoM2wwFyE5xU%2FFcAaUK8nbUw2ljGrk7IP7d%2BMFmOxeFGdDqol0A91KZGn6ZiJNfKstG8Ea25LB4bfXafnpRZC82EZ%2BmI%2FQunZhqnuUmiiIKWVGdW%2BqpgNShXhOYh1epB%2BZXoCumZbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 67d546456b0116f2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18466

GET
H/1.1 200
OK / Show response
wycji.top/ajax/ 447 B
2 KB 59ms
59ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/ajax/?eyJwIjo3NjU2NiwiYiI6NjcxNzQ5LCJmIjoibjc4MGg5IiwicGYiOiJvem91N2g4aSIsInYiOiIxIiwidVRtIjoiMDA0OTQyNzciLCJyIjo4NzAwNSwibGZHIjoiMDY3NSIsImVmIjoiMDMzNSJ9
Requested by: Host: wycji.top
URL: http://wycji.top/e3d0a38/f897/2750bc.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: bd71527991f99092a8bb0415678b7ccb0318a818d71858314601b37d9a404858

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 23:34:24 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset="utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4135167387:2
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
94 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5364912403382355&plah=steepman.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 11 Aug 2021 23:34:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 47BC 10 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 11 Aug 2021 22:05:12 GMT
expires: Wed, 25 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 5352
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 132 KB
47 KB 148ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Thu, 12 Aug 2021 00:34:25 GMT

GET
H/1.1 200
OK / Show response
wycji.top/ajax/ 448 B
2 KB 23ms
23ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/ajax/?eyJ2IjoiMSIsInBmIjoicTNnZnE0IiwiUWRxIjoiMDYiLCJsVk4iOiIwODYiLCJmIjoiZnIzNGEiLCJiIjoyNzM1OTksInAiOjc2NTY2LCJPIjoiMDkiLCJlQXgiOiIwMTg0MDMiLCJyIjoyMjkxOX0
Requested by: Host: wycji.top
URL: http://wycji.top/c7/b3761f56acad9/58a7af.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: 943b4bf075d4fcb035760fb7e08f041a4bb96bb1538ae0c74423f6c20f365430

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 23:34:24 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset="utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4153413197:2
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%...
https://counter.yadro.ru/hit?t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20...
https://counter.yadro.ru/hit?q;t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%...

788 B
1 KB

65ms
65ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%u0432%u0441%u0435%20%u0441%u043B%u0443%u0447%u0430%u0438%20%u0436%u0438%u0437%u043D%u0438%21;0.4640029516399262

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a25e3a4bfba08ba61ff0fbc815a09f6d65815d7d98a9af7136258bf9fa30cf8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 788
Expires: Tue, 11 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t11.10;r;s1600*1200*24;uhttp%3A//steepman.ru/;h%u041C%u0443%u0436%u0441%u043A%u043E%u0439%20%u043F%u043E%u0440%u0442%u0430%u043B%21%20C%u043E%u0432%u0435%u0442%u044B%20%u0432%u0441%u0435%20%u0441%u043B%u0443%u0447%u0430%u0438%20%u0436%u0438%u0437%u043D%u0438%21;0.4640029516399262
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 11 Aug 2020 21:00:00 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
20 KB

25ms
6ms

Script
text/javascript

2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 1243
date: Wed, 11 Aug 2021 23:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 12 Aug 2021 01:13:41 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

132 KB
47 KB

134ms
134ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: br
last-modified: Mon, 09 Aug 2021 14:22:52 GMT
etag: "611112b5-bb1c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47900
expires: Thu, 12 Aug 2021 00:34:25 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

36ms
12ms

Script
application/x-javascript

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:24 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:15 GMT
server: openresty
etag: "5ff0bb7b-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Thu, 12 Aug 2021 11:34:24 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Wed, 11 Aug 2021 23:34:24 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK / Show response
xksqb.com/ajax/ 452 B
2 KB 28ms
28ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://xksqb.com/ajax/?eyJwIjo3NjU2NiwicGYiOiJlNWw4biIsInIiOjk0MTE5LCJ2IjoiMSIsImIiOjI3ODIyNiwicmxuIjoiMDMyMDAzIiwia2pRIjoiMDM0MyIsImYiOiJkcDRmM3RwZWIifQ
Requested by: Host: xksqb.com
URL: http://xksqb.com/31s0f/31/3caae/6709.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: ad7318d7f270e64201c0ed56d7cca545112dad095968cec03b32c653173da603

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Aug 2021 23:34:24 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset="utf-8
Keep-Alive: timeout=15
X-VARITI-CCR: 4159321544:2
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Cookie set jsonp.php Show response
wycji.top/ Frame E396 10 KB
3 KB 31ms
30ms Document
text/html 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/jsonp.php?eyJiIjo2NzE3NDksImMiOiJkalF1YjJsVFF6aHRNVmxOUzBsVGNsQk5SbTFpTDBsak4zUTFkVm9yWXpORlMwaFBaV2RtVUZKR09Vb3JZalJvVFd0bVV6TktUSGRuVlc1bWVpOUJUUzlCYTFCNVpXUlpWbVJvYnlzMmVHYzFUMWxQT0dGbGRqVjJVMkZxUVZoaWRFZGpOSGRpVUZoc1NtOTNNRVk1UkhGUGRWVmFiekZMVEZkWFIwSXpVMDEwVDIxaGRraGtWSEJDVUU5eloxZHpOVmh6VWtJeWIwOVJjVEZpUzFsdk5IbFZLeXRwVVdKWVpESjJNblpGSzNSRU0xRmlRak5FWTNaSllreDVWMWc1T0ZWT1dHRlVTbXc0UWs1MldrRlVaVEo1S3pCT2JVeEVhemsxYzAxUlBRPT0iLCJyZWYiOiIiLCJta2V5IjoibXNnMjQxMjQiLCJ1bWQiOjAsInJlbmRlciI6IntcImlcIjowLFwib1wiOjAsXCJ3XCI6MSxcIm1cIjowLFwiYVwiOjAsXCJtYlwiOjB9IiwicGxpZCI6Njg1MjIwNjM2NTIxNjM0OSwiX3IiOjEzNH0
Requested by: Host: wycji.top
URL: http://wycji.top/e3d0a38/f897/2750bc.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: b666db15954019fea906c489d4f4cd9e1592301bef969b0420b8a660765e6e0c

Request headers

Host: wycji.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://steepman.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

Server: nginx
Date: Wed, 11 Aug 2021 23:34:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 11 Aug 2021 23:34:24 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: uid=WFVdTGEUXoCphgjh6iUUAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/ ipp_uid2=Y67dE6WHcJYuWAvQ/QTbjykq60mRZl0g+VsMXLw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid1=1628724864955; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid=1628724864955/Y67dE6WHcJYuWAvQ/QTbjykq60mRZl0g+VsMXLw==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ rerf=AAAAAGEUXoBb7zsTAwPoAg==; expires=Fri, 10-Sep-21 23:34:24 GMT; path=/
Content-Encoding: gzip
X-VARITI-CCR: 4153413197:3
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
657 B 39ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=steepman.ru&callback=_gfp_s_&client=ca-pub-5364912403382355

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5364912403382355&plah=steepman.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b70c1ec61c616f61391309d82a6c50ebc1367edaa6fc1c7399fe21f8d22cf57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=steepman.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=steepman.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58C8 75 KB
13 KB 467ms
454ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5d06ec625b24a06b5e0e4ace6cd9a4fcb436ab5290178f4ea20f91cf2e0dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Aug 2021 23:34:25 GMT
server: cafe
content-length: 13148
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Aug-2021 23:49:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Aug 2021 23:34:25 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 45ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628508781313717"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Wed, 11 Aug 2021 23:34:25 GMT

GET
H/1.1 200
OK Cookie set jsonp.php Show response
wycji.top/ Frame 8133 6 KB
3 KB 26ms
26ms Document
text/html 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/jsonp.php?eyJiIjoyNzM1OTksImMiOiJkalF1YjJsVFF6aHRNREpLU2pab1JqaDRVMHcyZDBWaFl6VXpObkF4U0RsTFNERnVOa3MxTXpaNVdUZG9NRFJ4T1VwWFlVRm9NRzR6YUdwTFprNU1NVFZDVURWcWJuQk9UMWRYUTNNMVJuUk5NaTl6VlRSd2VFSmpTRFZaU2prNE5XaE1WRTlLT0hJMGRtcEhka2xvWWxSWldTc3djRmxVYjNCdmNraDFTVlZpWjBaUVZHWm5OblJ1WVdKTFpIRlpaWE51ZVhCdmMzRjVPRlJ3ZEhKTFNXRjRaMkUyY0RoUlJHOHZOR0Z5UTFGUFNIbFdZalZMYUVGdlRYQjZMelpJV25KNVQxSlpaVVl6UkhKcWVuVmpSMHAwWW5GVVVXZEZMMVF4VDBKU1MxbG5QVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ3MTMwIiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjo3NjYzMH0
Requested by: Host: wycji.top
URL: http://wycji.top/c7/b3761f56acad9/58a7af.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: 8f2d5c7e6daa9f53e2f08bde5b930b4a64f26574166a9ee627a96954cb4b9762

Request headers

Host: wycji.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://steepman.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

Server: nginx
Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 11 Aug 2021 23:34:25 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: uid=WFVdTGEUXoGphgjh6iUWAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/ ipp_uid2=fS6NAPNI5sMMcBgq/SeqQdQSCXbd1tAFB1bv23w==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid1=1628724865011; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid=1628724865011/fS6NAPNI5sMMcBgq/SeqQdQSCXbd1tAFB1bv23w==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ rerf=AAAAAGEUXoFb7zsTAwPpAg==; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/
Content-Encoding: gzip
X-VARITI-CCR: 4153413197:4
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4FE4 0
19 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&adk=1812271804&adf=3025194257&lmt=1628724865&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsteepman.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628724864945&bpp=1&bdt=821&idt=77&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=432240763658&frm=20&pv=1&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=82

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5364912403382355&output=html&adk=1812271804&adf=3025194257&lmt=1628724865&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fsteepman.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1628724864945&bpp=1&bdt=821&idt=77&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=432240763658&frm=20&pv=1&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Aug 2021 23:34:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Aug-2021 23:49:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Aug 2021 23:34:25 GMT
cache-control: private

GET
H/1.1 200
OK Cookie set jsonp.php Show response
xksqb.com/ Frame F86E 10 KB
3 KB 27ms
26ms Document
text/html 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Requested by: Host: xksqb.com
URL: http://xksqb.com/31s0f/31/3caae/6709.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: 24a826872877dbaa1995094eeac13ea07710232b8ad9e589f9fa948c65a193aa

Request headers

Host: xksqb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://steepman.ru/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

Server: nginx
Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 11 Aug 2021 23:34:25 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: uid=WFVdTGEUXoGphgjh6iUXAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/ ipp_uid2=lciZmYP9UAojYXv8/2/fxAhRUtY2rcW3vNU4pnQ==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid1=1628724865034; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ ipp_uid=1628724865034/lciZmYP9UAojYXv8/2/fxAhRUtY2rcW3vNU4pnQ==; expires=Tue, 31 Dec 2030 23:59:59 GMT; path=/ rerf=AAAAAGEUXoGewF+VAwheAg==; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/
Content-Encoding: gzip
X-VARITI-CCR: 4159321544:3
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=814769063&t=pageview&_s=1&dl=http%3A%2F%2Fsteepman.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAAABAAAAAC~&jid=2074575793&gjid=1229608199&cid=189232429.1628724865&tid=UA-44468989-1&_gid=1030632085.1628724865&_r=1&_slc=1&z=1425067750

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://steepman.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 90DB
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

3 KB
4 KB

13ms
12ms

Document
text/html

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: 9468aad1ff0469818bfa837dc77d1386148ae439c7d499efa4b6532e191c921a

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=10&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; aid=fwAAAWEUXoE+tgJrYvhGAgVaDWN1g6AWou2pQvCWSCBBdGNg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

server: openresty
date: Wed, 11 Aug 2021 23:34:25 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1628724865; expires=Thu, 12-Aug-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp53=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1628724865; expires=Wed, 25-Aug-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1628724865; expires=Wed, 25-Aug-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1628724865; expires=Wed, 25-Aug-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp149=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp151=1628724865; expires=Fri, 10-Sep-21 23:34:25 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Wed, 11 Aug 2021 23:34:25 GMT
content-type: text/html
content-length: 154
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Wed, 11-Aug-21 23:44:25 GMT aid=fwAAAWEUXoE+tgJrYvhGAgVaDWN1g6AWou2pQvCWSCBBdGNg; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9...
https://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B...

43 B
341 B

12ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8!&oE=1&oP=1&dT=2021-08-12T01%3A34%3A25.049&fu=19f9aba0-4d1e-4c58-875a-47a952e28a46
Requested by: Host: steepman.ru
URL: http://steepman.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=31831544&u=http%3A%2F%2Fsteepman.ru%2F&r=&rs=1600x1200&t=%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB!%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8!&oE=1&oP=1&dT=2021-08-12T01%3A34%3A25.049&fu=19f9aba0-4d1e-4c58-875a-47a952e28a46
Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK jQuery2.js Show response
c.jjcus.com/js/ Frame E396 82 KB
33 KB 52ms
28ms Script
application/x-javascript 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://c.jjcus.com/js/jQuery2.js?v=7
Requested by: Host: wycji.top
URL: http://wycji.top/jsonp.php?eyJiIjo2NzE3NDksImMiOiJkalF1YjJsVFF6aHRNVmxOUzBsVGNsQk5SbTFpTDBsak4zUTFkVm9yWXpORlMwaFBaV2RtVUZKR09Vb3JZalJvVFd0bVV6TktUSGRuVlc1bWVpOUJUUzlCYTFCNVpXUlpWbVJvYnlzMmVHYzFUMWxQT0dGbGRqVjJVMkZxUVZoaWRFZGpOSGRpVUZoc1NtOTNNRVk1UkhGUGRWVmFiekZMVEZkWFIwSXpVMDEwVDIxaGRraGtWSEJDVUU5eloxZHpOVmh6VWtJeWIwOVJjVEZpUzFsdk5IbFZLeXRwVVdKWVpESjJNblpGSzNSRU0xRmlRak5FWTNaSllreDVWMWc1T0ZWT1dHRlVTbXc0UWs1MldrRlVaVEo1S3pCT2JVeEVhemsxYzAxUlBRPT0iLCJyZWYiOiIiLCJta2V5IjoibXNnMjQxMjQiLCJ1bWQiOjAsInJlbmRlciI6IntcImlcIjowLFwib1wiOjAsXCJ3XCI6MSxcIm1cIjowLFwiYVwiOjAsXCJtYlwiOjB9IiwicGxpZCI6Njg1MjIwNjM2NTIxNjM0OSwiX3IiOjEzNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: a93eb280ff562434bf234c0d9939ea0fcf71118e96fb79a83b48422ec34c3e71

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trans-Id: tx4af3eca74e58459fb366c-0060a26793
Last-Modified: Fri, 15 Mar 2019 13:45:41 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTfxlh1AjsLj+cNaBpbov5ems=
Etag: W/"c89a52556c29ce93a9b2a2052564dfe2"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1552657524.081491359
Access-Control-Allow-Origin: *
X-Timestamp: 1552657540.78535
Cache-Control: max-age=6642329
Content-Type: application/x-javascript
Expires: Wed, 27 Oct 2021 20:39:54 GMT

GET
H/1.1 200
OK jQuery2.js Show response
c.jjcus.com/js/ Frame 8133 82 KB
33 KB 49ms
28ms Script
application/x-javascript 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://c.jjcus.com/js/jQuery2.js?v=7
Requested by: Host: wycji.top
URL: http://wycji.top/jsonp.php?eyJiIjoyNzM1OTksImMiOiJkalF1YjJsVFF6aHRNREpLU2pab1JqaDRVMHcyZDBWaFl6VXpObkF4U0RsTFNERnVOa3MxTXpaNVdUZG9NRFJ4T1VwWFlVRm9NRzR6YUdwTFprNU1NVFZDVURWcWJuQk9UMWRYUTNNMVJuUk5NaTl6VlRSd2VFSmpTRFZaU2prNE5XaE1WRTlLT0hJMGRtcEhka2xvWWxSWldTc3djRmxVYjNCdmNraDFTVlZpWjBaUVZHWm5OblJ1WVdKTFpIRlpaWE51ZVhCdmMzRjVPRlJ3ZEhKTFNXRjRaMkUyY0RoUlJHOHZOR0Z5UTFGUFNIbFdZalZMYUVGdlRYQjZMelpJV25KNVQxSlpaVVl6UkhKcWVuVmpSMHAwWW5GVVVXZEZMMVF4VDBKU1MxbG5QVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ3MTMwIiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjo3NjYzMH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: a93eb280ff562434bf234c0d9939ea0fcf71118e96fb79a83b48422ec34c3e71

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trans-Id: tx4af3eca74e58459fb366c-0060a26793
Last-Modified: Fri, 15 Mar 2019 13:45:41 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTfxlh1AjsLj+cNaBpbov5ems=
Etag: W/"c89a52556c29ce93a9b2a2052564dfe2"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1552657524.081491359
Access-Control-Allow-Origin: *
X-Timestamp: 1552657540.78535
Cache-Control: max-age=6642329
Content-Type: application/x-javascript
Expires: Wed, 27 Oct 2021 20:39:54 GMT

GET
H/1.1 200
OK jQuery2.js Show response
c.jjcus.com/js/ Frame F86E 82 KB
33 KB 34ms
28ms Script
application/x-javascript 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://c.jjcus.com/js/jQuery2.js?v=7
Requested by: Host: xksqb.com
URL: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: a93eb280ff562434bf234c0d9939ea0fcf71118e96fb79a83b48422ec34c3e71

Request headers

Referer: http://xksqb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trans-Id: tx4af3eca74e58459fb366c-0060a26793
Last-Modified: Fri, 15 Mar 2019 13:45:41 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTfxlh1AjsLj+cNaBpbov5ems=
Etag: W/"c89a52556c29ce93a9b2a2052564dfe2"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1552657524.081491359
Access-Control-Allow-Origin: *
X-Timestamp: 1552657540.78535
Cache-Control: max-age=6642329
Content-Type: application/x-javascript
Expires: Wed, 27 Oct 2021 20:39:54 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 90DB
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862&crf=1

68 B
607 B

29ms
29ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F815E14616B02B63E0246F862&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 90DB
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=0100007F815E146141001431027EEB62

43 B
270 B

68ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=0100007F815E146141001431027EEB62
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: openresty
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=0100007F815E146141001431027EEB62
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 90DB
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F815E14616B02B63E0246F862
https://px.adhigh.net/p/cm/sape?u=0100007F815E14616B02B63E0246F862&bounced=1
https://acint.net/match?dp=17&euid=0jjzZivlMm1.AikABlF7N5EpCw

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=0jjzZivlMm1.AikABlF7N5EpCw
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=0jjzZivlMm1.AikABlF7N5EpCw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 90DB 43 B
635 B 131ms
45ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Last-Modified: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 12 Aug 2021 05:34:25 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 90DB
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4356766326
https://www.acint.net/rmatch?dp=45&euid=AFCRRnqpcbu7n_ysppHaX-A&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F815E14616B02B63E0247F862

42 B
201 B

194ms
80ms

Image
image/gif

81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F815E14616B02B63E0247F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Wed, 11 Aug 2021 23:34:25 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F815E14616B02B63E0247F862
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 90DB 0
734 B 37ms
19ms Image
text/plain 2606:4700:3039::6815:c034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWUU97avwl9ohvlYxpE8TM9%2FMyzoOImfBLTc%2FKWSjNeBvItg6e3x6hwEq2ZKtJBpM7BePa4tZHAcZE90fdkOftPRqv9S7KSKhARyLPtkB1lJVAdochlBbO%2BquECmNqwU8TTaTfi5n9G9iw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 67d5464708094de2-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 90DB
Redirect Chain

https://sync.republer.com/match?dsp=sape
https://sync.republer.com/match?dsp=sape&qset=1
https://sync.bumlam.com/?src=rp1&uid=7b969fb3-b1e7-4b6b-8b1a-746003a5dce6
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBvdGIBlIEioaQK2IkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiBvdGIBlIEioaQK2IkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQABiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**
https://sync.bumlam.com/?src=rp1&s_data=CAIQARiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**

43 B
552 B

42ms
22ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=rp1&s_data=CAIQARiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
ETag: aa033812-fafc-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=rp1&s_data=CAIQARiBvdGIBmIkN2I5NjlmYjMtYjFlNy00YjZiLThiMWEtNzQ2MDAzYTVkY2U2ogEQqgM4Evr8Eeum6QAlkMgkNw**
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ Frame 90DB 0
238 B 132ms
42ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=106&vid=0100007F815E14616B02B63E0246F862

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 108
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 90DB 3 KB
3 KB 161ms
51ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Last-Modified: Thu, 05 Aug 2021 13:04:27 GMT
Server: nginx
ETag: "610be1db-c11"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3089

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 90DB 0
69 B 42ms
11ms Image
text/plain 195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.108.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx/1.15.9

GET
H2

200

match
www.acint.net/ Frame 90DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf4FeFGFrArY-Akb4Yg
https://www.acint.net/match?dp=77&euid=

43 B
269 B

12ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=77&euid=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.acint.net/match?dp=77&euid=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 90DB
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862

43 B
115 B

45ms
14ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

iseu: eu
server: nginx/1.16.0
date: Wed, 11 Aug 2021 23:34:25 GMT
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007F815E14616B02B63E0246F862
date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 90DB 42 B
201 B 318ms
78ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 sprcs
relap.io/partners/ Frame 90DB 43 B
985 B 158ms
52ms Image
image/gif 95.163.37.253
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/sprcs?uid=0100007F815E14616B02B63E0246F862

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: web05
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2

204

0.gif
x01.aidata.io/ Frame 90DB
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F815E14616B02B63E0246F862
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F815E14616B02B63E0246F862
https://dmg.digitaltarget.ru/1/6733/i/i?a=892&e=61145e81d41e061c0a55fb56&i=646984475798577050&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3D1ff6bf67-bdc8-400e-bc26-d735d8654ed6%26pid%3Dw%26uid%3...
https://dmg.digitaltarget.ru/awg/custom/6733/i/i?call_source=awg&a=892&e=61145e81d41e061c0a55fb56&i=646984475798577050&r=https%3A%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3D1ff6bf67-bdc8-400e-bc26-d735d...
https://sync.1dmp.io/pixel.gif?cid=1ff6bf67-bdc8-400e-bc26-d735d8654ed6&pid=w&uid=61145e81d41e061c0a55fb56&ru=https%3A%2F%2Fredirect.frontend.weborama.fr%2Frd%3Furl%3Dhttps%253A%252F%252Fadx.com.ru...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61145e81d41e061c0a55fb56%2526r%253Dhttps%25253A...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D61145e81d41e061c0a55fb56%2526r%253Dhttps%25253A...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D61145e81d41e061c0a55fb56%26r%3Dhttps%253A%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D9712851%2526id%253D61145e81d4...
https://prodmp.ru/yabbi.gif?uid=61145e81d41e061c0a55fb56&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9712851%26id%3D61145e81d41e061c0a55fb56%26dest%3D
https://x01.aidata.io/0.gif?pid=9712851&id=61145e81d41e061c0a55fb56&dest=

0
434 B

51ms
51ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9712851&id=61145e81d41e061c0a55fb56&dest=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:26 GMT
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 11 Aug 2021 23:34:25 GMT

Redirect headers

location: https://x01.aidata.io/0.gif?pid=9712851&id=61145e81d41e061c0a55fb56&dest=
date: Wed, 11 Aug 2021 23:34:26 GMT
access-control-allow-credentials: true
server: nginx
content-type: image/gif
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 90DB
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862&cs=1

35 B
376 B

12ms
11ms

Image
image/gif

88.99.213.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-213-228.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F815E14616B02B63E0246F862&cs=1
date: Wed, 11 Aug 2021 23:34:25 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 90DB
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=RF9nufjCPzCQ

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=RF9nufjCPzCQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=RF9nufjCPzCQ
Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 90DB
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=9de863e9-e969-52e0-bf77-d1fade638f7b

43 B
269 B

11ms
11ms

Image
image/gif

195.201.243.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=9de863e9-e969-52e0-bf77-d1fade638f7b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: regensburg.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=9de863e9-e969-52e0-bf77-d1fade638f7b
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 90DB
Redirect Chain

https://0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru/p?ssp=sp&id=0100007F815E14616B02B63E0246F862
https://www.acint.net/match?dp=111&euid=91e314ee-cc2b-4ac5-92bf-779cec1b1cd8

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=91e314ee-cc2b-4ac5-92bf-779cec1b1cd8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 11 Aug 2021 23:34:25 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=91e314ee-cc2b-4ac5-92bf-779cec1b1cd8
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.40
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

6PAhlHb5TJmeXSym2_pLFw
an.yandex.ru/setud/mts_banner/ Frame 90DB
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F815E14616B02B63E0246F862
https://sm.rtb.mts.ru/p?ssp=natimatica&id=d879d43c25e020c897543b01c65c1e98473e
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&ssp=natimatica&exu=d879d43c25e020c897543b01c65c1e98473e
https://tech.rtb.mts.ru/?dsp_uid=e8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F6PAhlHb5TJmeXSym2_pLFw%3Flocation%3Dhttps%253A%252F%252Fut.rktch.c...
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=110919276

43 B
103 B

57ms
57ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=110919276

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 23:34:25 GMT

Redirect headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fut.rktch.com%2Fmatchsbm%3Fbi%3D29%26bui%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=110919276
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

404

6PAhlHb5TJmeXSym2_pLFw
an.yandex.ru/setud/mts_banner/ Frame 90DB
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F815E14616B02B63E0246F862
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&ssp=sape&exu=0100007F815E14616B02B63E0246F862
https://tech.rtb.mts.ru/?dsp_uid=e8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F6PAhlHb5TJmeXSym2_pLFw%3Flocation%3Dhttps%253A%252F%252Fwww.acint....
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431
https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431

43 B
80 B

78ms
78ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 23:34:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/mts_banner/6PAhlHb5TJmeXSym2_pLFw?redir-setuniq=1&location=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D125%26euid%3De8f02194-76f9-4c99-9e5d-2ca6dbfa4b17&sign=3852232431
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 23:34:25 GMT

GET
H2

200

match
www.acint.net/ Frame 90DB
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=ac56e1b2-8929-4346-5b25-82f6d0468f6e

43 B
269 B

11ms
11ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=ac56e1b2-8929-4346-5b25-82f6d0468f6e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=ac56e1b2-8929-4346-5b25-82f6d0468f6e
date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 90DB
Redirect Chain

https://s.uuidksinc.net/match/396/0100007F815E14616B02B63E0246F862
https://www.acint.net/match?dp=127&euid=xwiwYmrJypOdD16LwB5o

43 B
269 B

13ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=xwiwYmrJypOdD16LwB5o
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx/1.19.0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
location: https://www.acint.net/match?dp=127&euid=xwiwYmrJypOdD16LwB5o
access-control-allow-headers: Content-Type
content-length: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 90DB 0
215 B 143ms
47ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 11 Aug 2021 23:36:22 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F815E14616B02B63E0246F862
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 90DB 0
189 B 195ms
72ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame 90DB
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F815E14616B02B63E0246F862
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F815E14616B02B63E0246F862&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=FAD659D8898BBE4F8FE8&back=STOP

0
434 B

52ms
51ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=FAD659D8898BBE4F8FE8&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:26 GMT
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 11 Aug 2021 23:34:25 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=FAD659D8898BBE4F8FE8&back=STOP
Date: Wed, 11 Aug 2021 23:34:26 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 262
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 90DB
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F815E14616B02B63E0246F862
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiBvdGIBlIFrbKc-w9iIDAxMDAwMDdGODE1RTE0NjE2QjAyQjYzRTAyNDZGODYy
https://sync.bumlam.com/?src=sap1&s_data=CAIQABiBvdGIBmIgMDEwMDAwN0Y4MTVFMTQ2MTZCMDJCNjNFMDI0NkY4NjKiARCqAzgS-vwR66bpACWQyCQ3

0
523 B

31ms
30ms

Image
text/html

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQABiBvdGIBmIgMDEwMDAwN0Y4MTVFMTQ2MTZCMDJCNjNFMDI0NkY4NjKiARCqAzgS-vwR66bpACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx
ETag: aa033812-fafc-11eb-a6e9-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQABiBvdGIBmIgMDEwMDAwN0Y4MTVFMTQ2MTZCMDJCNjNFMDI0NkY4NjKiARCqAzgS-vwR66bpACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0100007F815E14616B02B63E0246F862
an.yandex.ru/mapuid/sapeis/ Frame 90DB
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862
https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862?redir-setuniq=1

43 B
108 B

49ms
49ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 23:34:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 23:34:25 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007F815E14616B02B63E0246F862?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 11 Aug 2021 23:34:25 GMT

GET
H2 200 frame.html Show response
s3.advarkads.com/modules/match/ Frame 6FB3 187 B
404 B 103ms
81ms Document
text/html 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106

Request headers

:method: GET
:authority: s3.advarkads.com
:scheme: https
:path: /modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.acint.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.acint.net/

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Sat, 25 Apr 2020 07:44:34 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 67d546471c080746-FRA
content-encoding: gzip

GET
H/1.1 200
OK 140x140.gif
c.jjcus.com/0d4f76446c4944fbbc4e437a80115203/ Frame 8133 15 KB
16 KB 21ms
21ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/0d4f76446c4944fbbc4e437a80115203/140x140.gif
Requested by: Host: wycji.top
URL: http://wycji.top/jsonp.php?eyJiIjoyNzM1OTksImMiOiJkalF1YjJsVFF6aHRNREpLU2pab1JqaDRVMHcyZDBWaFl6VXpObkF4U0RsTFNERnVOa3MxTXpaNVdUZG9NRFJ4T1VwWFlVRm9NRzR6YUdwTFprNU1NVFZDVURWcWJuQk9UMWRYUTNNMVJuUk5NaTl6VlRSd2VFSmpTRFZaU2prNE5XaE1WRTlLT0hJMGRtcEhka2xvWWxSWldTc3djRmxVYjNCdmNraDFTVlZpWjBaUVZHWm5OblJ1WVdKTFpIRlpaWE51ZVhCdmMzRjVPRlJ3ZEhKTFNXRjRaMkUyY0RoUlJHOHZOR0Z5UTFGUFNIbFdZalZMYUVGdlRYQjZMelpJV25KNVQxSlpaVVl6UkhKcWVuVmpSMHAwWW5GVVVXZEZMMVF4VDBKU1MxbG5QVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ3MTMwIiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjo3NjYzMH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: 083be74f62feddc0b8bc7d39f7d1f030295bd3ae219cdf19b2e88b5d3e40ea91

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Connection: keep-alive
X-Trans-Id: txd2efd45539784cfc9d958-0060b419de
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:48 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/a0Ibg==
Etag: "03cead1af4762e15b8e9a3ddac1a2b88"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454705.777659142
Access-Control-Allow-Origin: *
X-Timestamp: 1547454707.28083
Cache-Control: max-age=7802084
Content-Length: 15566
Content-Type: image/gif
Expires: Wed, 10 Nov 2021 06:49:09 GMT

GET
H/1.1 200
OK 140x140.gif
c.jjcus.com/0d4f76446c4944fbbc4e437a80115203/ Frame E396 15 KB
16 KB 14ms
13ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/0d4f76446c4944fbbc4e437a80115203/140x140.gif
Requested by: Host: c.jjcus.com
URL: http://c.jjcus.com/js/jQuery2.js?v=7
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: 083be74f62feddc0b8bc7d39f7d1f030295bd3ae219cdf19b2e88b5d3e40ea91

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Connection: keep-alive
X-Trans-Id: txd2efd45539784cfc9d958-0060b419de
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:48 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/a0Ibg==
Etag: "03cead1af4762e15b8e9a3ddac1a2b88"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454705.777659142
Access-Control-Allow-Origin: *
X-Timestamp: 1547454707.28083
Cache-Control: max-age=7802084
Content-Length: 15566
Content-Type: image/gif
Expires: Wed, 10 Nov 2021 06:49:09 GMT

GET
H/1.1 200
OK 140x140.gif
c.jjcus.com/6f9c99e188f343b9b62ddcd7466c049c/ Frame E396 15 KB
15 KB 16ms
16ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/6f9c99e188f343b9b62ddcd7466c049c/140x140.gif
Requested by: Host: wycji.top
URL: http://wycji.top/jsonp.php?eyJiIjo2NzE3NDksImMiOiJkalF1YjJsVFF6aHRNVmxOUzBsVGNsQk5SbTFpTDBsak4zUTFkVm9yWXpORlMwaFBaV2RtVUZKR09Vb3JZalJvVFd0bVV6TktUSGRuVlc1bWVpOUJUUzlCYTFCNVpXUlpWbVJvYnlzMmVHYzFUMWxQT0dGbGRqVjJVMkZxUVZoaWRFZGpOSGRpVUZoc1NtOTNNRVk1UkhGUGRWVmFiekZMVEZkWFIwSXpVMDEwVDIxaGRraGtWSEJDVUU5eloxZHpOVmh6VWtJeWIwOVJjVEZpUzFsdk5IbFZLeXRwVVdKWVpESjJNblpGSzNSRU0xRmlRak5FWTNaSllreDVWMWc1T0ZWT1dHRlVTbXc0UWs1MldrRlVaVEo1S3pCT2JVeEVhemsxYzAxUlBRPT0iLCJyZWYiOiIiLCJta2V5IjoibXNnMjQxMjQiLCJ1bWQiOjAsInJlbmRlciI6IntcImlcIjowLFwib1wiOjAsXCJ3XCI6MSxcIm1cIjowLFwiYVwiOjAsXCJtYlwiOjB9IiwicGxpZCI6Njg1MjIwNjM2NTIxNjM0OSwiX3IiOjEzNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: a943ce9ec71ca7103667e9d4d4ff4f377e6fd85fafc825f6f2966e3c0374c75a

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Connection: keep-alive
X-Trans-Id: txa29a9e9f0b714f389f11c-0060b419ea
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:16 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/a0Ibg==
Etag: "009973e3601192fbd0adcc90b274481f"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454673.279064245
Access-Control-Allow-Origin: *
X-Timestamp: 1547454675.05453
Cache-Control: max-age=7802096
Content-Length: 15104
Content-Type: image/gif
Expires: Wed, 10 Nov 2021 06:49:21 GMT

GET
H/1.1 200
OK 140x140.gif
c.jjcus.com/b7a6dedc11114bfda0f82a0ed3906ada/ Frame E396 14 KB
14 KB 26ms
21ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/b7a6dedc11114bfda0f82a0ed3906ada/140x140.gif
Requested by: Host: wycji.top
URL: http://wycji.top/jsonp.php?eyJiIjo2NzE3NDksImMiOiJkalF1YjJsVFF6aHRNVmxOUzBsVGNsQk5SbTFpTDBsak4zUTFkVm9yWXpORlMwaFBaV2RtVUZKR09Vb3JZalJvVFd0bVV6TktUSGRuVlc1bWVpOUJUUzlCYTFCNVpXUlpWbVJvYnlzMmVHYzFUMWxQT0dGbGRqVjJVMkZxUVZoaWRFZGpOSGRpVUZoc1NtOTNNRVk1UkhGUGRWVmFiekZMVEZkWFIwSXpVMDEwVDIxaGRraGtWSEJDVUU5eloxZHpOVmh6VWtJeWIwOVJjVEZpUzFsdk5IbFZLeXRwVVdKWVpESjJNblpGSzNSRU0xRmlRak5FWTNaSllreDVWMWc1T0ZWT1dHRlVTbXc0UWs1MldrRlVaVEo1S3pCT2JVeEVhemsxYzAxUlBRPT0iLCJyZWYiOiIiLCJta2V5IjoibXNnMjQxMjQiLCJ1bWQiOjAsInJlbmRlciI6IntcImlcIjowLFwib1wiOjAsXCJ3XCI6MSxcIm1cIjowLFwiYVwiOjAsXCJtYlwiOjB9IiwicGxpZCI6Njg1MjIwNjM2NTIxNjM0OSwiX3IiOjEzNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: cd95236b31798489f6de0f689ce3d3d62e15bd62d24a14a67afb3fea0a2e4d7c

Request headers

Referer: http://wycji.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Connection: keep-alive
X-Trans-Id: tx77ea253875554425a80d9-0060b419e8
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:27 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/a0Ibg==
Etag: "60ea86ddefa23a99f29a63d803d3c352"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454685.206282577
Access-Control-Allow-Origin: *
X-Timestamp: 1547454686.54993
Cache-Control: max-age=7802094
Content-Length: 14115
Content-Type: image/gif
Expires: Wed, 10 Nov 2021 06:49:19 GMT

GET
H/1.1 200
OK 150x150.gif
c.jjcus.com/54cccf71b6e44c34930dda58a867e1ec/ Frame F86E 6 KB
6 KB 195ms
195ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/54cccf71b6e44c34930dda58a867e1ec/150x150.gif
Requested by: Host: xksqb.com
URL: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: 07410fe804f00ccbc35eba924417274f4369b62bb4b33f52823397c28ec83fab

Request headers

Referer: http://xksqb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
X-Openstack-Request-Id: tx4d2aa39862654a8c8cc9d-0060e5dbb5
Connection: keep-alive
X-Trans-Id: tx4d2aa39862654a8c8cc9d-0060e5dbb5
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:10 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/fsfIQGROMBknXuAcw==
Etag: "9deac3e27dcff506644e3e942a149b8b"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454668.397974895
Access-Control-Allow-Origin: *
X-Timestamp: 1547454669.75506
Cache-Control: max-age=11062971
Content-Length: 5864
Content-Type: image/gif
Expires: Sat, 18 Dec 2021 00:37:16 GMT

GET
H/1.1 200
OK 150x150.gif
c.jjcus.com/3c1ea25f443a484089193fb7c13a1b0b/ Frame F86E 10 KB
11 KB 195ms
195ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/3c1ea25f443a484089193fb7c13a1b0b/150x150.gif
Requested by: Host: xksqb.com
URL: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: 72311efcac5443b002ba87c05754d2102a821491d253c748ef70b6e541536d8f

Request headers

Referer: http://xksqb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
X-Openstack-Request-Id: tx1ad1d89c53444e2cbad57-0060e5dbb5
Connection: keep-alive
X-Trans-Id: tx1ad1d89c53444e2cbad57-0060e5dbb5
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:05 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/fsfIQGROMBknXuAcw==
Etag: "a6b57710d64ceefcb9dcc4056c04fca5"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454663.182879431
Access-Control-Allow-Origin: *
X-Timestamp: 1547454664.44905
Cache-Control: max-age=11062971
Content-Length: 10617
Content-Type: image/gif
Expires: Sat, 18 Dec 2021 00:37:16 GMT

GET
H/1.1 200
OK 150x150.gif
c.jjcus.com/c6ebc5c8840a409486f92e9da1e01bf8/ Frame F86E 17 KB
17 KB 195ms
195ms Image
image/gif 67.216.91.5
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.jjcus.com/c6ebc5c8840a409486f92e9da1e01bf8/150x150.gif
Requested by: Host: xksqb.com
URL: http://xksqb.com/jsonp.php?eyJiIjoyNzgyMjYsImMiOiJkalF1YjJsVFF6aHRNM0F3UW5Vd2RFVTNhRTFSTkU1cFkzaFBaRlJuZEdGS1ZFMTJSWGx2Tld4dWNWSkpXR0ZhZDBoa1dHNDNNbXB4UjNKS05HTkhaVGhuZDNoa1UxSXZhME5OUm0xSlZFYzVaVUZZYm1KRWMxZGlTMlZyZFdaaEx6VnNVRUprTVdwcGEwZDBkRVp3TW5WbVZHZHFjM2w0TUdKVWVpdFRORzV1ZWpZd05teDBZV2xuY1RGR05XVkRUblpxY214Q2NtRjZSVFFyTkU1Mk4yTTRaRXRJYW5KSlVHbEhSVlpNZWxBMFJtdEdZVkJhY1d0M2JVZHZjRFF5VkdKcVNrSklRbEF3VW1OWFVGVm9jMUYyWkVOWWJWTjZTV1ZzVTFsQ1dVMUJQVDA9IiwicmVmIjoiIiwibWtleSI6Im1zZzQ5NjY2IiwidW1kIjowLCJyZW5kZXIiOiJ7XCJpXCI6MCxcIm9cIjowLFwid1wiOjEsXCJtXCI6MCxcImFcIjowLFwibWJcIjowfSIsInBsaWQiOjY4NTIyMDYzNjUyMTYzNDksIl9yIjoxNDEyNH0
Protocol: HTTP/1.1
Server: 67.216.91.5 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn /
Resource Hash: 8fbc566f1adb7869b93f6e52bc181bb17417c4bbf4c5b53104071d57bc262144

Request headers

Referer: http://xksqb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Connection: keep-alive
X-Trans-Id: tx4f0b389edb1a413db50ff-0060c2debb
Accept-Ranges: bytes
Last-Modified: Mon, 14 Jan 2019 08:31:33 GMT
Server: ucdn
X-Ureq-ID: PYMqMNZBGwIdZKbVcxdvJ+4GjYA4cB+fLENA+ef49ofQrbD7+xN/0FrrHt3CVoDp3n8yxiSqWW1bmQXTehpvwLseqItPByEF/a0Ibg==
Etag: "e4a1c0efc7180cfb5728c5f053333896"
X-Served-From: l1
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
X-Object-Meta-Mtime: 1547454691.217392612
Access-Control-Allow-Origin: *
X-Timestamp: 1547454692.56370
Cache-Control: max-age=8769985
Content-Length: 17152
Content-Type: image/gif
Expires: Sun, 21 Nov 2021 11:40:50 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9362.2W7xPPrUOL_ZVjdlbt8gheHqwiGjWvP7ntNrlEi5NEpf8NaXwdwUHW-TDjJbM2YP.TKep-qE8cC3oLhe0gUomJ9MEhsc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9362.L_sXESNGQEuJZbl6sJ3fB4N7Tomru-HcV5wEPxPZll3M9Y1YcgKXkdPETNiHqJ3blSOwVNDwDq1O4r1v2ouwKw%2C%2C.tK2e5bYl-3eTe1pcotTyd7NtqVs%2C

75 B
75 B

55ms
55ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9362.L_sXESNGQEuJZbl6sJ3fB4N7Tomru-HcV5wEPxPZll3M9Y1YcgKXkdPETNiHqJ3blSOwVNDwDq1O4r1v2ouwKw%2C%2C.tK2e5bYl-3eTe1pcotTyd7NtqVs%2C

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9362.L_sXESNGQEuJZbl6sJ3fB4N7Tomru-HcV5wEPxPZll3M9Y1YcgKXkdPETNiHqJ3blSOwVNDwDq1O4r1v2ouwKw%2C%2C.tK2e5bYl-3eTe1pcotTyd7NtqVs%2C
date: Wed, 11 Aug 2021 23:34:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
135 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Mon, 09 Aug 2021 13:26:46 GMT
etag: "611112b5-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 12 Aug 2021 00:34:25 GMT

GET
H2 200 frame.js Show response
s3.advarkads.com/modules/match/ Frame 6FB3 20 KB
7 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:557
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/match/frame.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:557 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2ae2c20e439de7575b1e75caaf681f35e5943f96f32c3a8296322b97b9facd

Request headers

Referer: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Aug 2021 10:56:51 GMT
server: cloudflare
age: 20
etag: "809b496cd68dd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 67d54648ff070746-FRA
content-length: 6676

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 90DB 15 KB
16 KB 98ms
98ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=150977521236951
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Last-Modified: Thu, 05 Aug 2021 13:04:27 GMT
Server: nginx
ETag: "610be1db-3db4"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15796

GET
H/1.1 200
OK match
api.advarkads.com/api/statistic/ Frame 6FB3 43 B
389 B 232ms
87ms Image
image/gif 88.212.233.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.advarkads.com/api/statistic/match?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F815E14616B02B63E0246F862
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.108 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s3.advarkads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Aug 2021 23:34:25 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: -1

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame 58C8 188 KB
55 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 58C8 13 KB
5 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 58C8 87 KB
27 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 58C8 71 KB
16 KB 37ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16686
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6eea2bcb2a8fbd9d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:45 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 58C8 4 KB
2 KB 36ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame 58C8 40 KB
13 KB 35ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 196061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 09 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 17:06:44 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 58C8 3 KB
3 KB 26ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:02:35 GMT
x-content-type-options: nosniff
server: cafe
age: 70310
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Thu, 12 Aug 2021 04:02:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 58C8 344 B
827 B 26ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 3240
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 22:40:25 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 58C8 0
17 B 47ms
46ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc1n4gV4UYeyDApqegQeI0r6IDbOlg7BkmJLYi-IMloLNhYgWEAEgs-ziIWCVAqABzJmd-ALIAQmpAsuE__Ucs7M-qAMByAMIqgSrAU_Q3tZT2lA3AFhot8txPbNjEuf2TSopSDB7hzq8tdhilrXfaFHe2OVtmJ7GjnOS9YENcfUkMAJYloND_p_R1Qe8vbHIvmaUQKETypBnzmA2YGmlcO3rNNANdrPRPp4mPiq7SBgd_2i2jFaCB4Ko3L5hpfqKECbu2hX_q2pwU450XRyqufqq9W18jTpdn2USK4fcA00q7VVcENOEdOUb_0wmr2XMcHQZqkj0kcAEv7S_26IDkgUECAQYAZIFBAgFGASgBi6AB7PEmpgBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPmvB9IICQiA4YAQEAEYH4AKAcgLAdgTDYgUAtAVAYAXAbIXGgoYCAASFHB1Yi01MzY0OTEyNDAzMzgyMzU1&sigh=M4ZfZX86Gm4&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 11 Aug 2021 23:34:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 58C8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f302282223af954c34860f5da0f7fc4f0a6c617df1ca2281f77a974752424b07

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 motiv.jpg
tpc.googlesyndication.com/sadbundle/14412793747355211159/img/ Frame 58C8 16 KB
16 KB 30ms
13ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14412793747355211159/img/motiv.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81a91be060ff90750e039aedc749fbee707720aae4fdadbae77cc50592b8c264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 03:46:04 GMT
x-content-type-options: nosniff
age: 157701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16389
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 06:31:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 03:46:04 GMT

GET
H2 200 karte.jpg
tpc.googlesyndication.com/sadbundle/14412793747355211159/img/ Frame 58C8 8 KB
8 KB 23ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14412793747355211159/img/karte.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ed939b2d46dcfa006093d56408a16a598d0c001992980543dae5052127ae1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 02:46:27 GMT
x-content-type-options: nosniff
age: 161278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 06:31:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 02:46:27 GMT

GET
H2 200 banner.png
tpc.googlesyndication.com/sadbundle/14412793747355211159/img/ Frame 58C8 12 KB
12 KB 28ms
12ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/14412793747355211159/img/banner.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf77a3f63d977b407beafd76c2c60fec12bb6cee1ab70fe8732084b79a8232d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Aug 2021 22:17:22 GMT
x-content-type-options: nosniff
age: 350223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12605
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 06:31:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Aug 2022 22:17:22 GMT

GET
H3-29 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012107240354000/ 20 KB
7 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-host-v0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144064
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Tue, 10 Aug 2021 07:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "26bfa3b7da51af82"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Aug 2022 07:33:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/23457205/
Redirect Chain

https://mc.yandex.com/watch/23457205?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/23457205/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

316 B
398 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23457205/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A262629053567%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A809500399%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0ed6b1f93616fe253643293537e15591a1744cf109b27b9a2b11918ba2c2efb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 11-Aug-2021 23:34:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://steepman.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 11-Aug-2021 23:34:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Wed, 11-Aug-2021 23:34:25 GMT
location: /watch/23457205/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A2%3Adp%3A0%3Als%3A262629053567%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A809500399%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21
strict-transport-security: max-age=31536000
access-control-allow-origin: http://steepman.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 11-Aug-2021 23:34:25 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/21983401/
Redirect Chain

https://mc.yandex.com/watch/21983401?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/21983401/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

316 B
347 B

58ms
57ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/21983401/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A295700085380%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A1020452385%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21

Requested by

Host: steepman.ru
URL: http://steepman.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

11866e695fb302043e112d99bd55cf6c08b815c41e59018b8bed14c7835ba660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 11-Aug-2021 23:34:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://steepman.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Wed, 11-Aug-2021 23:34:25 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:25 GMT
last-modified: Wed, 11-Aug-2021 23:34:25 GMT
location: /watch/21983401/1?wmode=7&page-url=http%3A%2F%2Fsteepman.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2cqzuju16nt0kup4q%3Afp%3A1649%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A295700085380%3Ahid%3A670644529%3Az%3A120%3Ai%3A20210812013425%3Aet%3A1628724865%3Ac%3A1%3Arn%3A1020452385%3Au%3A1628724865323240977%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628724863220%3Ads%3A48%2C5%2C842%2C3%2C0%2C0%2C%2C818%2C3%2C%2C%2C%2C1723%3Adsn%3A48%2C6%2C842%2C3%2C0%2C0%2C%2C823%2C3%2C%2C%2C%2C1723%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628724866%3At%3A%D0%9C%D1%83%D0%B6%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%21%20C%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%BB%D1%83%D1%87%D0%B0%D0%B8%20%D0%B6%D0%B8%D0%B7%D0%BD%D0%B8%21
strict-transport-security: max-age=31536000
access-control-allow-origin: http://steepman.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 11-Aug-2021 23:34:25 GMT

GET
H3-29 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 58C8 3 KB
3 KB 20ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 04:02:35 GMT
x-content-type-options: nosniff
server: cafe
age: 70310
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Thu, 12 Aug 2021 04:02:35 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 58C8 344 B
368 B 20ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 22:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 3240
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 12 Aug 2021 22:40:25 GMT

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame 90DB 49 B
602 B 60ms
60ms Image
image/gif 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=448547743857158.747923415881642&a=77&e=0100007F815E14616B02B63E0246F862&pref=http%3A%2F%2Fsteepman.ru%2F&c=ss:77.up:0100007F815E14616B02B63E0246F862.sync:up.xdua:dud6jDK_lAXjxf2Nchv3nrnR.xps:xpsbmdPJAK8wstrVNidopEOPp.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 9
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK i
dmg.digitaltarget.ru/1/1093/i/ Frame 90DB 49 B
602 B 118ms
57ms Image
image/gif 185.15.175.144
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/1093/i/i?i=448547743857158.6799558429149&a=77&e=0100007F815E14616B02B63E0246F862&pref=http%3A%2F%2Fsteepman.ru%2F&c=ss:77.up:0100007F815E14616B02B63E0246F862.sync:up.xdua:dud6jDK_lAXjxf2Nchv3nrnR.xps:xpsbmdPJAK8wstrVNidopEOPp.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 6
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 32ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eb659d8e728620df37ea9691743c36bde6b5c32fde7b8a2e3123f64728e381a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Aug 2021 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8620
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 11 Aug 2021 23:34:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 37F6 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 11 Aug 2021 13:59:36 GMT
expires: Thu, 11 Aug 2022 13:59:36 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 34490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 42DA 783 B
1 KB 36ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3179d9b8e1278700bfb37bec2e630a67d44aafb74ac4e9f7fb65dd4a0fe5102

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g+td1NlxS+qBTDmqsGn76A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://steepman.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://steepman.ru/

Response headers

expires: Wed, 11 Aug 2021 23:34:26 GMT
date: Wed, 11 Aug 2021 23:34:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-g+td1NlxS+qBTDmqsGn76A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js Show response
pagead2.googlesyndication.com/bg/ Frame 37F6 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 10 Aug 2021 17:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13203
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Aug 2022 17:27:57 GMT

GET
H/1.1 200
OK confirm.php Show response
wycji.top/ 15 B
888 B 22ms
21ms Script
application/javascript 185.203.72.224
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://wycji.top/confirm.php?c=djQub2lTQ1ZFQlYva0t1cXUxVVUxQmpNYVNoamJxait4TEliMThEMUFWS1pRcTJRbEFqazdhemhsVlMrOWdQK0VpSG1HNVRpNTM2S3pzVFg1YkFOTVE5OXY2UDBTazc3dzF1ZHVvWG5kemhLV1VHczRwY0JoclNGVHZxQ3dXc1ZRTnJadjRYaW1LZXl1bHdmNGFsWnBFcFc3Tm1UTzZUTG9aRUNKdE96UUlsOFZwYzVrMEdtQ3h0aXlJYVFPS2lBQlNBa0pVbkdQRG5xTElyVWxxb0VCOFUzZGNmc3Jrbzhzd0wvRHF1SDg1cDJ1czdPRldpNWRCQlRRcTM5Q1JJNGRsRk14aXZxVnhyTklNQWMxTE1PT2R5SGtiTjNBMFdEelorRVI3WWdyb0hWa2lXcXVZbitxQVZFWFI2UzZ6UVlmbDc3Y3ltWldiTnU3emQrOGpwQ3NZRklXb3BPcTY2RUVTZGsrcDIyelVoUURwQ2RIT0tpL0QrWkxuSzlRa3ZUcXRvS3lZY1BiNW1qY2xqZm41VkRQa2RrR0ZGR0sySGx3V250bjFMOStsUHlITDU4akhHNmRhbUhHYjNpMnl0VWVYTVlBUjMyUT09&callback=cnf41219
Requested by: Host: wycji.top
URL: http://wycji.top/e3d0a38/f897/2750bc.js
Protocol: HTTP/1.1
Server: 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH),
Reverse DNS
Software: nginx /
Resource Hash: d0bcf6e35acccb97095f35a88823e31453f83d18c6d2a14932a1c2b4b5e5a303

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 23:34:26 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset="utf-8"
Keep-Alive: timeout=15
X-VARITI-CCR: 4153413197:5

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=2399323874696222&bg=!HxylHFjNAAbOj6irzo87ACkAdvg8Wn1mm7RTUunHY8d0ich_BWVmQ73VwzVclt0lfLPRH_CHpFq04wIAAABWUgAAAAtoAQcKAGANZ3wcByyFo0QApWWfC0Xeo7dT1FUNGZox3UIK-Y3tqfvCa1hEO8Kytyn6w5R10bZff81lOkmIxTNTyTouNuySjo5XcvvgWg06g-Kj0NWAKNmrRGKmwsvTeK0cpylPFoWZAmh4P_sbPWx5qqFIR90bDN1mKzDXrtyDf-mKWgb-D9W7WgXd3jpSAuCOifilwo41z9THJo8EaVlF0Tr16hcavO376-8wmbKpbux6KL5WnPat7eeH3AFSxPeBhlS3B95IGJVJsc5vhPXtLeHJBsVdVHal9Kc_V0Smr-byE4akdzVW5N2xP1dLq7WcC1Lx68amgBEIB4H-EOpZWjqSwuZPjofhBtL8Sx2FyDpBmqwWPSJh53GsqSdgpLGoqdoDCJlKBHqd5CepGTXo9uYxVfhND3REJGxCRqZGe7dogVsDwFPBBMqk4Ha8o7Z_zniZbbio7KzIKtAeQsUuLeHp7C4hSZWpdunc4eepd2Up1TZXD83VfTeCgr073pi-HkYMbXsDa_iUSoUv9Ewaxz5GzLyprV7j8v-Ty_nNRxivbmYXEWdp0rfOT1dVCvUAd3YFpqQgTqaAOKQq_XdooiuQyQX-uIv-64MBnApWvQHAAxaCzrfbMiaHWrEGRYJ-f3PXDY8vvhoBYzVqqKGbkFvlzQYsJowDpxe83Ww5r8iGE8S_-uXyTFSZuuAv6xPUfYWk8_3W92GWFBCfqnk0ScXvwNPDmh5pVDYmcfKZHYYnKRd4EuioVPR9ufouSXYt-DIkSXV-54LNSlfTDomFgwRBH-CC27aLWowPZ2p59z-mFJd2YGYGDgs_yoySYZ0yRPz-39dtMR_qASSxJ2jvAFDZVTzEy_jDMJt5ObByCb_gXrcZCMEuH5C3srumRuYfm66G00UPhjnwf9srP2FBocfSlpiPyb5QTA5a5w7z4V1C2h9lhWY2LX6ntiDYxCpn

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Aug 2021 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051
https://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051

43 B
224 B

13ms
12ms

Image
image/gif

46.4.114.109
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.114.109 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz1271137.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://steepman.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 11 Aug 2021 23:34:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=2d3f7950-659b-4dbf-a2fc-5ba27bbb8c04&dp=10&tz=%2B02%3A00&nc=99535693&dT=2021-08-12T01%3A34%3A28.051
Date: Wed, 11 Aug 2021 23:34:28 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp151 Value: 1628724865
.advarkads.com/	1970-01-20 13:56:36	Name: u Value: EAI3N-umokySGK-Nuh-Ffw
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp146 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp144 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp136 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp138 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp127 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp126 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp125 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp107 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp149 Value: 1628724865
.acint.net/	1970-01-19 20:45:34	Name: cSyncDp104v2 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp95v2 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp88 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp84 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp101 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp68 Value: 1628724865
.acint.net/	1970-01-19 20:45:34	Name: cSyncDp111v2 Value: 1628724865
.acint.net/	1970-01-19 20:45:34	Name: cSyncDp77 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp67v2 Value: 1628724865
.acint.net/	1970-01-19 20:26:51	Name: cSyncDp45v3 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp32 Value: 1628724865
.steepman.ru/	1970-01-20 05:11:00	Name: _ym_d Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp17 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp7v2 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp62 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp112v2 Value: 1628724865
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWEUXoE+tgJrYvhHAk2Hl6BYb1mPlF2LvyXm/cVaAmdH
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp54v2 Value: 1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp85 Value: 1628724865
.doubleclick.net/	1970-01-20 05:47:00	Name: IDE Value: AHWqTUnTC_qaw-Qm0v8UHbk00bamhlKR7s5bSt0boZpGzzhpAPAEENh6KYZ2vNIReys
.steepman.ru/	1970-01-20 13:56:36	Name: _ga Value: GA1.2.189232429.1628724865
.steepman.ru/	1970-01-20 05:47:00	Name: __gads Value: ID=d2a58213516a13ee-22e5563da9c900a2:T=1628724865:RT=1628724865:S=ALNI_MbtGJwIZsXMMWi2nDqjflx1-U7_ow
.steepman.ru/	1970-01-20 05:11:00	Name: _ym_uid Value: 1628724865323240977
.steepman.ru/	1970-01-19 20:26:36	Name: _ym_isad Value: 2
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp53 Value: 1628724865
.acint.net/	1970-01-19 20:25:25	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 20:25:25	Name: test_cookie Value: CheckForPermission
steepman.ru/	1978-01-11 21:31:40	Name: fid Value: 19f9aba0-4d1e-4c58-875a-47a952e28a46
.steepman.ru/	1970-01-19 20:26:51	Name: _gid Value: GA1.2.1030632085.1628724865
.acint.net/	1970-01-19 21:08:36	Name: cSyncDp14v3 Value: 1628724865
.steepman.ru/	1970-01-19 20:25:24	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364912403382355&output=html&h=250&slotname=2093067422&adk=1087469895&adf=461588321&pi=t.ma~as.2093067422&w=300&lmt=1628724864&psa=0&format=300x250&url=http%3A%2F%2Fsteepman.ru%2F&flash=0&wgl=1&dt=1628724864880&bpp=27&bdt=755&idt=86&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&correlator=432240763658&frm=20&pv=2&ga_vid=189232429.1628724865&ga_sid=1628724865&ga_hid=814769063&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=4421&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C20211866%2C31062179%2C31062248&oid=3&pvsid=2399323874696222&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=DZXLYnD23e&p=http%3A//steepman.ru&dtd=126

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f815e14616b02b63e0246f862-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
an.yandex.ru
api.advarkads.com
c.jjcus.com
cdn.ampproject.org
cm.g.doubleclick.net
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
googleads.g.doubleclick.net
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
relap.io
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
stat.adlabs.ru
steepman.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync3.adsniper.ru
tag.digitaltarget.ru
tech.rtb.mts.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google-analytics.com
www.google.com
www.googletagservices.com
wycji.top
x01.aidata.io
xksqb.com
109.248.237.37
142.250.184.226
142.250.186.66
157.90.179.214
176.9.158.88
185.15.175.144
185.15.175.145
185.203.72.224
188.34.131.132
188.42.196.115
193.106.93.124
193.232.148.153
194.190.117.94
195.201.108.196
195.201.243.72
195.209.108.47
213.87.44.187
217.65.2.150
217.66.147.168
2606:4700:10::6816:557
2606:4700:3037::ac43:b7c7
2606:4700:3039::6815:c034
2a00:1148:db00::17
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:6b8::1:119
2a02:6b8::90
31.172.81.158
31.172.81.160
31.220.27.134
35.190.16.14
37.18.16.21
37.9.245.57
46.4.114.109
67.216.91.5
80.64.106.149
81.222.128.216
88.212.201.216
88.212.233.108
88.99.213.228
89.108.120.68
89.108.97.2
93.95.102.105
95.163.37.253
95.211.66.35
06af59f550ee5358217c3bd4152bc62608cc068e965703035c0be6579e6d803a
07410fe804f00ccbc35eba924417274f4369b62bb4b33f52823397c28ec83fab
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
083be74f62feddc0b8bc7d39f7d1f030295bd3ae219cdf19b2e88b5d3e40ea91
0b5d06ec625b24a06b5e0e4ace6cd9a4fcb436ab5290178f4ea20f91cf2e0dca
0ed6b1f93616fe253643293537e15591a1744cf109b27b9a2b11918ba2c2efb0
11866e695fb302043e112d99bd55cf6c08b815c41e59018b8bed14c7835ba660
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24a826872877dbaa1995094eeac13ea07710232b8ad9e589f9fa948c65a193aa
28ddb32aff61044212164b7514525c3555dfa75199dcf48684e69df87e45654b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e22ce21c57f31404ec65afddc6c88d9f0943892d30dba4cb1ee7740b4adbaee
3168c398fe2f3d96dad8edd8129f85c163bdd71ef01c411539d25c6c9d1f8450
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3e2ae2c20e439de7575b1e75caaf681f35e5943f96f32c3a8296322b97b9facd
3eb659d8e728620df37ea9691743c36bde6b5c32fde7b8a2e3123f64728e381a
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
4686280af90e065b5392a9ec4bd688583a96740b4a64979925b4a3c1c6c472e3
4cf77a3f63d977b407beafd76c2c60fec12bb6cee1ab70fe8732084b79a8232d
4d1c3e4f099c4b7b68bcd848e2244e8157e83c2540d2c4829499866e3b67f634
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53e4cb1ec1da57e5fec65ec5f5b19b050fa8bd6e19e9030c2704456846e4d106
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3275cf40c8cfc7c021d8bcc0ecfe66c9e50e8f87dedea75610a5afe424d615
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
6068e7c31c9b85761b590d29013317991c91a0ef65608c4aa3dc42fadeeeba3b
687a44ded2afd0ffd0e142762dcdf4e440ba81cbb1a688eaa25035e271c0c55e
72311efcac5443b002ba87c05754d2102a821491d253c748ef70b6e541536d8f
75161ac289beefd58025e5f14b5ad0290aa346d556f52cde1beedcd279afc72b
7694092db9514c6643c47d692e5ac7bc1c924c3aa712c8ae4504a5cdd6cfb420
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
7c078e5032ba5da0fdf4e333ac30ad283aaa9de5d935e716c6fd7e1b5d4e9d2e
81a91be060ff90750e039aedc749fbee707720aae4fdadbae77cc50592b8c264
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85bf841c71bc261a80791e8348747331204b525135c14b4345e06a10ecaa8270
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8bb6574655125d71a82d526d304d1227af750484deb25496b77e25d5c5032341
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c641f871d303f00c2431556fca2d50690ff200abd043196c8758e4bc590b848
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
8f2d5c7e6daa9f53e2f08bde5b930b4a64f26574166a9ee627a96954cb4b9762
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fbc566f1adb7869b93f6e52bc181bb17417c4bbf4c5b53104071d57bc262144
943b4bf075d4fcb035760fb7e08f041a4bb96bb1538ae0c74423f6c20f365430
9468aad1ff0469818bfa837dc77d1386148ae439c7d499efa4b6532e191c921a
9ed939b2d46dcfa006093d56408a16a598d0c001992980543dae5052127ae1e9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a25e3a4bfba08ba61ff0fbc815a09f6d65815d7d98a9af7136258bf9fa30cf8f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d81e1efce77d1e3aa53ab160117ca21cd8bf8bb25ded24c8294316e4cd0b8b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a93eb280ff562434bf234c0d9939ea0fcf71118e96fb79a83b48422ec34c3e71
a943ce9ec71ca7103667e9d4d4ff4f377e6fd85fafc825f6f2966e3c0374c75a
ad7318d7f270e64201c0ed56d7cca545112dad095968cec03b32c653173da603
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31a2dfb910d5e0292d6639f0c1a9b6ecc2471ba71ba18e3dc27cd5a033cf463
b666db15954019fea906c489d4f4cd9e1592301bef969b0420b8a660765e6e0c
b70c1ec61c616f61391309d82a6c50ebc1367edaa6fc1c7399fe21f8d22cf57a
b7203ef7f18e8e70e9991515982b3bbd43524cf048e9591b7aab1e80db938774
b7948f7328e314b41987ec35f9a5da2f9e379e83b62fff6c903b5b580d3651e2
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
ba4b2190fae036c96c85b74712686a2fe91c257fa5f55255a1ff3283aa1134e1
bd71527991f99092a8bb0415678b7ccb0318a818d71858314601b37d9a404858
c0f089dc7b0b244cbd386bc6ebcce884050062d0d6a41ed7350ddb3dd193bdd4
c4cd126b21a4a71df6b2eb9210d37eca993c879b5fff2eb5808741c5b3069d03
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cd95236b31798489f6de0f689ce3d3d62e15bd62d24a14a67afb3fea0a2e4d7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d0bcf6e35acccb97095f35a88823e31453f83d18c6d2a14932a1c2b4b5e5a303
d5b60503d153758f51056cab146d0fe5f86c5090b09769d07ddeba43132ee444
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d7d1ad6799d69e6b2554f3ca7b64411f5f3ca8e4e62e45a746421d8cdbc665e9
e3179d9b8e1278700bfb37bec2e630a67d44aafb74ac4e9f7fb65dd4a0fe5102
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eced419f4b87421efcaa221094a0593c898bb06972fa49d7689918a401fd93bd
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dff558f86f73763dd5d293fc80a480b21e25e60831e496b75b9b504c4277cf
f302282223af954c34860f5da0f7fc4f0a6c617df1ca2281f77a974752424b07
f92e9071fcaa2116a19e5bef50cc82fd68fd843964a6d0256fb84ddc2cfb8668
fb92ed767b019d2f70db2183625e2d49cdf405c775127c8815b86acc15982194
fbbbfcf43f82904a3386ac78a77d7fe7f2d741774a35af0ff390da1624dfaf08
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

steepman.ru Open in urlscan Pro 2606:4700:3037::ac43:b7c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

127 Requests

69 %HTTPS

27 %IPv6

45 Domains

54 Subdomains

35 IPs

6 Countries

1104 kBTransfer

2515 kBSize

42 Cookies

1 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

steepman.ru Open in urlscan Pro
2606:4700:3037::ac43:b7c7 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

69 %
HTTPS

27 %
IPv6

45
Domains

54
Subdomains

35
IPs

6
Countries

1104 kB
Transfer

2515 kB
Size

42
Cookies

127 HTTP transactions
1 data transactions