urlscan.io logo urlscan.io
SecurityTrails logo

invoice.99p.ru Open in urlscan Pro
92.243.127.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Effective URL: https://invoice.99p.ru/
Submission: On September 23 via automatic, source urlhaus — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 92.243.127.158, located in Tomsk, Russian Federation and belongs to NEWTELESYSTEMS, RU. The main domain is invoice.99p.ru.
TLS certificate: Issued by R3 on September 6th 2021. Valid for: 3 months.
This is the only time invoice.99p.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 92.243.127.158 31036 (NEWTELESY...)
1 142.250.185.170 15169 (GOOGLE)
3 9 93.158.134.119 13238 (YANDEX)
4 172.217.23.99 15169 (GOOGLE)
1 11 104.18.70.113 13335 (CLOUDFLAR...)
1 104.18.72.113 13335 (CLOUDFLAR...)
3 104.16.51.111 13335 (CLOUDFLAR...)
29 7
4    92.243.127.158 (Tomsk, Russian Federation)

ASN31036 (NEWTELESYSTEMS, RU)
PTR: 92-243-127-158.mynts.ru
invoice.99p.ru
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
fonts.googleapis.com
9    93.158.134.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
4    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net
fonts.gstatic.com
11    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.zendesk.com
static.zdassets.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
mainsms.zendesk.com
Domain Requested by
10 static.zdassets.com invoice.99p.ru
assets.zendesk.com
static.zdassets.com
7 mc.yandex.com 2 redirects invoice.99p.ru
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
4 invoice.99p.ru invoice.99p.ru
3 mainsms.zendesk.com assets.zendesk.com
static.zdassets.com
2 mc.yandex.ru 1 redirects invoice.99p.ru
1 ekr.zdassets.com assets.zendesk.com
1 assets.zendesk.com 1 redirects
1 fonts.googleapis.com invoice.99p.ru
29 9

This site contains no links.

Subject Issuer Validity Valid
invoice.99p.ru
R3		 2021-09-06 -
2021-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-08 -
2022-07-07		 a year crt.sh
mainsms.zendesk.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh

This page contains 3 frames:

Primary Page: https://invoice.99p.ru/
Frame ID: 281D67B4EAB5725B9F92E97FEFCE9FFD
Requests: 15 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 6F00EFBCDBD7342EAEB12986EAFC3BB2
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Frame ID: A366388AD172D961A6B86CB6A6D5884E
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Выбор организации

Page URL History Show full URLs

  1. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  3. https://invoice.99p.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

521 kB
Transfer

1650 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  2. https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php Page URL
  3. https://invoice.99p.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 11
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9405.akxBZSLK6zgh0m2xU29QnE3dGhjKVc0wBdm4OfK-t2377RR34J15dUvtW4EE_m-D.m9KS53WMnxf_uoPcTUy5lFc9p8w%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9405.BhCGLHtNNvLLmjxuSw4VhFwFTm7SbgXXxyTo3pZNa0XZDkLicwp3GsX7LLzys3m3fPGvEPd9OW8HlVpgb-KNmQ%2C%2C.alVWKSQr-xHKBe9Yj4DBGyXfJEk%2C
Request Chain 16
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A201%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A705682999926%3Ahid%3A249269058%3Az%3A0%3Ai%3A202109231901048%3Aet%3A1632424248%3Ac%3A1%3Arn%3A156282937%3Arqn%3A1%3Au%3A1632424248894656997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632424248077%3Ads%3A0%2C0%2C84%2C0%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C195%3Adsn%3A0%2C0%2C84%2C1%2C0%2C0%2C%2C109%2C0%2C%2C%2C%2C195%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632424249%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A201%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A705682999926%3Ahid%3A249269058%3Az%3A0%3Ai%3A202109231901048%3Aet%3A1632424248%3Ac%3A1%3Arn%3A156282937%3Arqn%3A1%3Au%3A1632424248894656997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632424248077%3Ads%3A0%2C0%2C84%2C0%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C195%3Adsn%3A0%2C0%2C84%2C1%2C0%2C0%2C%2C109%2C0%2C%2C%2C%2C195%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632424249%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xylem.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/ 		937 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Thu, 23 Sep 2021 19:10:56 GMT
Content-Length
566
xylem.php
invoice.99p.ru/assets/jquery-file-upload/server/php/files/ 		956 B
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
b484711c6b42c62cb1ad9efa3995590404f5afdfd0c3309a15ad582cf552013b

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php

Response headers

Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Date
Thu, 23 Sep 2021 19:10:56 GMT
Content-Length
617
Primary Request Cookie set /
invoice.99p.ru/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 / PHP/5.4.24
Resource Hash
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45

Request headers

Host
invoice.99p.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php
Accept-Encoding
gzip, deflate, br
Cookie
d=0; n=Etc/Unknown
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/assets/jquery-file-upload/server/php/files/xylem.php

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/8.0
X-Powered-By
PHP/5.4.24
Set-Cookie
PHPSESSID=fk43vk5kk43ea2hi4qnvj0vuv1; path=/
Date
Thu, 23 Sep 2021 19:10:56 GMT
Content-Length
2207
style.css
invoice.99p.ru/tpl/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice.99p.ru/tpl/css/style.css
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.243.127.158 Tomsk, Russian Federation, ASN31036 (NEWTELESYSTEMS, RU),
Reverse DNS
92-243-127-158.mynts.ru
Software
Microsoft-IIS/8.0 /
Resource Hash
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://invoice.99p.ru/
Cookie
d=0; n=Etc/Unknown; PHPSESSID=fk43vk5kk43ea2hi4qnvj0vuv1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 23 Sep 2021 19:10:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Dec 2017 11:56:46 GMT
Server
Microsoft-IIS/8.0
ETag
"013e31fc06dd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1633
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 19:10:48 GMT
server
ESF
date
Thu, 23 Sep 2021 19:10:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Sep 2021 19:10:48 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
last-modified
Thu, 23 Sep 2021 12:26:15 GMT
etag
"614c4837-1031b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66331
expires
Thu, 23 Sep 2021 20:10:48 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:38:41 GMT
x-content-type-options
nosniff
age
95527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:38:41 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:40:32 GMT
x-content-type-options
nosniff
age
95416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:40:32 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame 6F00
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
F1M2D2R0BMSWJBDY
x-amz-id-2
g+Fr5bfXsk/UgXI9aypgcGge/hnmQPX8QBpr3HwZwHQq83Ge9U6+18OcINEIw3CBXdrYdbq445E=
last-modified
Wed, 09 Jun 2021 00:08:58 GMT
server
cloudflare
etag
W/"cc904f41324148b571599b3b02fdec0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYvU%2BmuLZJa4z25jZ530xZxLuNkaSTNmcA9NjgalNWhofKECvw4ihCvX%2BNcPJ0tQbHtnx7xaUefIYgLXKwk5VnF2WJYpD7dQ8jAQy6nwBl2gDNRzLYdKoUHA9DbYn3nXagUG7wQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
K3SnbkxF6hLvuoHLDwjJyrnNVVhjkbLm
cf-ray
693613403dc85cb0-FRA

Redirect headers

date
Thu, 23 Sep 2021 19:10:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2qDdccGyiO69%2BTLeX%2FywRfBA%2BGtJ41BudpyiIsPE1pmvrepZzw7uk8jFKAmN1%2BTQzpYUQYG49oUFQq7DEmA3tTpL0KgenQkzdMI%2FFP93ZN%2FipEL54%2FIh9TB86sDfL6TxqLfxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
6936133ffec26940-FRA
expires
Thu, 23 Sep 2021 20:10:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
95945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://invoice.99p.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:40 GMT
x-content-type-options
nosniff
age
95948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:40 GMT
mainsms.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 6F00 		631 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/web_widget/mainsms.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28e5ca467138ab4919134fa73170641fefbddc2f5cceaa40bb4a5b0419c4c8d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
x-request-id
7f609376-46c6-4566-b5d0-ccb2345d86c4
x-runtime
0.002792
server
cloudflare
etag
W/"d28e5ca467138ab4919134fa73170641"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3dvkliZlIaZINO%2FSB1%2FnlO09SaRDcZHUuzxIQCc8dC3dYGnLTUAX2uAGoYE2iUI5xk9joGsRyfOfajSDs1sz1wDCSnfDEV1Rf7YeSO5wruzI4tfVKFN%2Fm7hbQAlpChSBw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
693613409f9d5cb6-FRA
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9405.akxBZSLK6zgh0m2xU29QnE3dGhjKVc0wBdm4OfK-t2377RR34J15dUvtW4EE_m-D.m9KS53WMnxf_uoPcTUy5lFc9p8w%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9405.BhCGLHtNNvLLmjxuSw4VhFwFTm7SbgXXxyTo3pZNa0XZDkLicwp3GsX7LLzys3m3fPGvEPd9OW8HlVpgb-KNmQ%2C%2C.alVWKSQr-xHKBe9Yj4DBGyXfJEk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9405.BhCGLHtNNvLLmjxuSw4VhFwFTm7SbgXXxyTo3pZNa0XZDkLicwp3GsX7LLzys3m3fPGvEPd9OW8HlVpgb-KNmQ%2C%2C.alVWKSQr-xHKBe9Yj4DBGyXfJEk%2C
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9405.BhCGLHtNNvLLmjxuSw4VhFwFTm7SbgXXxyTo3pZNa0XZDkLicwp3GsX7LLzys3m3fPGvEPd9OW8HlVpgb-KNmQ%2C%2C.alVWKSQr-xHKBe9Yj4DBGyXfJEk%2C
date
Thu, 23 Sep 2021 19:10:48 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: invoice.99p.ru
URL: https://invoice.99p.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
last-modified
Thu, 23 Sep 2021 08:35:23 GMT
etag
"614c121b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Sep 2021 20:10:48 GMT
web-widget-preload-416078d2328fdddb17be.js
static.zdassets.com/web_widget/latest/ Frame A366 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313510
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54XWRJSR9CJQ4X1
x-amz-id-2
x6t65lba6SMWfBgtdCuccM78u2UnFvHVbWfW8wbLRQwzgX6e1bH1zADPPP2rODyfH6fdjZVvigo=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"9a2c01dc67c2bf7a9e783c0451d450fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXCbxR9gqU1Ne1Pm4d0Vss%2BDWieAs4q%2BYwy%2Fhw523DWpdIjk%2F%2FNcvruhXE8Y3AkuYyu5pU2W50MbqMfrkuzG11YTIW%2Fa%2FbVkzkAtltlZxH1MXKxWNN8ELWq0Tkvxh6pTv1Vkq6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Srkd7MMWrMIxbmaSxf4Q6zSCgHQyx.VZ
cf-ray
69361341ca765cb0-FRA
expires
Sat, 17 Sep 2022 06:57:50 GMT
web-widget-framework-7a0e3c94c555a139ce02.js
static.zdassets.com/web_widget/latest/ Frame A366 		184 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313510
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MXNECAK0XBT9J
x-amz-id-2
R8W9yxIHJjUYUovWOt4UrXAIVF1TVQr2GfY3VvgXE4MS6DRPSLJTAIw43LVX2b+MAg5K2aTxIWs=
last-modified
Fri, 17 Sep 2021 06:57:52 GMT
server
cloudflare
etag
W/"cec54a8b5c79bb251a12a66ce66798c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtSW1J1vDtKbQOwbJn9qv9o2JJZAJ%2FjirvVfnh8saIzDJDYVHgQfQ%2BMQWox2gh59Zend739CKEalkLPVKRqyHvBGtOqFsewquu1nFxxWO9x%2FWN75wrWM637snR4iyroVyWR%2BlvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
_0OWJBCKJnSIFjW_HM6eyShjuGWoRFQr
cf-ray
69361341ca795cb0-FRA
expires
Sat, 17 Sep 2022 06:57:51 GMT
web-widget-chat-sdk-ad0bca0cd862985f164f.js
static.zdassets.com/web_widget/latest/ Frame A366 		203 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2655467
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
95ZJNECBJJPS7GC4
x-amz-id-2
3/yf0H9Zopc/y2rU3QPSJDq1Kko8+MTWJB0LpIH4o+lrmvjTlPRSgMboS3jQnFkxJOtWMq8UFU4=
last-modified
Mon, 23 Aug 2021 23:30:15 GMT
server
cloudflare
etag
W/"093f405bc41723c43486a657a0e1a173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mn5aEvQ9e13Ao8vG64WPlb7Jitw8fr2HZRtqlNn8MpJR8dyHljPTxQETzVPAkz1byx4Nf5cpGtExWe6rTZgQ6YhML%2F8zbwYj9T4hmHz494oCWYwnfpauM5HRruSji8aq22KnNFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
wY3FbPeO1JSLC6dhSs9NxsYVyHmXlIn9
cf-ray
69361341ca7a5cb0-FRA
expires
Tue, 23 Aug 2022 23:30:13 GMT
1
mc.yandex.com/watch/50923805/
Redirect Chain
  • https://mc.yandex.com/watch/50923805?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=...
  • https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charse...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A201%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A705682999926%3Ahid%3A249269058%3Az%3A0%3Ai%3A202109231901048%3Aet%3A1632424248%3Ac%3A1%3Arn%3A156282937%3Arqn%3A1%3Au%3A1632424248894656997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632424248077%3Ads%3A0%2C0%2C84%2C0%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C195%3Adsn%3A0%2C0%2C84%2C1%2C0%2C0%2C%2C109%2C0%2C%2C%2C%2C195%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632424249%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
499ea447651a3ec28e0478051d1ce63cb9f306c906043aed6fbab01a83105caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Sep 2021 19:10:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 23-Sep-2021 19:10:48 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 23-Sep-2021 19:10:48 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Sep 2021 19:10:48 GMT
last-modified
Thu, 23-Sep-2021 19:10:48 GMT
location
/watch/50923805/1?wmode=7&page-url=https%3A%2F%2Finvoice.99p.ru%2F&page-ref=https%3A%2F%2Finvoice.99p.ru%2Fassets%2Fjquery-file-upload%2Fserver%2Fphp%2Ffiles%2Fxylem.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A201%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A705682999926%3Ahid%3A249269058%3Az%3A0%3Ai%3A202109231901048%3Aet%3A1632424248%3Ac%3A1%3Arn%3A156282937%3Arqn%3A1%3Au%3A1632424248894656997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1632424248077%3Ads%3A0%2C0%2C84%2C0%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C195%3Adsn%3A0%2C0%2C84%2C1%2C0%2C0%2C%2C109%2C0%2C%2C%2C%2C195%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1632424249%3At%3A%D0%92%D1%8B%D0%B1%D0%BE%D1%80%20%D0%BE%D1%80%D0%B3%D0%B0%D0%BD%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-Sep-2021 19:10:48 GMT
config
mainsms.zendesk.com/embeddable/ Frame 6F00 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable/config
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://invoice.99p.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-zendesk-origin-server
embeddable-app-server-7c7448ff9b-hswxb
access-control-allow-methods
GET
vary
Origin, Accept-Encoding
x-cached
MISS
x-request-id
693613425ed44e68-SEA, 693613425ed44e68-SEA
x-runtime
0.001634
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7Q0%2BrMJKn0QiGHtKHchJBNln5ssqABkZVAaDz2NJipaa1J%2BFCdF3iOwf4%2F7R3PB8BLbybtrLlFceLwukp5SlESWskkN62KuCJAcA5DjtvAT2vu3QaAs7vfSFZ1QCOULCPQ%2FfYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
693613425ed44e68-FRA
de-de-json-d7ee6cb4b3f57aabe16b.js
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame A366 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
313510
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54RYEY0GNGYVB0W
x-amz-id-2
RThDjIV8MVLASR36XpDFYEPBQhHWm7FHdST+ml6bpeGCoY8XABbZLywvvIHMmoMB+YnGjbtNFY8=
last-modified
Mon, 20 Sep 2021 03:46:48 GMT
server
cloudflare
etag
W/"811ba5198de03eb639ced23b0c55e764"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nE6oGhrWTz1uQLi%2Bi%2Bvwo41B0ZWkvPjCGLyOBE1ikZMgOyTFfw8Zl6MvAuoHnJBrjAQSAdcHbQIwrLEFvyaKQwjcSDPUDfELzkR7F9lHL3M954ldyEk6NgcHTT8f7DrD6pgg%2B3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray
693613439f205cb0-FRA
expires
Tue, 20 Sep 2022 03:46:47 GMT
web-widget-7487-813b8c77d5c0e8d0d00a.js
static.zdassets.com/web_widget/latest/ Frame A366 		340 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-7487-813b8c77d5c0e8d0d00a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23309
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQM0E70QGHCFB2W
x-amz-id-2
73YkqsuaQuQouNKAJNmd9CYRpz95lz5ew7jn31aI//rFfG4WhCepV9jPj5+j+trCfNeAKAro5KM=
last-modified
Mon, 13 Sep 2021 23:45:48 GMT
server
cloudflare
etag
W/"b09bbdba067caac0d4cefb3cc1142b84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMXvtEGc%2Fba%2FWdgOo%2BClKZCcWtlO7EJ2NZ3PJNzX2JzhWKBZADTyY9UE1l87ekYdImTo6XecktD5SehZmLrYzTRBBXCddNxUQqIOi6lygygjCLVLNq1fsMHsK6RZ8bCpc9r%2BVe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
uS5dZl.YNc6jj_t0cS60aE2lFJFk5MUV
cf-ray
693613439f285cb0-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web-widget-2765-b06562d67a25c346a78a.js
static.zdassets.com/web_widget/latest/ Frame A366 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-2765-b06562d67a25c346a78a.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
763029
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
QYQHM1QNYA499P06
x-amz-id-2
pa0g6ApCgS/+jXCeilPIWv7QwYYuEvV5aW001nS6JgjsCWL+ovvF0P60U1v0o1SoJDD/9i6ALrI=
last-modified
Mon, 13 Sep 2021 23:45:49 GMT
server
cloudflare
etag
W/"0bc1a1b4bd1a31033986b000da94d291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6hv21BARr7DOk78fdGLZbyai2M8LNHJGQ%2BlYOUZ%2BWUYT9x8zK1emGrbFdRt6HUiJ0XjFvtAPIhb3CzcEECE%2BZekSBDjcjn1IURqfUuuPUE9%2FckHU5%2F29E05u4Wwhgj9JKx7Zl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
A1v2De1d.Np63il34KlS.L5PoKQUdcZa
cf-ray
693613439f2c5cb0-FRA
expires
Tue, 13 Sep 2022 23:45:47 GMT
web_widget-945b35e58f786cf38aa6.js
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame A366 		419 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-945b35e58f786cf38aa6.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:48 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1669
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
C54MY2XQ2Y223YP0
x-amz-id-2
Fxe0iIQjuLUItO8iTkrGzDLbs3FlFqqXhaI/7bI+fKQsXJnHBRoQ7YDxqRLThnMgBCqrhGWJqtE=
last-modified
Mon, 20 Sep 2021 03:45:54 GMT
server
cloudflare
etag
W/"68ed4c61becc367ee01cafbf4cb0c6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZQ0bQUg1n6lfUD6U%2BGa8BqjeGmSF98isoo7uuBczBNIvArtc7XQ2GPjOa65fpvnHTQrt8hFd3kByUvB7A5ToaqIGhSvxg97NKmvO5GC%2BEY%2B4sg0lD4OQCsNjsX9OVJVAEEboBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
KAn5UqkYYSyktntPcUhTA9XmloUei0lV
cf-ray
69361343af315cb0-FRA
expires
Tue, 20 Sep 2022 03:45:53 GMT
embeddable_blip
mainsms.zendesk.com/ Frame A366 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiJhMmQ3ZDgwZDU4Y2QyZDU2NGViZDM2ZDkzY2RhYWIwNSIsInN1aWQiOiI2MDhjNjJhZmNlNzU2YTgzZjY2YjVmNDM4YTkzNjUzNCIsInZlcnNpb24iOiJmZDBhMDI1MzEiLCJ0aW1lc3RhbXAiOiIyMDIxLTA5LTIzVDE5OjEwOjQ4Ljk5OFoiLCJ1cmwiOiJodHRwczovL2ludm9pY2UuOTlwLnJ1LyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iT0y4b4KYf8YDf3N3pWEpY%2Fe%2F3wmSOKLyTpCMi91EcdEiNuA3YdQO3CHrOWu52sc9ABkdpejGgT6DBEwaIQ0gSl6v7YOONYIh%2BVcMCDlWhqMFlydLnf5igKcVUA7YlGv6Zg1mnA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
693613444b084e68-FRA
vary
Accept-Encoding
content-length
0
x-request-id
d69ca029451f73af13f5f529e4ac4a2d
embeddable_blip
mainsms.zendesk.com/ Frame A366 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mainsms.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9pbnZvaWNlLjk5cC5ydS9hc3NldHMvanF1ZXJ5LWZpbGUtdXBsb2FkL3NlcnZlci9waHAvZmlsZXMveHlsZW0ucGhwIiwidGltZSI6MzEsImxvYWRUaW1lIjpudWxsLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoi0JLRi9Cx0L7RgCDQvtGA0LPQsNC90LjQt9Cw0YbQuNC4IiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOmZhbHNlLCJ2aWV3cG9ydE1ldGEiOiIiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6ImEyZDdkODBkNThjZDJkNTY0ZWJkMzZkOTNjZGFhYjA1Iiwic3VpZCI6IjYwOGM2MmFmY2U3NTZhODNmNjZiNWY0MzhhOTM2NTM0IiwidmVyc2lvbiI6ImZkMGEwMjUzMSIsInRpbWVzdGFtcCI6IjIwMjEtMDktMjNUMTk6MTA6NDkuMDMwWiIsInVybCI6Imh0dHBzOi8vaW52b2ljZS45OXAucnUvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-7a0e3c94c555a139ce02.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:49 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZahRQRw6XzmoNxpGxSbZMDquHcz3VAzDEOuG8%2BORDfVnNbbg2gx0I72sUp8G1WHi8ZU47J0LIXVN0hmL7XESCutUcy8GxOKT5hXjpHhN%2FzD%2BDa6kg1a97Fwr1UYAs%2B3js9FWSss%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://invoice.99p.ru
accept-ranges
bytes
cf-ray
693613447b654e68-FRA
vary
Accept-Encoding
content-length
0
x-request-id
fa61e0fdbfaf5cc3747454444cc46f65
web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
static.zdassets.com/web_widget/latest/ Frame A366 		337 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-416078d2328fdddb17be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 19:10:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4157884
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
9AW2YY408XKP0231
x-amz-id-2
fGF32ljqWCA8gjtXkLN42kSJahmTO/DUTZOgF/jjvedL3OXevEaJ64pndhlimfkF8//j4AFGC30=
last-modified
Fri, 06 Aug 2021 01:28:06 GMT
server
cloudflare
etag
W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZvsJPOvecSpYDkyAmrYp8Fou9zDyBZNbSaATEMTMhYvpfrM2BHssi1Ed020vpkvICpaYJzPD7mAKZJHsZ%2Fb3bOcW3CAeHBh2tHsycpsH2D6FacGyw9Afko%2BymApokYM3E0AbrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
AUc5ye9EUODlEErT0NHTaToq3MoNYX1U
cf-ray
693613467ec75cb0-FRA
expires
Sat, 06 Aug 2022 01:28:05 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame A366 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 23 Sep 2021 19:10:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MX19S13KNE8TQA0P
x-amz-server-side-encryption
AES256
cf-ray
693613469f365cb0-FRA
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
nnB8cYs5DEtHGTcTjweQyrAw0wi/Esrkw6M6udvrZFyldf0muu+I9HFMUdb1VfVZn3eHflktYoo=
last-modified
Thu, 23 Sep 2021 08:42:25 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXSAoPMOWSt2uA1%2BJ%2F8mw0npTF3u%2B%2FkS8dyUUkJgE9paOggj939stdvZ%2FHtXHYcrF17hfCtmUih4uubxvWrwya1FTPm7QIroVnYmwJfqx63ojcWV%2BQ8n9nRU0JA89ajoqXvWvPk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
m_ClK9mQYxvfgpg2kDuEV00rXLbT_pg.
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
audio/mpeg; charset=utf-8
expires
Fri, 23 Sep 2022 08:42:24 GMT
50923805
mc.yandex.com/webvisor/ 		43 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=249269058&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=841963862&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1632424251%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A202109231901050%3Au%3A1632424248894656997%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632424251
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Sep 2021 19:10:50 GMT
last-modified
Thu, 23-Sep-2021 19:10:50 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 23-Sep-2021 19:10:50 GMT
50923805
mc.yandex.com/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/50923805?wmode=0&wv-part=1&wv-hit=249269058&page-url=https%3A%2F%2Finvoice.99p.ru%2F&rn=949505464&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1632424251%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A202109231901050%3Au%3A1632424248894656997%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1632424251
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://invoice.99p.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Sep 2021 19:10:50 GMT
last-modified
Thu, 23-Sep-2021 19:10:50 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://invoice.99p.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 23-Sep-2021 19:10:50 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster function| zEmbed function| zE object| Ya object| yaCounter50923805 boolean| zEACLoaded function| $zopim

16 Cookies

Domain/Path Name / Value
invoice.99p.ru/ Name: d
Value: 0
invoice.99p.ru/ Name: n
Value: Etc/Unknown
invoice.99p.ru/ Name: PHPSESSID
Value: fk43vk5kk43ea2hi4qnvj0vuv1
.99p.ru/ Name: _ym_uid
Value: 1632424248894656997
.99p.ru/ Name: _ym_d
Value: 1632424248
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4041216053fake
.99p.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2729832265fake
.yandex.com/ Name: yandexuid
Value: 7697870301632424248
.yandex.com/ Name: yuidss
Value: 7697870301632424248
mc.yandex.com/ Name: yabs-sid
Value: 2106879421632424248
.yandex.com/ Name: i
Value: Um3L2WafsInTHnfok2Vo4o8/b5qBIy1EO1Q+/ep4pEwRQzUtKbGaKlVJE/vVXXlklsBs0qKB7Wccydq+t+mARlZtcJ4=
.yandex.com/ Name: ymex
Value: 1663960248.yrts.1632424248#1663960248.yrtsi.1632424248
.99p.ru/ Name: _ym_visorc
Value: w
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: fVY8mO9RZYm1uUITvlj2UK1USitABGQlURCNzHCxTcLoShzhd/c+p1o0AwZwpXbNY71otTQ5Pp3Nrj22u8+xA8PT6+V7GrKFbqYKdJjOPPxxqVNFtpMiqAAy6yte
.99p.ru/ Name: __zlcmid
Value: 16DkLyPivcMUP1d

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9405.BhCGLHtNNvLLmjxuSw4VhFwFTm7SbgXXxyTo3pZNa0XZDkLicwp3GsX7LLzys3m3fPGvEPd9OW8HlVpgb-KNmQ%2C%2C.alVWKSQr-xHKBe9Yj4DBGyXfJEk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zendesk.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
invoice.99p.ru
mainsms.zendesk.com
mc.yandex.com
mc.yandex.ru
static.zdassets.com
104.16.51.111
104.18.70.113
104.18.72.113
142.250.185.170
172.217.23.99
92.243.127.158
93.158.134.119
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0d18a4f698085a553676aa2162095dba96210ff895050bf06124cf5f9b282646
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
2527b9c7c260faf84f105531488710bd08812666b7f03424562ed0f83ebf4c7d
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
499ea447651a3ec28e0478051d1ce63cb9f306c906043aed6fbab01a83105caa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6d12fa6db9802cea97ad9c7448d9e12de4c2e261ae7239136899bc3a9b008122
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85adac1931ad9cf9560be6d8bfee3a178b01d2036d47c18d84d5dedc37b26c45
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
b484711c6b42c62cb1ad9efa3995590404f5afdfd0c3309a15ad582cf552013b
c322a7503a4e53b8b3ede9c57b7f4a4d8b76d09ccbff2d653672d1860a2c7c26
c395d504fb7a48bf0331277cfbd02463fe12e2a299c03c58957be2cccbe53540
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
d28e5ca467138ab4919134fa73170641fefbddc2f5cceaa40bb4a5b0419c4c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e